What term is defined by the European Commission to mean any data that relates to an identified or identifiable individual?

A. Personally identifiable information.

B. Sensitive information.

C. Personal data.

D. Identified data.

Which jurisdiction was the first to consider IP addresses to be personal information?

A. India.

B. Hong Kong.

C. The United States.

D. The European Union.

Which of the following would NOT be exempt from Singapore's PDPA?

A. A government automobile registration website.

B. A private party room at a popular restaurant.

C. A documentary filmed at a rock concert.

D. A video from a store's dosed-circuit TV.

Which of the following entities do NOT fall under India's Right to Information Act of 2005?

A. High courts.

B. State legislatures.

C. Law enforcement agencies.

D. National Security Guard.

SCENARIO

How is the transparency of the complaint process treated in both Hong Kong and Singapore?

A. A complainant must alert all individuals potentially affected by the complaint.

B. Investigations into complaints in Hong Kong and Singapore are open to the public.

C. The Hong Kong and Singapore Commissioner may require the complainants to identify themselves before carrying out any investigation into the complaint.

D. The Hong Kong and Singapore commissioners are obliged to start investigations when receiving a complaint and inform the respondent of the personal details of the complainant.

In what case would a foreign company NOT be liable for breaches of Singapore's PDPA?

A. If it has a physical office in Singapore.

B. If it is storing information in Singapore.

C. If it is collecting personal information in Singapore.

D. If it collects information from Singaporeans living abroad.

In 2015, Section 66A of India's IT Act was ruled unconstitutional.

What did this section previously prohibit?

A. Publishing images with sexually explicit content.

B. Tampering with computer source documents.

C. Publishing private images of others.

D. Sending offensive messages.

What clarification did India make in a 2011 Press Note regarding their Sensitive Personal Data Rules?

A. That the rules apply to data subjects located outside of India.

B. That the rules apply to persons or companies collecting sensitive data within India.

C. That the data processor must provide notice to the data subject before data is processed.

D. That sensitive personal data or information includes passwords, financial information, medical records, and biometric information.

Based on the model contract released by the Privacy Commissioner for Personal Data (PDPC), Hong Kong, all of the following sections are recommended to be put into a contract to address Ordinance 33 (Data transfer/export) of Hong Kong's Personal Data Privacy Ordinance (PDPO) EXCEPT?

A. Liability and indemnity.

B. Exemptions and Definitions.

C. Termination of the contract.

D. Obligations of the Transferee.

E. None of the above.