The "Consumer Privacy Bill of Rights" presented in a 2012 Obama administration report is generally based on?

A. The 1974 Privacy Act

B. Common law principles

C. European Union Directive

D. Traditional fair information practices

Read this notice:

Our website uses cookies. Cookies allow us to identify the computer or device you're using to access the site, but they don't identify you personally. For instructions on setting your Web browser to refuse cookies, click here.

What type of legal choice does not notice provide?

A. Mandatory

B. Implied consent

C. Opt-in

D. Opt-out

SCENARIO

Please use the following to answer the next question:

A US-based startup company is selling a new gaming application. One day, the CEO of the company receives an urgent letter from a prominent EU-based retail partner. Triggered by an unresolved complaint lodged by an EU resident, the

letter describes an ongoing investigation by a supervisory authority into the retailer's data handling practices.

The complainant accuses the retailer of improperly disclosing her personal data, without consent, to parties in the United States. Further, the complainant accuses the EU-based retailer of failing to respond to her withdrawal of consent and request for erasure of her personal data. Your organization, the US-based startup company, was never informed of this request for erasure by the EU-based retail partner. The supervisory authority investigating the complaint has threatened the suspension of data flows if the parties involved do not cooperate with the investigation. The letter closes with an urgent request: "Please act immediately by identifying all personal data received from our company."

This is an important partnership. Company executives know that its biggest fans come from Western Europe; and this retailer is primarily responsible for the startup's rapid market penetration.

As the Company's data privacy leader, you are sensitive to the criticality of the relationship with the retailer.

At this stage of the investigation, what should the data privacy leader review first?

A. Available data flow diagrams

B. The text of the original complaint

C. The company's data privacy policies

D. Prevailing regulation on this subject

Which of the following is NOT one of three broad categories of products offered by data brokers, as identified by the U.S. Federal Trade Commission (FTC)?

A. Research (such as information for understanding consumer trends).

B. Risk mitigation (such as information that may reduce the risk of fraud).

C. Location of individuals (such as identifying an individual from partial information).

D. Marketing (such as appending data to customer information that a marketing company already has).

What was unique about the action that the Federal Trade Commission took against B.J.'s Wholesale Club in 2005?

A. It made third-party audits a penalty for policy violations.

B. It was based on matters of fairness rather than deception.

C. It was the first substantial U.S.-EU Safe Harbor enforcement.

D. It made user consent mandatory after any revisions of policy.