In the Asia-Pacific Economic Cooperation (APEC) Privacy Framework, what exception is allowed to
the Access and Correction principle?
B
Reference:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwj5zqzzs_jwAh
XDRBUIHUjACjcQFjAAegQIBhAD&url
=https%3A%2F%2Fwww.apec.org%2F-%2Fmedia%2FAPEC%2FPublications%2F2005%2F12%2FAPEC-
Privacy-Framework%2F05_ecsg_privacyframewk.pdf&usg=AOvVaw0O1-P2AWJ-BA0TYPGcIJgD
How can the privacy principles issued in 1980 by the Organisation for Economic Cooperation and
Development (OECD) be defined?
B
Reference:
https://www.oecd.org/sti/ieconomy/oecd_privacy_framework.pdf
(page 3)
Which concept is NOT an element of Cross Border Privacy Rules (CBPR)?
B
Reference:
https://www.apec.org/About-Us/About-APEC/Fact-Sheets/What-is-the-Cross-Border-
Privacy
- Rules-System
What term is defined by the European Commission to mean any data that relates to an identified or
identifiable individual?
C
Reference:
https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data_en
What personal information is considered sensitive in almost all countries with privacy laws?
B
Reference:
https://www.burges-salmon.com/news-and-insight/legal-updates/gdpr-personal-data-
and-sensitive- personal-data/
Which jurisdiction was the first to consider IP addresses to be personal information?
D
In the area of human rights, what separates Singapore from many other Asian countries?
B
Reference:
https://www.fidh.org/en/region/asia/singapore/government-s-response-to-un-review-a-
major- setback-for-human-rights
Besides the Personal Data Protection Act (PDPA), which of the following is a potential source of
privacy protection for Singapore citizens?
A
Which of the following would NOT be exempt from Singapore’s PDPA?
D
SCENARIO – Please use the following to answer the next QUESTION:
Delilah is seeking employment in the marketing department of Good Mining Private Limited, an
industry leader in drilling mines in Singapore. Delilah, while filling in the standard paper application
form, is asked to provide details about emergency contacts, medical history, blood type and her
insurance policy. These fields need to be filled in no matter which department Delilah applies to. The
form also asks Delilah to expressly consent to the collection, use and disclosure of her personal data.
A week after submitting the form, Delilah is invited by Evan, the Director of Marketing at Good
Mining, to coffee. Just before Delilah leaves, she gives her business card containing her current
business contact information to Evan. Evan then uses the business card to add Delilah's details to
Good Mining's business development database, which is kept on a local server. Good Mining uses the
database to inform people about networking and client events that Good Mining organizes.
Why is it legal for Evan to add the information on Delilah's business card to the business
development
database?
B
SCENARIO – Please use the following to answer the next QUESTION:
Delilah is seeking employment in the marketing department of Good Mining Private Limited, an
industry leader in drilling mines in Singapore. Delilah, while filling in the standard paper application
form, is asked to provide details about emergency contacts, medical history, blood type and her
insurance policy. These fields need to be filled in no matter which department Delilah applies to. The
form also asks Delilah to expressly consent to the collection, use and disclosure of her personal data.
A week after submitting the form, Delilah is invited by Evan, the Director of Marketing at Good
Mining, to coffee. Just before Delilah leaves, she gives her business card containing her current
business contact information to Evan. Evan then uses the business card to add Delilah's details to
Good Mining's business development database, which is kept on a local server. Good Mining uses the
database to inform people about networking and client events that Good Mining organizes.
Why is Good Mining Private's standard form NOT compliant with Singapore's data protection law?
D
Which of the following does Singapore's PDPC NOT have the power to do?
D
Reference:
https://www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Advisory-Guidelines/Advisory-
Guidelines- on-Enforcement-of-DP-Provisions-1-Feb-2021.pdf?la=en
SCENARIO – Please use the following to answer the next QUESTION:
Singabank is a boutique bank in Singapore. After being notified during the hiring process, Singabank
employees are subject to constant and thorough monitoring and tracking through CCTV cameras,
computer monitoring software and keyboard loggers. Singabank does this to ensure its employees
are complying with Singabank's data security policy. Bigbank is now considering acquiring
Singabank's retail banking division. As part of its due diligence, Bigbank is seeking for Singabank to
disclose to it all of its surveillance material on its employees, whether or not they are part of the
retail banking division. Jimmy works in Singabank's investment banking division.
What would make Singabank's monitoring of its employees illegal?
A
SCENARIO – Please use the following to answer the next QUESTION:
Singabank is a boutique bank in Singapore. After being notified during the hiring process, Singabank
employees are subject to constant and thorough monitoring and tracking through CCTV cameras,
computer monitoring software and keyboard loggers. Singabank does this to ensure its employees
are complying with Singabank's data security policy. Bigbank is now considering acquiring
Singabank's retail banking division. As part of its due diligence, Bigbank is seeking for Singabank to
disclose to it all of its surveillance material on its employees, whether or not they are part of the
retail banking division. Jimmy works in Singabank's investment banking division.
Assuming the monitoring was legal, can Singabank disclose Jimmy's personal data to Bigbank?
C
In which of the following cases would a Singaporean be prevented from accessing information about
herself from an organization?
B