CIPP-A Online Practice Questions and Answers

Which of the following would NOT be exempt from Singapore's PDPA?

A. A government automobile registration website.

B. A private party room at a popular restaurant.

C. A documentary filmed at a rock concert.

D. A video from a store's dosed-circuit TV.

SCENARIO

SCENARIO

How was the Supreme Court's ruling in the Maneka Gandhi v Union of India case significant to Indian law?

A. It expanded the interpretation of right to life under Article 21 of the Constitution.

B. It established that privacy is a fundamental right granted by the Constitution under Article 21.

C. It upheld that the impounding of passports for "public interest" is allowable under Section 10(3)(c) of the Passports Act.

D. It ruled that under Article 32 of the Constitution individuals may file writ petitions when they feel their rights were violated.

How is the transparency of the complaint process treated in both Hong Kong and Singapore?

A. A complainant must alert all individuals potentially affected by the complaint.

B. Investigations into complaints in Hong Kong and Singapore are open to the public.

C. The Hong Kong and Singapore Commissioner may require the complainants to identify themselves before carrying out any investigation into the complaint.

D. The Hong Kong and Singapore commissioners are obliged to start investigations when receiving a complaint and inform the respondent of the personal details of the complainant.

Under the General Data Protection Regulation (GDPR), European Union member states may be allowed to transfer personal data to the United States in some cases.

Which of the following could NOT be used as a legitimate means of doing this?

A. A consent derogation.

B. A certification mechanism.

C. Privacy Shield.

D. Ad-hoc contractual clauses.

In enforcement cases, what is Singapore's Personal Data Protection Commission (PDPC) obligated to do?

A. Publish the decisions it makes regarding complaints.

B. Provide the complainant with a way to appeal a decision.

C. Publish the name of an organization named in a complaint.

D. Intervene in civil actions to provide assistance to complainants.

In Hong Kong, which of the following are exempt from personal data access requests until after the project to which the data is related has been concluded?

A. Hospital administrators.

B. Financial institutions.

C. News organizations.

D. Non-profit groups.

In Singapore, a potential employer can collect all of the following data on an individual in the pre-employment phase EXCEPT?

A. Postings from social media websites.

B. Information from a background check.

C. Information about the individual's children.

D. The individual's university attendance records.

Which Indian institution is vested with powers under the Credit Information Companies (Regulation) Act of 2005?

A. The Reserve Bank of India.

B. The National Housing Bank.

C. The Oriental Bank of Commerce.

D. The Securities and Exchange Board of India.