BD308 – Cyber Security – Fariid Alam Saputra – 2581485755

Module Question 6

  1. What are the core principles of GDPR (e.g., data minimization, purpose limitation)?
  2. What is “personal data” or “Personally Identifiable Information (PII)”? Provide five examples.
  3. How can a digital business ensure it gets proper consent from users before collecting their data?

Status: 100% sudah tercapai

Keterangan: Saya sudah mengerjakan tugas essay ini dengan baik dan benar

Bukti:

  1. The core principles of GDPR ensure that personal data is handled responsibly, transparently, and securely, guiding how organizations collect and use data.

    • Lawfulness, fairness, and transparency: Data must be collected legally, treated fairly, and used in a way that people clearly understand.
    • Purpose limitation: Data should only be collected for a specific purpose and not used for something else without permission.
    • Data minimization: Only collect the data that is truly necessary.
    • Accuracy: Data must be kept up to date and corrected if needed.
    • Storage limitation: Data should not be kept longer than necessary.
    • Integrity and confidentiality: Data must be protected from unauthorized access or breaches.
    • Accountability: Organizations must follow these principles and be able to prove it.
  2. Personal data or Personally Identifiable Information (PII) refers to any information that can identify a person, either directly or indirectly.

    This means data that can be used on its own or combined with other information to recognize someone.

    Examples:

    1. Full name
    2. Email address
    3. Phone number
    4. National ID number (e.g., passport or ID card)
    5. Home address
  3. A digital business can ensure proper user consent by being clear, honest, and giving users full control over their data.

    • Be transparent: Clearly explain what data is collected, why it’s needed, and how it will be used.
    • Use clear language: Avoid complex legal terms so users can easily understand.
    • Ask for explicit consent: Use opt-in methods (like unchecked boxes), not automatic or hidden consent.
    • Give real choice: Users should be able to accept or reject data collection freely.
    • Allow withdrawal: Make it easy for users to change their mind and withdraw consent anytime.
    • Keep records: Store proof that consent was given.
Previous Post Previous Post
Newer Post Newer Post

Leave a comment