Module Question 6
1. What are the core principles of GDPR (e.g., data minimization, purpose limitation)?
| Answer :
The General Data Protection Regulation (GDPR) is built on several key principles to ensure data is handled ethically. Data Minimization dictates that a business should only collect the specific data necessary to achieve a task, nothing more. Purpose Limitation means that data collected for one reason (e.g., shipping a product) cannot be used for another unrelated reason (e.g., selling the email to a third party) without new consent. Other principles include Accuracy (keeping data up to date), Storage Limitation (deleting data when no longer needed), and Integrity and Confidentiality (ensuring strong security measures). |
2. What is “personal data” or “Personally Identifiable Information (PII)”? Provide five examples.
| Answer :
Personal Data or Personally Identifiable Information (PII) refers to any information that can be used on its own or with other information to identify, contact, or locate a single person. It is the “digital footprint” that belongs exclusively to an individual. Five Examples:
|
3. How can a digital business ensure it gets proper consent from users before collecting their data?
| Answer :
To ensure “proper consent,” a digital business must follow the “Freely Given, Specific, Informed, and Unambiguous” standard. This means using clear, non-legal language to explain what data is being collected and why. Businesses should avoid “pre-ticked” boxes; instead, users must take a positive action (like clicking “I Agree”) to opt-in. Additionally, the business must provide an easy way for users to withdraw consent at any time. A clear, accessible Privacy Policy link near the sign-up button is a standard way to ensure the user is fully informed before they agree. |
Status: 100%
Keterangan: Sudah mengerjakan tugas dengan baik dan benar.
