Module Question 6
- What are the core principles of GDPR (e.g., data minimization, purpose limitation)?
- What is “personal data” or “Personally Identifiable Information (PII)”? Provide five examples.
- How can a digital business ensure it gets proper consent from users before collecting their data?
Status: 100% sudah tercapai
Keterangan: Saya sudah mengerjakan tugas essay ini dengan baik dan benar
Bukti:
-
The core principles of GDPR ensure that personal data is handled responsibly, transparently, and securely, guiding how organizations collect and use data.
- Lawfulness, fairness, and transparency: Data must be collected legally, treated fairly, and used in a way that people clearly understand.
- Purpose limitation: Data should only be collected for a specific purpose and not used for something else without permission.
- Data minimization: Only collect the data that is truly necessary.
- Accuracy: Data must be kept up to date and corrected if needed.
- Storage limitation: Data should not be kept longer than necessary.
- Integrity and confidentiality: Data must be protected from unauthorized access or breaches.
- Accountability: Organizations must follow these principles and be able to prove it.
-
Personal data or Personally Identifiable Information (PII) refers to any information that can identify a person, either directly or indirectly.
This means data that can be used on its own or combined with other information to recognize someone.
Examples:
- Full name
- Email address
- Phone number
- National ID number (e.g., passport or ID card)
- Home address
-
A digital business can ensure proper user consent by being clear, honest, and giving users full control over their data.
- Be transparent: Clearly explain what data is collected, why it’s needed, and how it will be used.
- Use clear language: Avoid complex legal terms so users can easily understand.
- Ask for explicit consent: Use opt-in methods (like unchecked boxes), not automatic or hidden consent.
- Give real choice: Users should be able to accept or reject data collection freely.
- Allow withdrawal: Make it easy for users to change their mind and withdraw consent anytime.
- Keep records: Store proof that consent was given.
