CHAPTER 4: PRIVACY 1. Title III of the Wiretap Act allows state and federal law enforcement officials to use wiretapping without requiring them to obtain warrants. a. True b.
False
ANSWER: False 2. The Constitution does not contain the word privacy, but the Supreme Court has ruled that the concept of privacy is protected by the Bill of Rights. a. True b.
False
ANSWER: True 3. A vehicle event data recorder (EDR) is a device that records vehicle and occupant data for a few seconds before, during, and after any vehicle crash that is severe enough to deploy the vehicle’s air bags. a. True b.
False
ANSWER: True 4. Online marketers can capture personal information, such as names, addresses, and Social Security numbers without requiring consent. a. True b.
False
ANSWER: False 5. The U.S. has a single, overarching national data privacy policy. a. True b.
False
ANSWER: False 6. American citizens are protected by the Fourth Amendment even when there is no reasonable expectation of privacy. a. True b.
False
ANSWER: False 7. Information privacy is the combination of communications privacy and data privacy. a. True b.
False
Chapter 4: Privacy ANSWER: True
Chapter 4: Privacy 8. The Health Insurance Portability and Accountability Act requires healthcare organizations to employ standardized electronic transactions, codes, and identifiers to enable them to fully digitize medical records thus making it possible to exchange medical records over the Internet. a.
True
b.
False
ANSWER: True 9. Electronically stored information includes any form of digital information stored on any form of electronic storage device. a. True b.
False
ANSWER: True 10. The rights assigned to parents by the Family Educational Rights and Privacy Act transfer to the student once the student reaches the age of 21. a. True b.
False
ANSWER: False 11. A pen register is a device that records the originating number of incoming calls for a particular phone number. a. True b.
False
ANSWER: False 12. The cost of a data breach can be quite expensive, by some estimates nearly $200 for each record lost. a. True b.
False
ANSWER: True 13. The use of cookies and tracking software is controversial because companies can collect information about consumers without their explicit permission. a. True b.
False
ANSWER: True 14. A National Security Letter is subject to judicial review and oversight. a. True b.
False
Chapter 4: Privacy ANSWER: False
Chapter 4: Privacy 15. The use of information technology in business requires balancing the needs of those who use the information that is collected against the rights and desires of the people whose information is being used. a. True b.
False
ANSWER: True 16. Under the USA PATRIOT Act, the FBI can issue a National Security Letter to compel banks, Internet service providers, and credit reporting companies to turn over information about their customers without a court order simply of the basis that the information is needed for an ongoing investigation. a. True b.
False
ANSWER: True 17. The Foreign Intelligence Surveillance Act describes procedures for the electronic surveillance of communications between foreign powers and the agents of foreign powers. a. True b.
False
ANSWER: True 18. Under the Right to Financial Privacy Act, a financial institution can release a customer’s financial records without the customer's authorization as long as it is a government authority that is seeking the records. a. True b.
False
ANSWER: False 19. The USA PATRIOT Act grants citizens the right to access certain information and records of federal, state, and local governments upon request. a. True b.
False
ANSWER: False 20. Electronic discovery is the collection, preparation, review, and production of electronically stored information for use in criminal and civil actions and proceedings. a. True b.
False
ANSWER: True 21. The European Union Data Protection Directive requires member countries to ensure that data transferred to non- European Union countries is protected. a. True
Chapter 4: Privacy b.
False
ANSWER: True 22. Through the use of cookies, a Web site is able to identify visitors on subsequent visits. a. True b.
False
ANSWER: True 23. The Privacy Act of 1974 extends to the actions of the CIA, U.S. law enforcement agencies, and the private industry. a. True b.
False
ANSWER: False 24. There is virtually no way to limit the deposit of cookies on a user's hard drive. a. True b.
False
ANSWER: False 25. The Gramm-Leach-Bliley Act includes three key rules that affect personal privacy: financial privacy rule, safeguards rule, and pretexting rule. a. True b.
False
ANSWER: True 26. The pretexting rule addresses attempts by people to access personal information without proper authority by such means as impersonating an account holder or phishing. a. True b.
False
ANSWER: True 27. Public sector employees have far greater privacy rights than those in private industry because the Fourth Amendment does not limit how a private employer treats its employees. a. True b.
False
ANSWER: True 28. Exemptions to the Freedom of Information Act bar disclosure of information that could compromise national security or interfere with an active law enforcement investigation. a. True
Chapter 4: Privacy b.
False
ANSWER: True
Chapter 4: Privacy 29. Advocates of advanced surveillance technology argue that people have no legitimate expectation of privacy in a public place, and thus Fourth Amendment privacy rights do not apply. a. True b.
False
ANSWER: True 30. The Glass-Steagall Act allows consumers to obtain a free credit report once each year from each of the three primary consumer credit reporting companies. a. True b.
False
ANSWER: False 31. The Foreign Intelligence Surveillance Act: a. extends the protections offered under the Wiretap Act to electronic communications, such as email, fax, and messages sent over the Internet. b. was passed by Congress in 1994 and amended both the Wiretap Act and the Electronic Communications Privacy Act. c. requires any company doing business within the borders of the countries comprising the European Union to implement a set of privacy directives on the fair and appropriate use of information. d. allows surveillance, without court order, within the United States for up to a year unless the "surveillance will acquire the contents of any communication to which a U.S. person is a party." ANSWER: d 32. In the context of the Fourth Amendment, the courts have ruled that . a. recordings by the FBI of various telephone calls made by a U.S. citizen from a public phone booth do not violate an individual’s privacy b. Federal agents can listen to phone conversations of U.S. citizens without a warrant c. without a reasonable expectation of privacy, there is no privacy right d. the Fourth Amendment is no longer valid ANSWER: c 33. Under the , financial institutions must provide a privacy notice to each consumer that explains what data about the consumer is gathered, with whom that data is shared, how the data is used, and how the data is protected. a. Fair Credit Reporting Act b. Health Insurance Portability and Accountability Act c. Gramm-Leach-Bliley Act d. USA PATRIOT Act ANSWER: c
Chapter 4: Privacy 34. The concept of privacy is . a. defined in the U.S. constitution b. protected even when there is no reasonable expectation of privacy c. violated by the Fourth Amendment d. protected by the Bill of Rights ANSWER: d 35. The Health Insurance Portability and Accountability Act requires healthcare providers to obtain from patients prior to disclosing any information in their medical records. a. payment for all services rendered b. a social security number c. a second opinion d. written consent ANSWER: d 36. The Children’s Online Privacy Protection Act . a. was found to be unconstitutional b. is meant to give Web masters control over the collection, use, and disclosure of children’s personal information c. does not cover the dissemination of information to children d. requires the installation of Internet filters in public libraries ANSWER: c 37. Title I of the extends the protections offered under the Wiretap Act to electronic communications, such as fax and messages sent over the Internet. a. Foreign Intelligence Surveillance Act b. Electronic Communications Privacy Act c. Communications Assistance for Law Enforcement Act d. USA PATRIOT Act ANSWER: b 38. The prohibits unauthorized access to stored wire and electronic communications, such as the contents of email inboxes, instant messages, message boards, and social networking sites. a. Foreign Intelligence Surveillance Act b. Electronic Communications Privacy Act c. USA PATRIOT Act d. Communications Assistance for Law Enforcement Act ANSWER: b 39. The prohibits the government from concealing the existence of any personal data record-keeping systems.
Chapter 4: Privacy a. Fair Information Practices Act c. Privacy Act
b. USA PATRIOT Act d. Freedom of Information Act
ANSWER: c 40. Under the , the Federal Communications Commission responded to appeals from the Department of Justice by requiring providers of Internet phone services and broadband services to ensure that their equipment accommodated the use of law enforcement wiretaps. a. USA PATRIOT Act b. Communications Assistance for Law Enforcement Act c. Electronic Communications Privacy Act d. Foreign Intelligence Surveillance Act ANSWER: b 41. The gave sweeping new powers both to domestic law enforcement and international intelligence agencies, including increasing the ability of law enforcement agencies to search telephone, email, medical, financial, and other records. a. Health Insurance Portability and Accountability Act b. Communications Assistance for Law Enforcement Act c. USA PATRIOT Act d. Foreign Intelligence Surveillance Act ANSWER: c 42. The outlines who may access a user's credit information, how users can find out what is in their file, how to dispute inaccurate data, and how long data is retained. a. Gramm-Leach-Bliley Act b. Fair Credit Reporting Act c. Credit CARD Act d. Federal Credit Union Act ANSWER: b 43. In 2008, the granted expanded authority to collect, without court-approved warrants, international communications as they flow through U.S. telecom network equipment and facilities. a. USA PATRIOT Act b. Foreign Intelligence Surveillance Act Amendments Act c. Electronic Communications Privacy Act d. Omnibus Crime Control and Safe Streets Act ANSWER: b 44. In Doe v. Holder, the courts ruled that the NSL gag provision violates the a. Fair Information Practices Act b. USA PATRIOT Act c. First Amendment d. sunset provision
.
ANSWER: c 45. A(n)
is a device that records the originating number of incoming calls for a particular phone number.
Chapter 4: Privacy a. trap and trace c. intercom ANSWER: a
b. pen register d. phone switchboard
Chapter 4: Privacy 46. The Organisation for Economic Cooperation and Development’s held up as the model of ethical treatment of consumer data. a. European Union Data Protection Directives b. fair information practices c. transborder data flow principles d. BBB online data protection guidelines
, established in 1980, are often
ANSWER: b 47. The bars the export of data to countries that do not have data privacy protection standards comparable to those of its member countries. a. Fair Information Protection Act b. Fair Credit Reporting Act c. Freedom of Information Act d. European Union Data Protection Directive ANSWER: d 48. In the context of tenets of the The European Union Data Protection Directive, refers to an individual's right to challenge the accuracy of the data and provide the corrected data. a. enforcement b. security c. correction d. use ANSWER: c 49. In the context of tenets of The European Union Data Protection Directive, right to seek legal relief through appropriate channels to protect privacy rights. a. enforcement b. notice c. choice d. security
refers to an individual's
ANSWER: a 50. The is an act that repealed a depression-era law known as Glass-Steagall. a. Fair Credit Reporting Act b. Health Insurance Portability and Accountability Act c. Gramm-Leach-Bliley Act d. Electronic Communications Privacy Act ANSWER: c 51. The enables the public to gain access to certain government records. a. Fair Information Practices Act b. USA PATRIOT Act c. Privacy Act d. Freedom of Information Act ANSWER: d
Chapter 4: Privacy 52. The included strong privacy provisions for electronic health records and bans the sale of health information, promotes the use of audit trails and encryption, and provides rights of access for patients. a. Foreign Intelligence Surveillance Act b. American Recovery and Reinvestment Act c. Gramm-Leach-Bliley Act d. Electronic Communications Privacy Act ANSWER: b 53. One purpose of a(n) is to capture and record data that can be used by the manufacturer to make future changes to improve vehicle performance in the case of a crash. a. cookie b. event data recorder c. spear-phishing device d. answering machine ANSWER: b 54. The requires each financial institution to document a data security plan describing the company’s preparation and plans for the ongoing protection of clients’ personal data. a. b. Safeguards Rule b. Pretexting Rule c. Financial Privacy Rule d. Discovery Rule ANSWER: a 55. Discovery is part of the pretrial phase of a lawsuit in which each party can obtain other party by various means. a. trade secrets b. competitive intelligence c. evidence d. patent royalties
from the
ANSWER: c 56. The restricted the government’s ability to secretly intercept communications. a. Freedom of Information Act b. Communications Act of 1934 c. NSL gag provision d. USA PATRIOT Act of 2001 ANSWER: b 57. The protects citizens from unreasonable government searches and is often invoked to protect the privacy of government employees. a. USA PATRIOT Act b. Communications Assistance for Law Enforcement Act c. Fourth Amendment d. Freedom of Information Act ANSWER: c 58. The allows consumers to request and obtain a free credit report each year from each of the three primary credit reporting companies. a. Fair Credit Reporting Act b. Fair and Accurate Credit Transactions Act
Chapter 4: Privacy c. Right to Financial Privacy Act ANSWER: b
d. Gramm-Leach-Bliley Act
Chapter 4: Privacy 59. The Organisation for Economic Co-operation and Development's requirement that personal data collected should be accurate, complete, current, and relevant to the purpose for which it is used is based on the principle of . a. b. c. d.
individual participation data quality collection limitation purpose specification
ANSWER: b 60. The presumes that a student’s records are private and not available to the public without the consent of the student. a. Health Insurance Portability and Accountability Act b. Children’s Online Privacy Protection Act c. American Recovery and Reinvestment Act d. Family Educational Rights and Privacy Act ANSWER: d 61.
includes photographs, sound recordings, and databases stored on hard drives, CDs, and flash drives. ANSWER: Electronically stored information
62. A(n) can be loaded onto someone’s cell phone or smartphone within minutes, making it possible for the user to perform location tracking, record calls, view every text message or picture sent or received, and record the URLs of any Web site visited on the phone. ANSWER: stalking app 63. The Communications Act of 1934 established the
.
ANSWER: Federal Communications Commission FCC 64. In the context of the Organisation for Economic Co-operation and Development (OECD) privacy guidelines, refers to the fact that personal data should be accurate, complete, current, and relevant to the purpose for which it is used . ANSWER: data quality 65. Under Title III of the Omnibus Crime Control and Safe Street Act, a warrant must be obtained from a judge to conduct a(n) . ANSWER: wiretap 66. The meets in secret to hear applications for and grant or deny orders approving electronic surveillance anywhere within the United States.
Chapter 4: Privacy ANSWER: Foreign Intelligence Surveillance Act court 67. Title II of the Electronic Communications Privacy Act of 1986 prohibits unauthorized access to stored . ANSWER: wire and electronic communications. 68. A private organization can defeat a privacy claim simply by proving that an employee had been given that email, Internet use, and files on company computers were not private and that their use might be monitored. ANSWER: explicit notice 69.
is a term for a set of guidelines that govern the collection and use of personal data. ANSWER: Fair information practices
70. The
of 2001 was passed just after the terrorist attacks of September 11, 2001.
ANSWER: USA PATRIOT Act 71. The required the telecommunications industry to build tools into its products that federal investigators could use to eavesdrop on conversations and intercept electronic communications. ANSWER: Communications Assistance for Law Enforcement Act 72. A(n) uses sensors located around the vehicle to capture and record information about vehicle speed and acceleration. ANSWER: vehicle event data recorder event data recorder EDR 73. Under the Act, healthcare companies must appoint a privacy officer to develop privacy policies and procedures as well as train employees on how to handle sensitive patient data. ANSWER: Health Insurance Portability and Accountability 74. The Fourth Amendment of the Constitution protects right of the people to be secure in their persons, houses, papers, and effects, against. ANSWER: unreasonable searches and seizures 75. The Fair and Accurate Credit Transactions Act helped establish the ANSWER: National Fraud Alert system
to help prevent identity theft.
Chapter 4: Privacy 76. A(n)
is a device that records electronic impulses to identify the numbers dialed for outgoing calls.
ANSWER: pen register 77. The is a powerful tool for journalists and the public to acquire information that the government is reluctant to release. ANSWER: Freedom of Information Act 78. After have been stored on a computer, they make it possible for a Web site to tailor the ads and promotions presented on it. ANSWER: cookies 79. Under the , once a case is filed, the involved parties are required to meet and discuss various ediscovery issues, such as how to preserve discoverable data, how the data will be produced, agreement on the format in which the data will be provided, and whether production of certain electronically stored information will lead to waiver of attorney-client privilege. ANSWER: Federal Rules of Procedure 80.
is information relating to the capabilities, intentions, or activities of foreign governments or agents of foreign governments or foreign organizations. ANSWER: Foreign intelligence
81. The Fair Credit Reporting Act is enforced by the
.
ANSWER: U.S. Federal Trade Commission FTC 82. The fair information practices of the treatment of consumer data.
, established in 1980, are often held up as the model of ethical
ANSWER: Organisation for Economic Co-operation and Development OECD 83. Financial institutions must inform consumers of their right to , that is, to refuse to give the institution the right to collect and share personal data with unaffiliated parties. ANSWER: opt out 84. Users of the Firefox, Explorer, or Safari Web browsers can select a(n) option so that the browser sends a message to each site visited that the users do not wish to have cookies deposited on their computer. ANSWER: Do Not Track 85. The potential for decreased productivity and increased legal liabilities has led many employers to monitor workers to ensure that corporate are being followed.
Chapter 4: Privacy ANSWER: IT usage policies