11. A pen register is a device that records the originating number of incoming calls for a particular phone number.F12. The cost of a data breach can be quite expensive, by some estimates nearly $200 for each record lost.T13. The use of cookies and tracking software is controversial because companies can collect information about consumers without their explicit permission.T14. A National Security Letter is subject to judicial review and oversight.F15. The use of information technology in business requires balancing the needs of those who use the information that is collected against the rights and desires of the people whose information is being used.T16. Under the USA PATRIOT Act, the FBI can issue a National Security Letter to compel banks, Internet service providers, and credit reporting companies to turn over information about their customers without a court order simply of the basis that the information is needed for an ongoing investigation.T17. The Foreign Intelligence Surveillance Act describes procedures for the electronic surveillance of communications between foreign powers and the agents of foreign powers.T18. Under the Right to Financial Privacy Act, a financial institution can release a customer's financial records without the customer's authorization as long as it is a government authority that is seeking the records.F19. The USA PATRIOT Act grants citizens the right to access certain information and records of federal, state, and local governments upon request.F20. Electronic discovery is the collection, preparation, review, and production of electronically stored information for use in criminal and civil actions and proceedings.T21. The European Union Data Protection Directive requires member countries to ensure that data transferred to non-European Union countries is protected.T22. Through the use of cookies, a Web site is able to identify visitors on subsequent visits.T23. The Privacy Act of 1974 extends to the actions of the CIA, U.S. law enforcement agencies, and the private industry.F24. There is virtually no way to limit the deposit of cookies on a user's hard drive.F25. The Gramm-Leach-Bliley Act includes three key rules that affect personal privacy: financial privacy rule, safeguards rule, and pretexting rule.T26. The Foreign Intelligence Surveillance Act:
a. extends the protections offered under the Wiretap Act to electronic communications, such as email, fax, and messages sent over the Internet.
b. was passed by Congress in 1994 and amended both the Wiretap Act and the Electronic Communications Privacy Act.
c. requires any company doing business within the borders of the countries comprising the European Union to implement a set of privacy directives on the fair and appropriate use of information.
d. allows surveillance, without court order, within the United States for up to a year unless the "surveillance will acquire the contents of any communication to which a U.S. person is a party."d. allows surveillance, without court order, within the United States for up to a year unless the "surveillance will acquire the contents of any communication to which a U.S. person is a party."27. In the context of the Fourth Amendment, the courts have ruled that:
a. recordings by the FBI of various telephone calls made by a U.S. citizen from a public phone booth do not violate an individual's privacy
b. Federal agents can listen to phone conversations of U.S. citizens without a warrant
c. without a reasonable expectation of privacy, there is no privacy right
d. the Fourth Amendment is no longer validc. without a reasonable expectation of privacy, there is no privacy right28. Which act requires that financial institutions must provide a privacy notice to each consumer that explains what data about the consumer is gathered, with whom that data is shared, how the data is used, and how the data is protected?
a. Fair Credit Reporting Act
b. Health Insurance Portability and Accountability
Act
c. Gramm-Leach-Bliley Act
d. USA PATRIOT Actc. Gramm-Leach-Bliley Act29. Although the Constitution does not contain the word privacy, the U.S. Supreme Court has ruled that the concept of privacy is protected by which of the following?
a. Fair Credit Reporting Act
b. Gramm-Leach-Bliley Act
c. Health Insurance Portability and Accountability Act
d. Bill of Rightsd. Bill of Rights30. The Health Insurance Portability and Accountability Act requires healthcare providers to obtain which of the following from patients prior to disclosing any information in their medical records?
a. payment for all services rendered
b. a social security number
c. a second opinion
d. written consentd. written consent31. The Children's Online Privacy Protection Act:
a. was found to be unconstitutional
b. is meant to give Web masters control over the collection, use, and disclosure of children's personal information
c. does not cover the dissemination of information to children
d. requires the installation of Internet filters in public librariesc. does not cover the dissemination of information to children32. Title I of the which of the following acts extends the protections offered under the Wiretap Act to electronic communications, such as fax and messages sent over the Internet?
a. Foreign Intelligence Surveillance Act
b. Electronic Communications Privacy Act
c. Communications Assistance for Law Enforcement Act
d. USA PATRIOT Actb. Electronic Communications Privacy Act33. Which act prohibits unauthorized access to stored wire and electronic communications, such as the contents of email inboxes, instant messages, message boards, and social networking sites?
a. Foreign Intelligence Surveillance Act
b. Electronic Communications Privacy Act
c. USA PATRIOT Act
d. Communications Assistance for Law Enforcement Actb. Electronic Communications Privacy Act34. Which act prohibits the government from concealing the existence of any personal data record-keeping systems?
a. Fair Information Practices Act
b. USA PATRIOT Act
c. Privacy Act
d. Freedom of Information Actc. Privacy Act35. Under which act did the Federal Communications Commission respond to appeals from the Department of Justice by requiring providers of Internet phone services and broadband services to ensure that their equipment accommodated the use of law enforcement wiretaps?
a. USA PATRIOT Act
b. Communications Assistance for Law Enforcement Act
c. Electronic Communications Privacy Act
d. Foreign Intelligence Surveillance Actb. Communications Assistance for Law Enforcement Act36. Which of the following acts gave sweeping new powers both to domestic law enforcement and international intelligence agencies, including increasing the ability of law enforcement agencies to search telephone, email, medical, financial, and other records?
a. Health Insurance Portability and Accountability Act
b. Communications Assistance for Law Enforcement Act
c. USA PATRIOT Act
d. Foreign Intelligence Surveillance Actc. USA PATRIOT Act37. Which act outlines who may access a user's credit information, how users can find out what is in their file, how to dispute inaccurate data, and how long data is retained?
a. Gramm-Leach-Bliley Act
b. Fair Credit Reporting Act
c. Credit CARD Act
d. Federal Credit Union Actb. Fair Credit Reporting Act38. In 2008, which act granted expanded authority to collect, without court-approved warrants, international communications as they flow through U.S. telecom network equipment and facilities?
a. USA PATRIOT Act
b. Foreign Intelligence Surveillance Act Amendments Act
c. Electronic Communications Privacy Act
d. Omnibus Crime Control and Safe Streets Actb. Foreign Intelligence Surveillance Act Amendments Act39. In Doe v. Holder, the courts ruled that the NSL gag provision violates which act?
a. Fair Information Practices Act
b. USA PATRIOT Act
c. First Amendment
d. sunset provisionc. First Amendment40. A device that records the originating number of incoming calls for a particular phone number is known as which of the following?
a. trap and trace
b. pen register
c. intercom
d. phone switchboarda. trap and trace41. Established in 1980, The Organisation for Economic Co-operation and Development's created which of the following, which are often held up as the model of ethical treatment of consumer data?
a. European Union Data Protection Directives
b. fair information practices
c. transborder data flow principles
d. BBB online data protection guidelinesb. fair information practices42. Which act bars the export of data to countries that do not have data privacy protection standards comparable to those of its member countries?
a. Fair Information Protection Act
b. Fair Credit Reporting Act
c. Freedom of Information Act
d. European Union Data Protection Directived. European Union Data Protection Directive43. In the context of tenets of the The European Union Data Protection Directive, which of the following terms refers to an individual's right to challenge the accuracy of the data and provide the corrected data?
a. enforcement
b. security
c. correction
d. usec. correction44. In the context of tenets of The European Union Data Protection Directive, which of the following terms refers to an individual's right to seek legal relief through appropriate channels to protect privacy rights?
a. enforcement
b. notice
c. choice
d. securitya. enforcement45. Which of the following is an act that repealed a depression-era law known as Glass-Steagall?
a. Fair Credit Reporting Act
b. Health Insurance Portability and Accountability Act
c. Gramm-Leach-Bliley Act
d. Electronic Communications Privacy Actc. Gramm-Leach-Bliley Act46. Which act enables the public to gain access to certain government records?
a. Fair Information Practices Act
b. USA PATRIOT Act
c. Privacy Act
d. Freedom of Information Actd. Freedom of Information Act47. Which act included strong privacy provisions for electronic health records and bans the sale of health information, promotes the use of audit trails and encryption, and provides rights of access for patients?
a. Foreign Intelligence Surveillance Act
b. American Recovery and Reinvestment Act
c. Gramm-Leach-Bliley Act
d. Electronic Communications Privacy Actb. American Recovery and Reinvestment Act48. One purpose of which of the following is to capture and record data that can be used by the manufacturer to make future changes to improve vehicle performance in the case of a crash?
a. cookie
b. event data recorder
c. spear-phishing device
d. answering machineb. event data recorder49. Which of the following rules requires each financial institution to document a data security plan describing the company's preparation and plans for the ongoing protection of clients' personal data?
a. Safeguards Rule
b. Pretexting Rule
c. Financial Privacy Rule
d. Discovery Rulea. Safeguards Rule50. Discovery is part of the pretrial phase of a lawsuit in which each party can obtain which of the following from the other party by various means?
a. trade secrets
b. competitive intelligence
c. evidence
d. patent royaltiesc. evidence51. Which of the following acts restricted the government's ability to secretly intercept communications?
a. Freedom of Information Act
b. Communications Act of 1934
c. NSL gag provision
d. USA PATRIOT Act of 2001b. Communications Act of 193452. Which act protects citizens from unreasonable government searches and is often invoked to protect the privacy of government employees?
a. USA PATRIOT Act
b. Communications Assistance for Law Enforcement Act
c. Fourth Amendment
d. Freedom of Information Actc. Fourth Amendment53. Which act allows consumers to request and obtain a free credit report each year from each of the three primary credit reporting companies?
a. Fair Credit Reporting Act
b. Fair and Accurate Credit Transactions Act
c. Right to Financial Privacy Act
d. Gramm-Leach-Bliley Actb. Fair and Accurate Credit Transactions Act54. The Organisation for Economic Co-operation and Development's requirement that personal data collected should be accurate, complete, current, and relevant to the purpose for which it is used is based on which principle?
a. individual participation
b. data quality
c. collection limitation
d. purpose specificationb. data quality55. Which act presumes that a student's records are private and not available to the public without the consent of the student?
a. Health Insurance Portability and Accountability Act
b. Children's Online Privacy Protection Act
c. American Recovery and Reinvestment Act
d. Family Educational Rights and Privacy Actd. Family Educational Rights and Privacy Act
