SCENARIO
Please use the following to answer the next question:
Jane is a U.S. citizen and a senior software engineer at California-based Jones Labs, a major software supplier to the U.S. Department of Defense and other U.S. federal agencies. Jane's manager, Patrick, is a French citizen who has been living in California for over a decade. Patrick has recently begun to suspect that Jane is an insider secretly transmitting trade secrets to foreign intelligence. Unbeknownst to Patrick, the FBI has already received a hint from anonymous whistleblower, and jointly with the National Security Agency is investigating Jane's possible implication in a sophisticated foreign espionage campaign.
Ever since the pandemic, Jane has been working from home. To complete her daily tasks she uses her corporate laptop, which after each login conspicuously provides notice that the equipment belongs to Jones Labs and may be monitored according to the enacted privacy policy and employment handbook. Jane also has a corporate mobile phone that she uses strictly for business, the terms of which are de ned in her employment contract and elaborated upon in her employee handbook. Both the privacy policy and the employee handbook are revised annually by a reputable California law rm specializing in privacy law. Jane also has a personal iPhone that she uses for private purposes only.
Jones Labs has its primary data center in San Francisco, which is managed internally by Jones Labs engineers. The secondary data center, managed by Amazon AWS, is physically located in the UK for disaster recovery purposes. Jones Labs' mobile devices backup is managed by a mid-sized mobile defense company located in Denver, which physically stores the data in Canada to reduce costs. Jones Labs MS O ce documents are securely stored in a Microsoft O ce 365 data center based in Ireland. Manufacturing data of Jones Labs is stored in Taiwan and managed by a local supplier that has no presence in the U.S.
Before inspecting any GPS geolocation data from Jane's corporate mobile phone, Patrick should rst do what?
A. Obtain prior consent from Jane pursuant to the Telephone Consumer Protection Act
B. Revise emerging workplace privacy best practices with a reputable advocacy organization.
C. Obtain a subpoena from law enforcement, or a court order, directing Jones Labs to collect the GPS geolocation data.
D. Ensure that such activity is permitted under Jane's employment contract or the company's employee privacy policy.
SCENARIO
Please use the following to answer the next question:
Jane is a U.S. citizen and a senior software engineer at California-based Jones Labs, a major software supplier to the U.S. Department of Defense and other U.S. federal agencies. Jane's manager, Patrick, is a French citizen who has been living in California for over a decade. Patrick has recently begun to suspect that Jane is an insider secretly transmitting trade secrets to foreign intelligence. Unbeknownst to Patrick, the FBI has already received a hint from anonymous whistleblower, and jointly with the National Security Agency is investigating Jane's possible implication in a sophisticated foreign espionage campaign.
Ever since the pandemic, Jane has been working from home. To complete her daily tasks she uses her corporate laptop, which after each login conspicuously provides notice that the equipment belongs to Jones Labs and may be monitored according to the enacted privacy policy and employment handbook. Jane also has a corporate mobile phone that she uses strictly for business, the terms of which are de ned in her employment contract and elaborated upon in her employee handbook. Both the privacy policy and the employee handbook are revised annually by a reputable California law rm specializing in privacy law. Jane also has a personal iPhone that she uses for private purposes only.
Jones Labs has its primary data center in San Francisco, which is managed internally by Jones Labs engineers. The secondary data center, managed by Amazon AWS, is physically located in the UK for disaster recovery purposes. Jones Labs' mobile devices backup is managed by a mid-sized mobile defense company located in Denver, which physically stores the data in Canada to reduce costs. Jones Labs MS O ce documents are securely stored in a Microsoft O ce 365 data center based in Ireland. Manufacturing data of Jones Labs is stored in Taiwan and managed by a local supplier that has no presence in the U.S.
When storing Jane's ngerprint for remote authentication. Jones Labs should consider legality issues under which of the following?
A. The Privacy Rule of the HITECH Act.
B. The California IoT Security Law (SB 327).
C. The applicable state law such as Illinois BIPA.
D. The federal Genetic Information Nondiscrimination Act (GINA).
Which of the following most accurately describes the regulatory status of pandemic contact-tracing apps in the United States?
A. Contact tracing is covered exclusively under the Health Insurance Portability and Accountability Act (HIPAA).
B. Contact tracing is regulated by the U.S. Centers for Disease Control and Prevention (CDC).
C. Contact tracing is subject to a patchwork of federal and state privacy laws.
D. Contact tracing is not regulated in the United States.
SCENARIO Please use the following to answer the next question:
Jane is a U.S. citizen and a senior software engineer at California-based Jones Labs, a major software supplier to the U.S. Department of Defense and other U.S. federal agencies. Jane's manager, Patrick, is a French citizen who has been
living in California for over a decade. Patrick has recently begun to suspect that Jane is an insider secretly transmitting trade secrets to foreign intelligence. Unbeknownst to Patrick, the FBI has already received a hint from anonymous
whistleblower, and jointly with the National Security Agency is investigating Jane's possible implication in a sophisticated foreign espionage campaign.
Ever since the pandemic, Jane has been working from home. To complete her daily tasks she uses her corporate laptop, which after each login conspicuously provides notice that the equipment belongs to Jones Labs and may be monitored
according to the enacted privacy policy and employment handbook. Jane also has a corporate mobile phone that she uses strictly for business, the terms of which are defined in her employment contract and elaborated upon in her employee
handbook. Both the privacy policy and the employee handbook are revised annually by a reputable California law firm specializing in privacy law. Jane also has a personal iPhone that she uses for private purposes only.
Jones Labs has its primary data center in San Francisco, which is managed internally by Jones Labs engineers. The secondary data center, managed by Amazon AWS, is physically located in the UK for disaster recovery purposes. Jones
Labs' mobile devices backup is managed by a mid-sized mobile defense company located in Denver, which physically stores the data in Canada to reduce costs. Jones Labs MS Office documents are securely stored in a Microsoft Office 365
data center based in Ireland. Manufacturing data of Jones Labs is stored in Taiwan and managed by a local supplier that has no presence in the U.S.
Under Section 702 of FISA, the NSA may do which of the following without a Foreign Intelligence Surveillance Court warrant?
A. Compel AWS to disclose Jane's email communications with a Taiwanese national residing in Taiwan.
B. Compel AWS to disclose email communications between two Chinese nationals residing in the EU.
C. Compel Microsoft to disclose Patrick's Skype calls with a Brazilian national living in Peru.
D. Compel Jane to disclose the PIN code for her corporate mobile phone.
The Clarifying Lawful Overseas Use of Data (CLOUD) Act is primarily intended to do which of the following?
A. Codify a treaty with the EU that permits the cross-border transfer of personal information from the EU to the United States in compliance with the General Data Protection Regulation (GDPR).
B. Update the legal mechanisms through which federal law enforcement may obtain data that service providers maintain in a foreign country.
C. Establish baseline privacy obligations that U.S. companies must comply with for personal information, even if stored in a foreign country.
D. Prohibit foreign companies from using the personal information of U.S. citizens without their consent.
The federal Driver's Privacy Protection Act (DPPA) prohibits the release or use of what type of personal information?
A. Information obtained from rental car agencies identifying drivers license numbers.
B. Information obtained from police departments concerning a driver's traffic violations or accidents.
C. Information obtained from automobile dealers regarding driver's name and Social Security Number.
D. Information obtained from State motor vehicle departments in connection with a motor vehicle record.
Which of the following would best provide a sufficient consumer disclosure under the Fair Credit Reporting Act (FCRA) prior to a consumer report being obtained for employment purposes?
A. A standalone notice document.
B. A notice provision in a mailed offer letter.
C. A notice provision in an electronic employment application.
D. A verbal notice provided with a conditional offer of employment.
Which of the following state laws has an entity exemption for organizations subject to the Gramm-Leach-Bliley Act (GLBA)?
A. Nevada Privacy Law.
B. California Privacy Rights Act.
C. California Consumer Privacy Act.
D. Virginia Consumer Data Protection Act.
Which of the following federal agencies does NOT have regulatory authority related to privacy?
A. Consumer Financial Protection Bureau.
B. U.S. Department of Transportation.
C. U.S. Department of Commerce.
D. Federal Reserve
ABC Corp. is a consumer-facing business that uses a number of vendors to help operate its business, such as payment processors, cloud service providers, and an e-commerce platform.
If ABC Corp. were subject to the California Consumer Privacy Act (CCPA), what would it have to do in order to avoid having its transfer of personal information to vendors be considered a "sale" of personal information?
A. Register its transfer of personal information with the California Attorney General's office.
B. Ensure that it does not receive any monetary consideration from the vendors for the personal information.
C. Enter into a contract with the vendors containing restrictions on what they can do with the personal information.
D. State in its privacy policy that it will only transfer the personal information to vendors who provide the business with certain services.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPP-US exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.