Question 6 of 93
Which jurisdiction was the first to consider IP addresses to be personal information?
    Correct Answer: D

    The European Union is recognized as the first jurisdiction to consider IP addresses as personal information. Under the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018, IP addresses are treated as personal data under certain circumstances. This regulation set the precedent for other jurisdictions to consider similar stances on IP addresses.

Question 7 of 93
In the area of human rights, what separates Singapore from many other Asian countries?
    Correct Answer: B

    Singapore has not signed the International Covenant on Civil and Political Rights, which separates it from many other Asian countries in the area of human rights. The ICCPR is a key international treaty that aims to ensure the protection of civil and political rights for individuals. While many countries have signed and ratified this covenant, Singapore's decision not to sign it highlights a notable difference in its approach to human rights compared to other nations in the region.

Question 8 of 93
Besides the Personal Data Protection Act (PDPA), which of the following is a potential source of privacy protection for Singapore citizens?
    Correct Answer: D

    Breach of confidence law is a potential source of privacy protection for Singapore citizens. Singapore does not provide explicit constitutional protections of privacy. It is also not a party to any enforceable international agreements specifically protecting privacy, and the tort of invasion of privacy is not established as a recognized legal protection in Singapore. Breach of confidence law can offer some degree of privacy protection by addressing instances where confidential information is improperly disclosed.

Question 9 of 93
Which of the following would NOT be exempt from Singapore’s PDPA?
    Correct Answer: A

    A government automotive registration website would not be exempt from Singapore's PDPA because the PDPA governs the collection, use, and disclosure of personal data by organizations, excluding government websites which are regulated under different privacy frameworks.

Question 10 of 93
SCENARIO – Please use the following to answer the next question:
Delilah is seeking employment in the marketing department of Good Mining Private Limited, an industry leader in drilling mines in Singapore. Delilah, while filling in the standard paper application form, is asked to provide details about emergency contacts, medical history, blood type and her insurance policy. These fields need to be filled in no matter which department Delilah applies to. The form also asks Delilah to expressly consent to the collection, use and disclosure of her personal data.
A week after submitting the form, Delilah is invited by Evan, the Director of Marketing at Good Mining, to coffee. Just before Delilah leaves, she gives her business card containing her current business contact information to Evan. Evan then uses the business card to add Delilah's details to Good Mining's business development database, which is kept on a local server. Good Mining uses the database to inform people about networking and client events that Good Mining organizes.
Why is it legal for Evan to add the information on Delilah's business card to the business development database?
    Correct Answer: A

    It is legal for Evan to add the information on Delilah's business card to the business development database because Delilah 'consented' to her business contact information being used by Good Mining by passing it to Evan voluntarily. By giving her business card to Evan, Delilah implicitly consented to this usage of her contact information for business purposes.