Tutorial06 Privacy
HONG KONG INSTITUTE OF VOCATIONAL EDUCATION
Tutorial 6: Data Protection and Privacy
Module Intended Learning Outcome (#2):
On completion of the module, students are expected to be able to: exercise appropriate judgments as IT practitioners according to the codes of conduct of leading professional bodies of related disciplines in various ethical and legal aspects related to IT professions
Lesson Intended Learning Outcome:
On completion of this tutorial, students are expected to be able to understand:
Data protection and privacy issues TASK: Multiple Choice Questions (1% each)
(1) Which is not the three levels of violation of data privacy?
(a) Data – crunching
(b) Data – gathering
(c) Data – exchange
(d) Data – mining
(2) Which is not a Do-not-call registers operated by OFCA?
(a) Fax Register
(b) Email Register
(c) Short Messages Register
(d) Telephone Register
(3) Suppose you want to do an on-line survey about secondary students’ online computer game playing habit. You should not ask for the name of the school from which the student is studying, or it may violate a principle under the Personal Data (Privacy) Ordinance. Which Principle below will it violate?
(a) Principle 1: Information collected should be adequate but not excessive.
(b) Principle 2: Information should be kept for a reasonable period of time.
(c) Principle 3: Information collected should be used for the purpose it is intended.
(d) Principle 4: Information should be safely kept.
(e) None of (a), (b), (c) or (d).
(4) Suppose you want to do an on-line survey about the Internet viewer’s fast food eating habit. Which item of information below you should NOT ask the user to provide because it would violate the Personal Data (Privacy) Ordinance?
(a) Viewer’s age range (e.g. 20-25 years old).
(b) Viewer’s sex. (e.g. Male or female.)
(c) Viewer’s HKID number.
(d) All of (a), (b) and (c).
(e) None of (a), (b) or (c).
(5) A company puts up an advertisement of job vacancies on a Web site. Since it does
Tutorial 6: Data Protection and Privacy
Module Intended Learning Outcome (#2):
On completion of the module, students are expected to be able to: exercise appropriate judgments as IT practitioners according to the codes of conduct of leading professional bodies of related disciplines in various ethical and legal aspects related to IT professions
Lesson Intended Learning Outcome:
On completion of this tutorial, students are expected to be able to understand:
Data protection and privacy issues TASK: Multiple Choice Questions (1% each)
(1) Which is not the three levels of violation of data privacy?
(a) Data – crunching
(b) Data – gathering
(c) Data – exchange
(d) Data – mining
(2) Which is not a Do-not-call registers operated by OFCA?
(a) Fax Register
(b) Email Register
(c) Short Messages Register
(d) Telephone Register
(3) Suppose you want to do an on-line survey about secondary students’ online computer game playing habit. You should not ask for the name of the school from which the student is studying, or it may violate a principle under the Personal Data (Privacy) Ordinance. Which Principle below will it violate?
(a) Principle 1: Information collected should be adequate but not excessive.
(b) Principle 2: Information should be kept for a reasonable period of time.
(c) Principle 3: Information collected should be used for the purpose it is intended.
(d) Principle 4: Information should be safely kept.
(e) None of (a), (b), (c) or (d).
(4) Suppose you want to do an on-line survey about the Internet viewer’s fast food eating habit. Which item of information below you should NOT ask the user to provide because it would violate the Personal Data (Privacy) Ordinance?
(a) Viewer’s age range (e.g. 20-25 years old).
(b) Viewer’s sex. (e.g. Male or female.)
(c) Viewer’s HKID number.
(d) All of (a), (b) and (c).
(e) None of (a), (b) or (c).
(5) A company puts up an advertisement of job vacancies on a Web site. Since it does