DSCI - Limited Time Discount Offer - Ends In 1d 00h 00m 00s Coupon code: Y2430OFF
  1. Home
  2. DSCI
  3. DCPP-01 Dumps
  4. Free DCPP-01 Questions

Free DCPP-01 Questions for DSCI DCPP-01 Exam as PDF & Practice Test Software

Page:    1 / 14   
Total 122 questions

Question 1

A financial organization may share nonpublic information about its customers in accordance with Gramm-Leach-Bliley Act of the US. Which one of the following is the requirement?



Answer : D


Question 2

APPI, the Act for the Protection of Personal Information, applies to:



Answer : B

The APPI is applicable to all businesses handling personal information for business use; however, national government, local governments and incorporated administrative agencies are excluded from the scope. The APPI is applicable to businesses in or outside Japan that collect personal information of Japanese citizens.


Question 3

Which of the following are needed for projects like DNA profiling, UIDAI, and statistical collection of individuals ?



Answer : C

Projects like UIDAI (Unique Identification Authority of India), NATGRID (National Intelligence Grid), CCTNS (Crime and Criminal Tracking Network and Systems), CMS (Central Monitoring System) etc in India are taking off -- which may have direct impact on privacy of individuals.This necessitates appropriate focus resultant legislations and regulatory measures for privacy to ensure safeguards and controls are put in place to support these kinds of projects.


Question 4

A growing economy has made it more important now than ever before for India to have comprehensive laws on __________.



Answer : C

India has established privacy regime through a patchwork of legislations and regulations, unlike the European countries that have horizontal privacy laws. The Information Technology Act - IT Act 2000 -- was amended in 2008 to regulate privacy aspects and to provide assurance to customers that their privacy is protected through the use of 'reasonable security practices'. It achieved its purpose to some extent, but it does not satisfy all the requirements and expectations of a comprehensive privacy law. To address this, the Indian government is working on a comprehensive Privacy Protection Bill, which is likely to be based on Justice AP Shah Report, to which DSCI and NASSCOM have contributed as members.


Question 5

Regarding projects such as Aadhaar, the National Population Register (NPR), etc. that involve national government projects specific to India, which of the following statements is accurate?



Answer : D

The requesting entity is expected to inform the individual, at the time of e-KYC authentication, what information will be shared with it by UIDAI on authentication and the purpose for which the information would be used. It is expected that notice is provided in the local language as well -- to ensure that the individual understands clearly what he/she is getting into. Any other entity other than the requesting entity that collects individual's Aadhaar number or even a document containing the Aadhaar number is also required to inform the individual the purpose of collection, whether it is mandatory and what are the alternatives. Consent After providing notice, the requesting entity is required to obtain the consent of the individual before collecting the identity information. The information may be collected in physical or, preferably, in electronic form. A record or log of the consent is also required to be maintained in the format specified by UIDAI. A requesting entity can do e-KYC authentication on behalf of a third party and share the e-KYC data with the third party for a specific purpose. However, it needs to take consent of the individual for this purpose. For any sharing of e-KYC data with a third party, a separate consent for each such sharing is required. The individual himself/herself may share their data with other entities. However, those entities cannot further share the data with any other entity without obtaining the individual's consent every single time it does a share. Similarly, any other entity other than the requesting entity that collects individual's Aadhaar number or any document containing the Aadhaar number is also required to obtain the consent of the individual for the collection, storage and usage of the individual's Aadhaar number for the purpose specified. The individual has the freedom to revoke any of the earlier consent(s) given, and requesting entity would be required to delete e-KYC data along with ceasing its ability to share further. Usage and Purpose The requesting entity can use the identity information of an individual only for the purpose specified to the individual at the time of authentication or e-KYC. Similarly, any other entity other than the requesting entity that collects individual's Aadhaar number or any document containing the Aadhaar number can use the Aadhaar number only for those purposes specified to the individual at the time of obtaining his consent. Any other entity other than the requesting entity that collects individual's Aadhaar number or any document containing the Aadhaar number is not permitted to share the Aadhaar number with any other person without obtaining the consent of the individual. Disclosure The core biometric information collected under the Act is not allowed to be shared with anyone for any reason whatsoever. This is applicable to UIDAI as well as all agencies in the ecosystem. A requesting entity can share the identity data, including the e-KYC data, with third parties for any lawful purposes provided specific consent from the individual for the same has been obtained. However, the third party, in turn, cannot share it further with any other third party except to complete a transaction- that too only if the individual has given specific consent.


Page:    1 / 14   
Total 122 questions