Ch 13 - Emerging Issues: Big Data & the IoT

Question 1

Benefits of using big data include which of the following?

a. Can be obtained from a large variety of sources
b. Low cost to store data
c. Available for data mining as a basis for analytics
d. All of the above

Answer 1

d. All of the above

Question 2

Which of the following aspects of data mining provide the basis of analytics?

a. Providing transparency
b. Drawing connections
c. Making predictions
d. All of the above

Answer 2

d. All of the above

Question 3

Which of the following best describes a reason using big data for modern analytics may make it difficult to adhere to Fair Information Privacy Practices?

a. The data may be incomplete
b. No clear notice of data use to the data subject
c. Data may have been disclosed to a third party
d. None of the above

Answer 3

b. No clear notice of data use to the data subject

Question 4

Which of the following is an example of a data collecting device?

a. Cell phones
b. Street light sensors
c. Car fuel injectors sensors
d. All of the above

Answer 4

d. All of the above

Question 5

Moore’s Law is used to predict which of the following?

a. Number of transactions performed by a teller machine
b. Increase of the expanding universe
c. Exponential increase of computing power and data
d. All of the above

Answer 5

c. Exponential increase of computing power and data

Gordon Moore, Cofounder of Intel predicted the exponential increase in computing power when he observed the number of transistors on a circuit board doubled every 18 to 24 months.

Question 6

What is the relationship between Moore’s Law and Big Data?

a. Moore’s Law predicts that Big Data will eventually drop off and become a thing of the past
b. Moore’s Law predicts the amount of data produced doubles about every 12 months
c. Moore’s Law predicts the amount of data collected is equal to the amount of data used
d. None of the above

Answer 6

b. Moore’s Law predicts the amount of data produced doubles about every 12 months

Question 7

How frequently is data produced predicted to double by 2025?

Answer 7

Data produced is predicted to double every 12 hours at its current rate by 2025.

Question 8

What are the “3 Vs”?

Answer 8

Characteristics of big data:

• Velocity (how fast the data is available)
• Volume (how much data is available)
• Variety (different forms from different sources being analyzed)

Question 9

An important positive aspect of having a large variety of sources of big data is:

a. The ability to turn data from different sources into more uniform categories for analysis
b. The cycle time to turn data into distinct categories
c. The ability to quickly review the data records
d. None of the above

Answer 9

a. The ability to turn data from different sources into more uniform categories for analysis.

Question 10

What is Asimov’s Law of Robotics as it pertains to Artificial Intelligence?

Answer 10

A robot:

1. may not injure a human being or allow a human being to come to harm;
2. must obey an order given by a human being, except when it would cause a human being harm;
3. must protect its own existence except when it would cause harm or prevent it from obeying an order given by a human being.

Question 11

Which of the following is a privacy related rule added to the rules of Asimov’s Law of Robotics by EPIC founder, Marc Rotenberg?

a. A robot should always reveal the name of the programmer
b. A robot should always reveal the basis of their decisions
c. A robot should always reveal their identities
d. b and c

Answer 11

A robot:

4. should always reveal the basis of their decisions; and
5. should always reveal their identities.

Question 12

Which of the following is a standard included in Satya Nadella’s design principles for AI designed to help humans?

a. Must be designed for intelligent privacy
b. Must be transparent
c. Includes algorithmic accountability to undo unintended harm
d. All of the above

Answer 12

d. All of the above

Question 13

1. Which of the following is a financial risk of a security breach on big data?
   a. Responding to and providing notice
   b. Fraudulent account activity
   c. Identity theft
   d. All of the above

Answer 13

d. All of the above

Question 14

What are the 2 primary security risks related to big data?

Answer 14

1. Insiders stealing information

2. External hackers

Question 15

Which of the following is not an important preventive consideration during development of a comprehensive information security plan?

a. Firewalls
b. Surveillance cameras
c. Intrusion detection
d. Threat models

Answer 15

b. Surveillance cameras

Question 16

8. Which of the following is an important Fair Information Privacy Principle especially relevant to big data?
   a. Collection limitation
   b. Use limitation
   c. Purpose specification
   d. All of the above

Answer 16

d. All of the above

Question 17

Which of the following is an important standard for limiting collection of personal information?

a. Collection conducted by lawful and fair means
b. Collection conducted at the data subject’s consent, when possible
c. Collection with the data subject’s knowledge, when possible
d. All of the above

Answer 17

d. All of the above

Question 18

What are the 3 most important standards for limiting use of personal information?

Answer 18

Personal information:

1. should not be used or disclosed beyond its intended purposes;
2. may be used for other purposes with the data subject’s consent;
3. may be used under the authority of law.

Question 19

Which of the following is an important standard for ensuring personal information is used for the purpose specified?

a. Used for the purpose initially intended
b. May be used for other purposes when they are compatible with the original purpose intended
c. Should be limited when secondary uses are involved
d. All of the above

Answer 19

d. All of the above

Question 20

Which of the following is an important theme of Fair Information Principles?

a. Data minimization
b. Additional security measures for big data
c. Deidentification
d. Only a and c

Answer 20

d. Only a and c

Question 21

Which of the following is not a control that can be used to prevent a big data breach?

a. Access – only employees with a need to know
b. Segregation databases
c. Identify compliance challenges
d. Guiding principles based on best practices

Answer 21

c. Identify compliance challenges

Question 22

Which of the following is a guiding principle for preventing a big data breach?

a. Legal rules
b. Company policy
c. FIPPs (esp. Collection Limitation, Purpose Specification, and Use Limitation)
d. All of the above

Answer 22

d. All of the above

Question 23

Which of the following is not a principle for reducing privacy risk?

a. Only collect data necessary
b. Disclose data to third parties without a contract
c. Collect only less sensitive data
d. De-identify data once it is collected

Answer 23

b. Disclose data to third parties without a contract

Question 24

Which of the following describes the goal of data de-identification, pseudonymization, and anonymization?

a. Gain benefits from analyzing data while suppressing data that can reveal an individual’s identity
b. Reduce costs of marketing by disclosing consumer data to third parties
c. Ensure better information security through encryption
d. Only a and c

Answer 24

a. Gain benefits from analyzing data while suppressing data that can reveal an individual’s identity

Question 25

Which of the following best describes a direct identifier? a. Data that is relevant to an individual and can be indirectly linked to them b. Data that is unique to an individual and cannot be directly linked to them c. Data that is unique to an individual and can be directly linked to them d. Only a and b

Answer 25

c. Data that is unique to an individual and can be directly linked to them

Question 26

Which of the following best describes an indirect identifier? a. Category of data, such as TIN, that increases the likelihood of identifying an individual b. Category of data, such as age or gender, that increases the likelihood of identifying an individual c. Category of data, such as birth date and TIN, that increases the likelihood of identifying an individual d. None of the above

Answer 26

.b. Category of data, such as age or gender, that increases the likelihood of identifying an individual

Question 27

Which of the following best describes pseudonymous data? a. Data that has had direct identifiers removed b. Data that has had indirect identifiers removed c. Data that has had some direct identifiers removed d. None of the above

Answer 27

a. Data that has had direct identifiers removed

Question 28

Which of the following best describes de-identified data? a. Data that has had direct identifiers removed b. Data that has had direct and known indirect identifiers removed c. Data that has had indirect identifiers removed d. None of the above

Answer 28

b. Data that has had direct and known indirect identifiers removed

Question 29

Which of the following best describes anonymous data? a. Data that has had direct and indirect identifiers removed or technically manipulated to prevent reidentification b. Data that has had indirect identifiers removed or technically manipulated to allow reidentification c. Data that was sent to an email address with a security key d. None of the above

Answer 29

a. Data that has had direct and indirect identifiers removed or technically manipulated to prevent reidentification

Question 30

Which of the following is not a technical manipulation approach to help anonymize data? a. Blurring b. Masking c. Homogeneous privacy d. Differential privacy

Answer 30

c. Homogeneous privacy

Question 31

Which of the following best describes 'blurring data'? a. Making data less precise by making categories broader b. Making data unintelligible by blacking out sensitive personal information c. Using a mathematical formula to mask data with a code d. None of the above

Answer 31

a. Making data less precise by making categories broader. | Example: instead of using date of birth, use year of birth or decade of birth

Question 32

Which of the following best describes the process of masking data? a. Masking anonymized values in a data set b. Masking original values in a data set c. Masking pseudonymized values in a data set d. None of the above

Answer 32

b. Masking original values in a data set

Question 33

Which of the following best describes the 'data perturbation' form of masking data? a. Makes small changes to data while maintaining overall averages b. Ensures all data is completely unreadable c. Alters the values of data elements in a database to maintain individual record confidentiality d. a and c

Answer 33

d. a and c

Question 34

Which of the following best describes differential privacy? a. A mathematical approach that describes patterns of a group within a data set while withholding information about individuals in the data set b. A mathematical approach that describes people in a group while withholding information about the individuals themselves c. A mathematical approach to data redaction d. None of the above

Answer 34

a. A mathematical approach that describes patterns of a group within a data set while withholding information about individuals in the data set

Question 35

Which of the following is a broad category of products offered by data brokers referenced in the 2014 FTC Report "Data Brokers: A Call for Transparency and Accountability"? a. Marketing: appending data to information the company has b. Risk mitigation: information that may reduce fraud risk c. Location of individuals: identifying individuals from partial information d. All of the above

Answer 35

d. All of the above

Question 36

Which of the following is an FTC recommendation in the 2014 Report "Data Brokers: A Call for Transparency and Accountability"? a. Use data minimization practices b. Review collection practices, especially children and teams c. Take reasonable precautions to ensure downstream users are not using the data for discriminatory or criminal purposes d. All of the above

Answer 36

d. All of the above

Question 37

Which of the following best describes a reason using big data for modern analytics may make it difficult to adhere to Fair Information Privacy Practices? a. The data may be incomplete b. Clear notice of data use is often provided to the data subject c. Use of data may not fit the intended purpose authorized by the data subject d. None of the above

Answer 37

c. Use of data may not fit the intended purpose authorized by the data subject

Question 38

Which of the following is an important Fair Information Privacy Principle especially relevant to big data? a. Collection limitation b. Use limitation c. Purpose specification d. All of the above

Answer 38

d. All of the above

Question 39

12. Which of the following is the least likely to be a data collecting device? a. Medical device sensors b. Electric razor c. Temperature thermostats d. Surveillance cameras

Answer 39

b. Electric razor