REPUBLIC ACT 10173 DEFINITION OF TERMS

Question 1

__________ shall refer to the National Privacy Commission created by virtue of this Act.

Answer 1

COMMISSION

Question 2

Refers to any freely given, specific, informed indication of will, whereby
the data subject agrees to the collection and processing of personal information about and/or relating
to him or her. Consent shall be evidenced by written, electronic or recorded means. It may also be
given on behalf of the data subject by an agent specifically authorized by the data subject to do so.

Answer 2

Consent of the Data Subject

Question 3

Refers to an individual whose personal information is processed.

Answer 3

Data Subject

Question 4

Refers to communication by whatever means of any advertising or marketing
material which is directed to particular individuals.

Answer 4

DIRECT MARKETING

Question 5

Refers to any act of information relating to natural or juridical persons to the extent that,
although the information is not processed by equipment operating automatically in response to
instructions given for that purpose, the set is structured, either by reference to individuals or by
reference to criteria relating to individuals, in such a way that specific information relating to a particular
person is readily accessible.

Answer 5

FILING SYSTEM

Question 6

refers to a system for generating, sending, receiving,
storing or otherwise processing electronic data messages or electronic documents and includes the computer system or other similar device by or which data is recorded, transmitted or stored and any
procedure related to the recording, transmission or storage of electronic data, electronic message, or
electronic document.

Answer 6

INFORMATION AND COMMUNICATIONS SYSTEM

Question 7

Refers to any information whether recorded in a material form or not, from
which the identity of an individual is apparent or can be reasonably and directly ascertained by the
entity holding the information, or when put together with other information would directly and certainly
identify an individual.

Answer 7

Personal Information

Question 8

refers to a person or organization who controls the collection,
holding, processing or use of personal information, including a person or organization who instructs
another person or organization to collect, hold, process, use, transfer or disclose personal information
on his or her behalf.

Answer 8

PERSONAL INFORMATION CONTROLLER

Question 9

Refers to any natural or juridical person qualified to act as such
under this Act to whom a personal information controller may outsource the processing of personal
data pertaining to a data subject.

Answer 9

PERSONAL INFORMATION PROCESSOR

Question 10

refers to any and all forms of data which under the Rides of Court and other
pertinent laws constitute privileged communication.

Answer 10

PRIVILEGED INFORMATION

Question 11

refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification,
retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

Answer 11

PROCESSING

Question 12

Refers to personal information:

Answer 12

Sensitive Personal Information

Question 13

(madeup) 4 FACETS OF SENSITIVE PERSONAL INFORMATION

Answer 13

1. Demographic Data
2. Sensitive Personal Data
   3.Government-Issued Identifiers and Records
   4 Classified Information

Question 14

Give at least 3 example of Demographic Data

Answer 14

race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;

Question 15

Give at least 1 example of Sensitive Personal Data

Answer 15

health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings;

Question 16

Give at least 1 example of Government Issued Identifiers and Records

Answer 16

social security numbers, cm-rent health records, licenses or its denials, suspension or revocation, and tax returns;

Question 17

Classified information is information that is specifically established by an __________________ or an ______________ to be kept classified.

Answer 17

EXECUTIVE ORDER ACT OF CONGRESS

Question 18

R.A. 10173 WILL NOT APPLY TO THE FOLLOWING INDIVIDUAL INFORMATIONS (7) :

Answer 18

1. Government Employee Information
2. Government Contractor Information
3. Government Benefits
4. Public Interest Processing(info for journalism,artistic purposes)
5. Public Authority Functions
6. Financial Institutions
7. Foreign Data Processing

Question 19

Section 8 of the **Data Privacy Act ** pertains to what responsibility of the National Privacy Commission

Answer 19

Confidentiality. – The Commission shall ensure at all times the confidentiality of any personal information that comes to its knowledge and possession.

Question 20

The National Privacy Commission shall be attached to or will have with it a Parent Organization named ________________

Answer 20

DEPARTMENT OF INFORMATION AND COMMUNICATIONS TECHNOLOGY (DICT)

Question 21

THE NPC SHALL BE HEADED BY THE FOLLOWING OFFICERS

Answer 21

1. ONE PRIVACY COMMISSIONER
2. TWO DEPUTY PRIVACY COMMISSIONERS

(3 year terms with possible reappointment of 1 times)
PRIVACY COMMISSIONER at least 35 Y.O.

Question 22

THE 4 MAIN RESPONSIBILITIES OF THE NATIONAL PRIVACY COMMISSION

(went through bard)

Answer 22

• ENFORCEMENT (a-d)
• MONITORING AND ADVOCACY (e-h)
• REGULATION AND GUIDANCE (j-m)
• INTERNATIONAL COOPERATION (n-q)

Question 23

According to Section 10 of the Data Privacy Act of 2012, the commission is authorized to establish a _____________

Answer 23

SECRETARIAT

Question 24

THE DATA PRIVACY ACT WAS APPROVED IN

Answer 24

AUGUST 15, 2012

Question 25

THE DATA PRIVACY ACT HEARING BEGUN IN

Answer 25

JULY 25, 2011

Question 26

THE NATIONAL PRIVACY COMMISSION WAS FORMED IN

Answer 26

MARCH 07, 2016

Question 27

THE CURRENT PRIVACY COMMISSIONER OF THE NATIONAL PRIVACY COMMISSION IS

Answer 27

JOHN HENRY NAGA

Question 28

ENUMERATE ALL THE CHAPTERS

Answer 28

1. GENERAL PROVISIONS
2. THE NATIONAL PRIVACY COMMISSION
3. PROCESSING OF PERSONAL INFORMATION
4. RIGHTS OF THE DATA SUBJECT
5. SECURITY OF PERSONAL INFORMATION
6. ACCOUNTABILITY FOR TRANSFER OF PERSONAL INFORMATION
7. SECURITY OF SENSITIVE PERSONAL INFORMATION IN GOVERNMENT
8. PENALTIES
9. MISCELLANEOUS PROVISIONS

Question 29

Penalties on Accessing Personal Information and Sensitive Information

Answer 29

(1-3 yrs imprisonment & 500k - 2 million pesos)

Question 30

Penalties on Accessing Sensitive information (ONLY)

Answer 30

3-6 yrs imprisonment & 500k - 4 million fines

Question 31

Penalties on Unauthorized Processing of Personal Information due to Negligence

Answer 31

(1-3 yrs imprisonment & 500k - 2 million pesos)

Question 32

Penalties on unauthorized processing of personal sensitive information due to Negligence

Answer 32

3-6 yrs imprisonment & 500k - 4 million fines

Question 33

Penalties on Improper Disposal of Personal Information

Answer 33

6 months - 2 years
100k - 500k pesos fines

Question 34

Penalties on Improper Disposal of Sensitive Information

Answer 34

1 - 3 years imprisonment
100k - 1 million pesos fines

Question 35

Penalties for Processing of Personal Information (Unauthorized Purposes)

Answer 35

1, 6 months up to 5yrs imprisonment
500k - 1 million fines

Question 36

Penalties for Processing of Sensitive Personal Information (Unauthorized Purposes)

Answer 36

2-7 years imprisonment
500k - 2 million pesos fines

Question 37

Penalties on Unauthorized Access or Intentional Breach

Answer 37

1-3 years imprisonment
500k - 2 million pesos fines

Question 38

Penalties on Concealment of Security Breaches Involving Sensitive Personal Information.

Answer 38

1 year 6 months up to 5 years imprisonment
500k - 1 million pesos fines

Question 39

Penalties on Malicious Disclosure

Answer 39

1 years 6 months up to 5 years imprisonment
500k - 1 million pesos fines

Question 40

Penalties on Unauthorized Disclosure

Answer 40

1 - 3 years imprisonment
500k - 1 million pesos fines

Question 41

Penalties of Unauthorized Disclosure towards Personal Information Controllers/Processors

Answer 41

3-5 years imprisonment
500k - 2 million pesos fines

Question 42

A simultaneous violation of both Section 25 or the Unauthorized Processing and Section 32 or Unauthorized Disclosure will have a penalty of

Answer 42

3-6 years imprisonment
1 million - 5 million pesos fines

Question 43

The maximum penalty in the scale of penalties respectively provided for the
preceding offenses shall be imposed when the personal information of at least ____________
persons is harmed, affected or involved as the result of the above mentioned actions.

Answer 43

100 persons