Venus M.

Atienza
BSA 411

Quiz

Instructions:

 Read the given scenarios.

1. You are a new brand manager for a product line of Coach purses. You are considering the purchase
of customer data from a company that sells a large variety of women’s products online. In addition
to the name, mailing address, and e-mail address of customers, the data provides an approximate
estimate of customers’ annual income based on the zip code in which they live, census data, and
the highest level of education achieved. You could use the estimate of annual income to identify
likely purchasers of your high-end purses and use e-mail addresses to send e-mails announcing the
new product line and touting its many features. List the advantages and disadvantages of such a
marketing strategy. Would you recommend this means of promotion in this instance? Why or why
not?
The advantage is that it takes less time to promote or advertise their product since when they
endorse it along with its new features, the information is automatically sent to those customers. They
also don’t need more money in the advertisement to promote or endorse the products. They can also
estimate the possible customers of their product because of the available customer’s data. The
disadvantage is that if only a few customers' data would be purchased, only a few people would be
aware of their new offering. Also, given the customer data I purchased focuses primarily on women,
this just means that product advertising is confined to women because they are the only ones who
can see the ad in their emails. There is a limited target customer who can buy or purchase the
product. As a brand manager, I will not recommend this means of promotion because, aside from the
fact that it is unethical because it involves data breaching, it is also not practical or effective for
making product promotions because this marketing strategy relies on the customer data that you
have purchased and comparing it to your product. In addition, this means of promotion cannot reach
the wide variety of target customers and also the customer data that the manager the purchase from
a company that sells a large variety of women’s products online is not a good source of information
and the information is not enough to promote the products.

2. When asked about Google releasing personal information to law enforcement agencies, Google’s
CEO Eric Schmidt told CNBC: “If you have something that you don’t want anyone to know, maybe
you shouldn’t be doing it in the first place”. Discuss Mr. Schmidt’s perspective.

If you have something that you don’t want anyone to know, maybe you shouldn’t be doing
it in the first place, but if you really need that kind of privacy, the reality is that search engines
including Google do retain this information for some time, and it’s important. It is possible that that
information could be made available to the authorities. In addition, the social web is about
sharing, but people on the web have at the same time both need to keep their privacy and to
share information about themselves and they seem to be unsure what should not be shared.
Admittedly, challenges with security and privacy have existed ever since people started using
computers, but with the social web these challenges have multiplied. Many of the modern-based
services requires to register or reveal different types of personal information, and the information
systems also record data about user’s online behavior including purchasing patterns. Moreover,
because of the densely connected networks, negative things can happen to a large number of
people at the same time. People also don't seem to realize how strong and pervasive the
internet's information is. An example of these is like if you don't want to share with people what
books you just checked out of the library, maybe you shouldn't check them out. If you don't want
to share with people what you've eaten for lunch, maybe you shouldn't eat it. If you don't want
This study source was downloaded by 100000780804832 from CourseHero.com on 01-20-2022 01:19:17 GMT -06:00

https://www.coursehero.com/file/125742845/Atienza-07-eLMS-Quiz-13docx/
 people to know the contents of the love letter you wrote to your spouse, maybe you shouldn't
write it. With that line of thinking, maybe we should abolish things like doors and curtains -- after
all, if you don't want people to know what activities you are doing in the privacy of your own
home, maybe you shouldn't be doing them.

3. An individual had been involved in an incident inside and outside a Manila restaurant where his
wallet was stolen. He also suffered minor injuries in the incident. He requested access to the
restaurant CCTV footage relating to himself, saying he wants to see all details surrounding the
incident and possibly figure out a way to recover his wallet. He tried to speak to the manager
personally but was referred to the security guard. After a few days of following up on his request, he
was finally informed that the establishment would not provide him any data. This infuriated him and,
upon going back to the restaurant, he demanded his right to view the footage or else he would
create a scene. He was told that, as per their security policy, no “outsider” is allowed to enter areas
in their establishment designated only as “for employees only”. As a compromise, the manager said
they would give him a record of the footage using the customer’s handheld gadget. What data
privacy right is being exemplified? How would you react to the actions of the person requesting the
footage and restaurant management?

The data privacy right that is being exemplified is the right to access which is the right to
find out whether an organization holds any personal data about you and if so, gain “reasonable
access” to them. Through this right, you may also ask them to provide you with a written
description of the kind of information they have about you as well as their purpose/s for holding
them. Under the Data Privacy Act of 2012, you have a right to obtain from an organization a copy
of any information relating to you that they have on their computer database and/or manual filing
system. It should be provided in an easy-to-access format, accompanied with a full explanation
executed in plain language. In this case the individual who had been involved in the incident have
the right to access in the restaurant CCTV footage relating to himself but he must request in a
proper way which is according to Data privacy Act of 2012.

The actions of the person requesting the footage is not appropriate or not ethical because
an individual threaten the management in the restaurant that he would create a scene if they didn’t
provide a copy of the footage. In this case an individual who had been involved in an incident must
execute a written request to the organization, addressed to its Data Protection Officer (DPO). In
the letter, mention that your request is being made in exercise of your right to access under the
Data Privacy Act of 2012. The DPO is required to respond to your written request. Be prepared to
provide evidence of your identity, which the DPO should require of you to make sure that personal
information is not given to the wrong person. If your request was not granted, or if you feel your
request was not sufficiently addressed, you may file a formal complaint with the NPC. Before doing
so, however, we recommend that you inform the organization and it’s DPO of your intention to
formally complain to the NPC. They might be able to the opportunity to apologize, better explain
their position, or reconsider your request.

The action of the restaurant management shows that they only follow to the company’s
policy because as per their security policy, no “outsider” is allowed to enter areas in their
establishment designated only as “for employees only”. As a compromise, the manager said they
would give him a record of the footage using the customer’s handheld gadget.

4. You are the Chief Privacy Officer of a midsized manufacturing company, with sales of more than
Php250 million per year and almost Php50 million from online sales. You have been challenged by
the vice president of sales to change the company’s website data privacy policy from an opt-in
policy to an opt-out policy and allow the sale of customer data to other companies. The vice
president has estimated that this change would bring in at least Php5 million per year in added
revenue with little additional expense. How would you respond to this request?

As Chief Privacy Officer of midsized manufacturing company and I have been challenged
by the vice president of sales to change the company’s website data privacy policy from an opt-in
This study source was downloaded by 100000780804832 from CourseHero.com on 01-20-2022 01:19:17 GMT -06:00
 policy to an opt-out policy and allow the sale of customer data to other companies. This request
would not be a problem for me as long as several conditions are met. First and foremost, I would
make sure that it is clear on how a user is able to opt out of having their data collected. I would
add a feature that makes it very easy and intuitive for the user to select the 'No' option while also
having the default choice checked as a 'Yes' rather than a 'No'. Second, I would include a short
description to the setting that explains explicitly that customers will be sold to third-party affiliates.
To make the choice description blend into the menu, I would use a smaller, slightly ghosted
typeface. It is the users' responsibility to read each option and comprehend what they are
committing to.

5. Do you think that people are more cautious with the use of information now that the Data Privacy
Act is in place in the Philippines? Explain your answer.

Yes. I think people are more cautious with the use of information now that the Data Privacy
Act is in place in the Philippines. The world continues its development; inventing and improvising
technology for more convenient, effective and advanced living. This advancement made us to
cope-up the changes and embrace technology as part of everyday living. However alongside with
the booming of technology security and protection of data such as personal information are being
compromised. This issue is quite alarming making the Philippine government to make actions on
this problem and passing the Data Privacy Act of 2012 which is to protect the fundamental human
right of privacy of communication while ensuring free flow of information to promote innovation and
growth. The act is broadly applicable to individual and legal entities that processes personal
information, it applies on the Filipino citizens resides on the country however it is limited and not
applicable to those residents of foreign jurisdiction. The act clearly states that collection of
personal data must be declared, specified and with legitimate purpose, further it must have
consent required before collecting the personal data.

The Data Privacy Act of 2012 is a positive thing because it aims to safeguard citizens and
is very concerned about their privacy. The act's existence demonstrates that we should be
cautious about sharing information, particularly sensitive information that might be exploited
against us, particularly on the internet. It is only fair to have consent for the various types of
information being gathered, so that we have control over our own data and no such sensitive data
is imposed on us. Citizens will feel more secure knowing that there is a law and a committee in
place to tackle the growing threat of personal data breaches and processes with legal backing.
Without these laws, personal information is vulnerable to misuse, which can not only lead to a
breach of privacy but to cybercrimes like identity theft and transaction fraud, as well. People are
more cautious because they are aware of having specific, legitimate, and reasonable purpose for
collecting personal data. For example, they need to inform their customers that their personal data
will be collected and the purpose for the collection of data. Customers can agree or disagree to
have their data collected

GRADING RUBRIC (5 items x 10 points):

This study source was downloaded by 100000780804832 from CourseHero.com on 01-20-2022 01:19:17 GMT -06:00