CISSP · Question #1138
The acquisition of personal data being obtained by a lawful and fair means is an example of what principle?
The correct answer is D. Collection Limitation Principle. The Collection Limitation Principle governs how personal data is gathered, requiring it to be obtained through lawful and fair means, often with the knowledge or consent of the data subject.
Question
The acquisition of personal data being obtained by a lawful and fair means is an example of what principle?
Options
- AData Quality Principle
- BOpenness Principle
- CPurpose Specification Principle
- DCollection Limitation Principle
How the community answered
(38 responses)- A5% (2)
- B3% (1)
- D92% (35)
Why each option
The Collection Limitation Principle governs how personal data is gathered, requiring it to be obtained through lawful and fair means, often with the knowledge or consent of the data subject.
The Data Quality Principle pertains to ensuring that collected personal data is accurate, complete, current, and relevant to the purpose for which it is used, not to the method of collection.
The Openness Principle requires that organizations maintain transparency about their data practices, policies, and the existence of personal data stores, rather than addressing how data is collected.
The Purpose Specification Principle requires that the purposes for which personal data is collected be specified at or before the time of collection, focusing on why data is gathered rather than the lawfulness of the collection method.
The Collection Limitation Principle, rooted in the OECD Privacy Guidelines, directly addresses the manner in which personal data is collected. It stipulates that data collection must be done by lawful and fair means, and where appropriate, with the knowledge or consent of the data subject. This principle sets boundaries on the act of gathering data itself, not on its use or quality.
Concept tested: OECD Collection Limitation Principle for personal data
Source: https://www.oecd.org/sti/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm
Topics
Community Discussion
No community discussion yet for this question.