MID-TERM EXAMINATION

INFORMATION MANAGEMENT SYSTEM

NAME: BIAG, BERNARDO GAVIOLA MAED-IE

Instruction: Choose only 10 questions among the 3 topics presented below and discuss them
comprehensively.
1. Who is vulnerable to digital safety and security?
 Almost everyone who uses the internet and other forms of technology in the
modern world is at risk from threats to their online safety and security.
However, due to a number of variables, including their level of technological
proficiency, the nature of their online activities, and the sensitivity of the
information they share or store online, some groups are more vulnerable than
others. Children and teenagers are one demographic that is particularly at risk
from threats to online safety and security. Although a large number of today's
youth have grown up using the internet and social media, they may lack the
skills or experience to recognize potential online risks or defend themselves
from harm. For instance, they might not comprehend the significance of using
secure passwords, avoiding dubious links and downloads, or exercising
caution when disclosing private information online. Young people might also
be more vulnerable to online grooming or cyberbullying, which can have
detrimental emotional and psychological effects. Older adults are another
demographic that is at risk from threats to digital safety and security. Because
many seniors may not have grown up using technology or may have only had
limited experience with it, they are more vulnerable to online fraud, identity
theft, and scams. Additionally, they might be less likely to use security tools
like two-factor authentication or to update their software and antivirus
software. People with disabilities, low-income people who might have less
access to secure devices or networks, and members of marginalized groups
who might be the target of online harassment or discrimination are some other
vulnerable groups. In general, it's important that everyone should understand
the risks and take precautions to stay safe online. This entails creating strong
passwords, exercising caution when disclosing personal information, updating
software, and remaining alert to any threats or scams that might be present.
Additionally, it is crucial for parents, guardians, and educators to support and
educate children and other vulnerable groups in order to keep them safe
online.
2. What is phone internet safety and give specific examples.
 Internet safety on a mobile device, such as a smartphone or tablet, refers to the
precautions taken to safeguard oneself from potential risks and threats. To
protect themselves, people can follow a number of specific examples of phone
internet safety measures, like:
i. The first line of defense against unauthorized access to your device and
online accounts is the use of strong passwords. It's crucial to avoid
 using personal information like names or birthdays when creating
passwords for each account and to use strong, unique passwords
instead.
ii. By requiring a code or verification from a different device or app in
addition to a password, two-factor authentication adds an extra layer of
security.
iii. Updating your phone's operating system and apps will help to ensure
that any known bugs or vulnerabilities are fixed and the system is
functioning as securely as possible.
iv. Using public Wi-Fi with caution: Public Wi-Fi networks can be
insecure and can be exploited by criminals to steal sensitive data. It's
best to avoid using public Wi-Fi networks for sensitive tasks like
online banking or shopping, or to encrypt your connection using a
virtual private network (VPN).
v. Being cautious when downloading apps: Make sure to do your
homework on any apps you plan to download and read reviews to
make sure they are reputable and secure. Additionally, refrain from
clicking on links shared via email or text messages or downloading
apps from unofficial app stores.
vi. Avoid clicking on suspicious links: Be wary of clicking on links sent to
you via email or text messages as they may take you to phishing
websites intended to steal your personal information or infect your
device with malware.
vii. Enabling phone security features: The majority of phones come
equipped with encryption and biometric authentication (such as
fingerprint or facial recognition). To protect your device and data in the
event that it is lost or stolen, it is crucial to enable these features.
People can help safeguard themselves from potential risks and threats
while using their mobile devices to access the internet by taking these and
other phone internet safety measures.
3. What are the signs your computer and phone have been hacked?
 There are a number of indicators that your computer or phone has been
compromised. Here are some typical warning signs that your device may have
been hacked:
i. A sign that someone has gained unauthorized access to your device is
if your computer or phone suddenly starts to run slowly or stops
responding.
ii. Unusual pop-ups: If you suddenly begin to see pop-ups,
advertisements, or error messages that you have never seen before,
your device may have been compromised.
iii. Unauthorized account activity may be a sign that your account has
been hacked if you notice any unusual activity on your online
accounts, such as login attempts from unknown locations or changes to
your account settings that you didn't make.
 iv. Strange emails or messages: If you get odd or suspicious emails or
messages, your email or messaging accounts may have been
compromised.
v. Device settings changes: If you discover settings or applications on
your device that you didn't make, it's possible that someone else has
accessed it.
vi. Unfamiliar programs or files could be a sign of a hack if you discover
them on your device and don't recall downloading or installing them.
vii. Increased network activity may be an indication that someone is using
your device improperly if you notice an increase in data usage or
network traffic on your device.
It's crucial to act right away if you think your device has been
compromised in order to limit the harm. This might entail updating your
antivirus software, changing your passwords, or getting professional assistance
from a cybersecurity specialist.
4. What is the difference between a broadband internet connection and point to
point network?
 Broadband internet connection and point-to-point network are two different
types of network connections that are used for different purposes.
A broadband internet connection is a high-speed internet connection
that is typically delivered over cable, DSL, or fiber-optic lines. It provides a
large amount of bandwidth that can be shared by multiple devices within a
home or business. Broadband internet connections are commonly used for web
browsing, streaming media, online gaming, and other applications that require
high-speed internet access.
On the other hand, a point-to-point network is a dedicated network
connection that is used to connect two or more devices together. Point-to-point
networks are typically used for transferring large amounts of data between
devices, such as in a corporate environment or in a data center. They provide a
high-speed, reliable connection that is not shared with other devices.
The main difference between a broadband internet connection and a
point-to-point network is that broadband internet is a shared connection that is
used by multiple devices to access the internet, while a point-to-point network
is a dedicated connection between two or more devices that is used for
transferring data between them.
In summary, a broadband internet connection is a high-speed
connection that is shared among multiple devices for accessing the internet,
while a point-to-point network is a dedicated connection between two or more
devices that is used for transferring data between them.
5. What is the downside of pocket Wi-Fi?
 Pocket Wi-Fi, also known as a mobile hotspot, allows users to connect to the
internet using a wireless connection. While it has several benefits, there are
also some downsides to using a pocket Wi-Fi: First is the Limited battery life:
Pocket Wi-Fi devices require batteries to function, and these batteries have
 limited life. Users need to ensure that the battery is charged at all times, or
they may lose access to the internet. Second, Limited coverage: The coverage
of a pocket Wi-Fi device is limited to the area in which the device is being
used. If the user is in a remote area with no cell tower, they will not be able to
access the internet. Third is the Limited bandwidth: Pocket Wi-Fi devices have
a limited amount of bandwidth, and the speed may be slower than a wired
connection. This can result in slower download and upload speeds, which can
be frustrating for users. Fourth, Security concerns: Since pocket Wi-Fi devices
use wireless connections, they are more vulnerable to hacking and cyber-
attacks. Users must take extra precautions to secure their connection and
protect their data. And lastly, the Additional cost: Pocket Wi-Fi devices are not
free, and users must pay a monthly fee for the service. This can be an
additional expense that some users may not be willing to incur.
6. What is Republic Act 10173 or the Data Privacy Act of 2012?
 Republic Act 10173, also known as the Data Privacy Act of 2012, is a law in
the Philippines that regulates the collection, use, storage, and protection of
personal data by both government and private organizations. It was enacted on
August 15, 2012, and its implementing rules and regulations (IRR) took effect
on September 8, 2016.
The main objectives of the Data Privacy Act are to:
1. Protect the fundamental human right of privacy and ensure the
free flow of information for the public interest
2. Establish a regulatory framework for the processing of personal
data
3. Define and penalize the offenses relating to personal data
4. Promote transparency and accountability among personal
information controllers and processors
The Data Privacy Act requires personal information controllers (PICs)
and personal information processors (PIPs) to implement measures to protect
personal data against unauthorized access, use, disclosure, destruction, and
other unlawful processing. It also provides data subjects with the right to be
informed, right to access, right to object, right to erasure or blocking, and right
to damages.
7. Who is the responsible agency for data privacy protection?
 The National Privacy Commission (NPC) is the responsible agency for data
privacy protection in the Philippines. The NPC is an independent regulatory
body created under the Data Privacy Act of 2012, and its primary role is to
oversee and enforce the provisions of the law.
The NPC's responsibilities include:
1. Developing and implementing policies, guidelines, and
procedures for the protection of personal data
2. Receiving and investigating complaints related to data privacy
violations
 3. Conducting periodic review and assessment of personal
information controllers' and processors' compliance with the
Data Privacy Act
4. Providing assistance and guidance to personal information
controllers and processors in complying with the law
5. Conducting and promoting education and awareness programs
on data privacy protection
The NPC also has the power to impose fines and penalties to
organizations that violate the provisions of the Data Privacy Act, as well as to
order the suspension or revocation of their registration or accreditation. The
NPC plays a critical role in ensuring that personal data is protected and that
individuals' privacy rights are respected in the Philippines.
8. What is the privacy rule of privacy accountability?
 The Privacy Rule of Privacy Accountability is a principle of data privacy that
requires organizations to take responsibility for protecting the personal
information they collect and process. This principle is a key component of
many privacy laws, including the Data Privacy Act of the Philippines.
Under the Privacy Rule of Privacy Accountability, organizations are
responsible for:
1. Developing and implementing policies and procedures for
protecting personal information
2. Ensuring that personal information is collected and processed
only for lawful and legitimate purposes
3. Informing individuals about the collection and use of their
personal information, and obtaining their consent when
necessary
4. Taking appropriate measures to ensure the accuracy,
completeness, and confidentiality of personal information
5. Establishing appropriate safeguards to protect personal
information against unauthorized access, use, or disclosure
6. Conducting regular reviews and assessments of their privacy
policies and practices to ensure ongoing compliance with
applicable laws and regulations
Organizations that fail to comply with the Privacy Rule of Privacy
Accountability may face legal and financial consequences, such as fines,
penalties, and reputational damage. By taking accountability for the protection
of personal information, organizations can establish trust with their
stakeholders and demonstrate their commitment to privacy and data
protection.
9. What is the legal liability of data privacy compliance?
 Legal liability for data privacy compliance refers to an organization's
obligation to uphold all applicable privacy laws and regulations as well as the
potential repercussions of doing so. Depending on the severity and nature of
 the privacy violation, legal liability may include civil, administrative, or
criminal liability.
Personal information controllers and processors are subject to fines and
penalties under the Data Privacy Act of the Philippines if they break the law's
rules. For serious infractions, such as processing personal data without the
consent of the data subject or failing to put security measures in place to
protect personal data, the NPC may levy a fine of up to PHP 5,000,000.
Organizations may be subject to legal liability in the form of civil
lawsuits or administrative actions in addition to fines and penalties. For
damages resulting from a privacy violation, such as the misuse or
unauthorized disclosure of personal information, data subjects may bring a
civil lawsuit. The NPC may also order administrative actions, such as halting
the processing of personal data or correcting or erasing data that has been
improperly processed.
Extreme privacy violations, such as the malicious or intentional
disclosure of personal information or hacking of personal information systems,
may subject organizations to criminal prosecution. In addition to other
penalties, criminal responsibility can result in jail time or fines.
In general, the importance of organizations taking appropriate steps to
protect personal information and to comply with applicable privacy laws and
regulations is emphasized by legal liability for data privacy compliance in
order to avoid legal and financial repercussions.
10. What are the rights of the data subjects?
 The following rights are granted to data subjects by the Philippine Data
Privacy Act:
i. Right to information - Data subjects have a right to information about
how their personal information is collected, processed, and shared,
including the reasons why and the legal justifications for doing so.
ii. Right to access - Individuals have the right to access the personal
information that is being processed about them by an organization, as
well as details about how it was collected, why it is being processed,
and who it has been disclosed to.
iii. Right to object - Data subjects have the right to object when their
personal information is processed for direct marketing or profiling.
iv. Right to erasure or blocking - Data subjects have the right to ask that
any outdated, inaccurate, incomplete, or improperly obtained or
processed personal information about them be removed from
existence.
v. Damages rights - When a company violates a data subject's privacy
rights, that person has the right to sue for compensation for any harm
or injury they may have endured.
vi. Right to data portability - Subject to certain restrictions, data subjects
have the right to obtain their personal information in a structured,
 generally accepted, and machine-readable format and transfer it to
another organization.
vii. Right to notification - Data subjects have the right to receive
notification in the event that their rights and freedoms may have been
compromised as a result of a personal data breach.
The Data Privacy Act places restrictions and conditions on how these
rights can be exercised, and organizations are required to set up processes that
make it easier for data subjects to do so.