Follow the attached direction to complete this work
Unit 7 Discussion
Overview
Consider this scenario: PQR Corporation provides facial recognition technology to customers. Its products include customer access to consumer electronics as well as mass surveillance capabilities through networked camera systems. While operating legally, PQR has maintained a low profile to avoid public controversy. It has come to light that PQR has a high error rate in properly identifying people of color, and several instances of misidentification have led to wrongful detentions or arrests. PQR is concerned about the ethical implications of its products and seeks advice.
Discussion Prompts
1.
Mandatory Prompt
· How are individual privacy concerns balanced with law enforcement needs?
2.
Choose One Additional Prompt
· What laws or regulations exist to limit the use of mass surveillance?
· What ethical or moral concerns should employees have, and where can they report them?
3. As you craft your posts, be sure to visit resources that can help support your ideas. One key point to consider is your audience. Here is a resource that may help
Audience. Another useful resource is the Academic Integrity Tutorial. In particular, you might want to visit
Module 3: Writing Well With Sources and
Module 4: Giving Credit Where Credit is Due – Attribution and Citation.
Unit 8 Discussion
Overview
XYZ Corporation operates in the technology sector, providing software solutions and services to clients globally. The implementation of the GDPR in 2018 posed significant challenges for the organization because it handles large volumes of personal data.
· Data Inventory and Mapping: XYZ Corporation had to conduct a comprehensive data inventory and mapping exercise to identify and document all personal data processed across its systems and departments. This involved understanding data flows and data sharing agreements and established a lawful basis for data processing.
· Consent Management: The organization needed to review its consent mechanisms to ensure that they aligned with GDPR requirements. This included revising consent forms, implementing procedures to record and manage consent withdrawal, and ensuring explicit consent for specific data processing purposes.
· Data Subject Rights: Complying with GDPR necessitated establishing processes to handle data subject rights requests including access, rectification, erasure, and data portability. XYZ Corporation had to streamline its internal procedures to respond to these requests within the mandated timeframes.
· Vendor Management: The organization had to assess its relationships with third-party vendors and service providers to ensure their compliance with the GDPR. This involved reviewing data processing agreements, conducting due diligence, and monitoring vendor adherence to data protection requirements.
· Data Protection by Design and Default: XYZ Corporation had to implement privacy-by-design principles into its product development lifecycle to ensure that data protection and privacy were considered from the early stages of design and throughout the entire data processing lifecycle.
· Data Breach Response: The organization needed to establish an effective incident response plan to detect, assess, and respond to data breaches. This involved implementing procedures for incident reporting, breach notification to supervisory authorities and affected individuals, and conducting post-incident reviews.
Discussion Prompts
1. Mandatory Prompt
· How would XYZ Corporation appoint a dedicated data protection team to help promote good governance and accountability?
2. Choose One Additional Prompt
· How can employee training raise awareness about GDPR principles, data protection responsibilities, and the importance of privacy? What specific provisions should be a part of that training?
· How does the GDPR require the protection of data transfers, and what are the important legal, regulatory, and ethical frameworks that need to be considered under the GDPR?
