Exam CIPM topic 1 question 30 discussion

In the United States, there is no single federal-level data protection oversight authority equivalent to what exists in many other jurisdictions.

C is not the answer because - The APEC Privacy Framework set in motion the process of creating the APEC Cross-Border Privacy Rules system. The CBPR system has now been formally joined by the United States, Canada, Japan and Mexico, with more nations soon to follow. The CBPR program is analogous to the EU-U.S. Privacy Shield in that they both provide a means for self-assessment, compliance review, recognition/acceptance and dispute resolution/enforcement. Both systems require the designation by each country of a data protection authority (the U.S. enforcement authority is the Federal Trade Commission). Source - https://iapp.org/news/a/gdpr-matchup-the-apec-privacy-framework-and-cross-border-privacy-rules

APAC privacy framework does not mandate national data protection authority by each member country.

C D not correct apec suggest not require

There is no federal privacy law in the US and hence no central enforcement

APEC Principle 43 says the following: Member Economies should designate and make known to the other Member Economies the public authorities within their own jurisdictions that will be responsible for facilitating cross-border cooperation and information sharing between economies in connection with privacy protection.

See https://iapp.org/news/a/gdpr-matchup-the-apec-privacy-framework-and-cross-border-privacy-rules/ : "Both systems require the designation by each country of a data protection authority (the U.S. enforcement authority is the Federal Trade Commission)."

Reference: https://www.priv.gc.ca/en/opc-actions-and-decisions/ar_index/201617/ar_201617/

C is the answer

C - OPC does not have authority to impose fines

C is the answer

Letra C: Nos Estados Unidos, a privacidade e a proteção de dados são regulamentadas por uma combinação de leis federais e estaduais, e são supervisionadas por várias agências, dependendo do setor e do tipo de dados. No entanto, ao contrário de muitos outros países, os Estados Unidos não têm uma única agência ou autoridade central de supervisão de privacidade.

should be D