A-Z of data protection - C is for ...

A-Z of data protection: terms you need to know

C

Collection
• A stage in the data lifecycle wherein an organisation obtains control or possession of personal data, and is governed by rules specific to each country or jurisdiction
• Collection must NOT be excessive
• Data subject or user must always be informed of the nature, purpose, and extent of processing the data at the collection point

Compliance Officer for Privacy (COP)
• an individual whose function is similar to the Data Protection Officer (DPO), but is in charge of ensuring compliance in the organisation’s sub-units or branches
• often under supervision of the DPO
• This role applies only to the Philippines. A more comprehensive description of the COP can be found here.

confidentiality breach
• a type of data breach which results in unauthorised access to personal data

consent
• any freely given, informed expression of will, whereby the data subject agrees to the collection and processing of personal data about and/or relating to him/her

consent obligation
• an organisation must collect, use, or disclose personal data only for the purposes where consent has been obtained
• An individual is allowed to withdraw consent. Once consent has been withdrawn, the organisation must stop collecting, using, or disclosing the individual's personal data
• one of the 11 data protection obligations under Singapore's Personal Data Protection Act (PDPA)

Critical Information Infrastructure Operator (CIIO)
• entities in public communications and information services, energy, transport, water conservancy, finance, public services, and e-government affairs, wherein a data breach could cause significant damage to China’s national security, economy, social wellbeing, or public interest

cybersecurity
• the practice of protecting networks, programs, devices and data from malicious digital attacks