Which of the following is not required by an organization in US, resorting to EU-US Safe Harbor provisions,
to transfer personal information from EU member nation to US?

Privacy enhancing tools aim to allow users to take one or more of the following actions related to their personal data that is sent to, and used by online service providers, merchants or other users:
i. Increase control over their personal data
ii. Choose whether to use services anonymously or not
iii. Obtain informed consent about sharing their personal data
iv. Opt-out of behavioral advertising or any other use of data
Please select correct option from below:

For negligence in implementing and maintaining the reasonable security practices and procedures for
protecting Sensitive Personal Data or Information (SPDI) as mentioned in Section 43A and associated rules
under IT (Amendment) Act, 2008, a corporate entity may be liable to pay compensation of up to___________

A company collects personal information about its employees and requests them to provide accurate
information in order to avail benefits such as life insurance and medical insurance. Employees of the
company have raised concerns about use of their personal information. Due to the concerns, the company
has decided to create a privacy policy. What all should the company include in its privacy policy to address
the raised concerns?

From the following list, select the element (elements) that comprise APEC's cross border privacy rules system: