Question 1

A mobile device application that uses cookies will be subject to the consent requirement of which of the following?

Options :

A : The ePrivacy Directive

B : The E-Commerce Directive

C : The Data Retention Directive

D : The EU Cybersecurity Directive

Answer: A

Question 2

Why is advisable to avoid consent as a legal basis for an employer to process employee data?

Options :

A : Employee data can only be processed if there is an approval from the data protection officer.

B : Consent may not be valid if the employee feels compelled to provide it.

C : An employer might have difficulty obtaining consent from every employee.

D : Data protection laws do not apply to processing of employee data.

Answer: B

Question 3

A German data subject was the victim of an embarrassing prank 20 years ago. A newspaper website published an article about the prank at the time, and the article is still available on the newspaper's website. Unfortunately, the prank is the top search result when a user searches on the victim's name. The data subject requests that SearchCo delist this result. SearchCo agrees, and instructs its technology team to avoid scanning or indexing the article. What else must SearchCo do?

Options :

A : Notify the newspaper that its article it is delisting the article.

B : Fully erase the URL to the content, as opposed to delist which is mainly based on data subject-s name.

C : Identify other controllers who are processing the same information and inform them of the delisting request.

D : Prevent the article from being listed in search results no matter what search terms are entered into the search engine.

Answer: A

Question 4

What is the key difference between the European Council and the Council of the European Union?

Options :

A : The Council of the European Union is helmed by a president.

B : The Council of the European Union has a degree of legislative power.

C : The European Council focuses primarily on issues involving human rights.

D : The European Council is comprised of the heads of each EU member state.

Answer: D

Question 5

According to the GDPR, Article 4(14), biometric data is defined as:

"Personal data resulting from specific technical processing relating to the ___ characteristics of a natural person."

Which term could NOT be placed in the above definition?

Options :

A : Physiological.

B : Physical.

C : Intellectual.

D : Behavioral

Answer: C