Free IAPP CIPP-E Exam Questions

Question 1

Start-up company MagicAl is developing an AI system that will be part of a medical device that detects skin cancer. To take measures against potential bias in its AI system, the IT team decides to collect data about users’ ethnic origin, nationality, and gender.Start-up company MagicAl is developing an AI system that will be part of a medical device that detects skin cancer. To take measures against potential bias in its AI system, the IT team decides to collect data about users’ ethnic origin, nationality, and gender.

A : Processing necessary for scientific or statistical purposes.

B : Processing necessary for reasons of substantial public interest.

C : Processing necessary for purposes of preventive or occupational medicine.

D : Processing necessary for the defense of legal claims in potential negligence cases.

Answer: C

Question 2

A German data subject was the victim of an embarrassing prank 20 years ago. A newspaper website published an article about the prank at the time, and the article is still available on the newspaper's website. Unfortunately, the prank is the top search result when a user searches on the victim's name. The data subject requests that SearchCo delist this result. SearchCo agrees, and instructs its technology team to avoid scanning or indexing the article. What else must SearchCo do?

A : tify the newspaper that its article it is delisting the article.

B : lly erase the URL to the content, as opposed to delist which is mainly based on data subject's name.

C : Identify other controllers who are processing the same information and inform them of the delisting request.

D : Prevent the article from being listed in search results no matter what search terms are entered into the search engine.

Answer: A

Question 3

A news website based m (he United Slates reports primarily on North American events The website is accessible to any user regardless of location, as the website operator does not block connections from outside of the U.S. The website offers a pad subscription that requires the creation of a user account; this subscription can only be paid in U.S. dollars.

Which of the following explains why the website operator, who is the responsible for all processing related to account creation and subscriptions, is NOT required to comply with the GDPR?

A : yments cannot be made in a European Union currency.

B : controller does not have an establishment in the European Union.

C : website is not available in several official languages of European Un on Member States

D : website cannot block connections from outside the U.S. that use a Virtual Private Network (VPN) to simulate a US location.

Answer: B

Question 4

What is the key difference between the European Council and the Council of the European Union?

A : Council of the European Union is helmed by a president.

B : Council of the European Union has a degree of legislative power.

C : European Council focuses primarily on issues involving human rights.

D : European Council is comprised of the heads of each EU member state.

Answer: D

Question 5

Start-up company MagicAl is developing an AI system that will be part of a medical device that detects skin cancer. To take measures against potential bias in its AI system, the IT team decides to collect data about users’ ethnic origin, nationality, and gender.Start-up company MagicAl is developing an AI system that will be part of a medical device that detects skin cancer. To take measures against potential bias in its AI system, the IT team decides to collect data about users’ ethnic origin, nationality, and gender.

A : Processing necessary for scientific or statistical purposes.

B : Processing necessary for reasons of substantial public interest.

C : Processing necessary for purposes of preventive or occupational medicine.

D : Processing necessary for the defense of legal claims in potential negligence cases.

Answer: C