Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

BCS Exam PDP9 Topic 2 Question 27 Discussion

Actual exam question for BCS's PDP9 exam
Question #: 27
Topic #: 2
[All PDP9 Questions]

What is the basis of the accountability and data governance obligation (Article 5 (2) of the GDPR)?

Show Suggested Answer Hide Answer
Suggested Answer: C

The principle of transparency requires that any processing of personal data is fair, lawful and transparent to the data subjects. This means that data subjects should be informed about the existence, nature, purpose and consequences of the processing, as well as their rights and choices regarding their data. Transparency is essential for ensuring accountability, trust and compliance in data processing. However, the use of AI can pose challenges to the principle of transparency, as AI can lead to invisible processing, with data subjects not being aware of its presence, or the logic, significance and implications of the processing. For example, AI can be used to profile, infer, predict or influence the behaviour, preferences, interests, emotions or personality of data subjects, without their knowledge or consent. AI can also be used to make automated decisions that affect data subjects, such as credit scoring, recruitment, health diagnosis or social benefits, without providing meaningful explanations or opportunities for human intervention.Therefore, it is important to ensure that data subjects are informed and empowered when AI is involved in the processing of their data, and that they can exercise their rights, such as the right to access, rectify, object, restrict, erase or port their data, or the right to challenge or contest automated decisions56.Reference:

Guidance on AI and data protection5

Explaining decisions made with AI6


by Wilford at Nov 14, 2024, 02:00 PM

Limited Time Offer

25%

Off

Get Premium PDP9 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Genevieve
6 hours ago
Option B all the way! The controller is the one holding the bag, so they better be able to prove they're doing it right. Wouldn't want to end up like that guy who got fined for losing track of his data, yikes!
upvoted 0 times
...
Aliza
4 days ago
I think option B is the way to go. The controller has to be able to show they're following the GDPR requirements. Anything less is just asking for trouble!
upvoted 0 times
...
Rosita
7 days ago
Hmm, I'm not sure about option B. Doesn't the GDPR also require controllers to conduct legitimate interests assessments for direct marketing? I'll need to double-check that.
upvoted 0 times
...
Tresa
11 days ago
Option B sounds like the correct answer to me. The controller is responsible for demonstrating compliance with the GDPR principles.
upvoted 0 times
...
Laura
28 days ago
I'm not sure, but I think D) Processors have overarching responsibility to ensure their processing is compliant could also be a valid answer.
upvoted 0 times
...
Earleen
1 months ago
I agree with Markus, it makes sense that the controller should be responsible for ensuring compliance with data protection principles.
upvoted 0 times
...
Markus
1 months ago
I think the basis of the accountability and data governance obligation is B) The controller shall be responsible for and be able to demonstrate compliance with the data protection principles.
upvoted 0 times
...

Save Cancel