U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IAPP CIPP-E Exam - Topic 3 Question 119 Discussion

What was the main failing of Convention 108 that led to the creation of the Data Protection Directive (Directive 95/46/EC)?
C) It was implemented in a fragmented manner by a small number of states.
A) IT did not account for the rapid growth of the Internet
B) It did not include protections for sensitive personal data
D) Its penalties for violations of data protection rights were widely viewed as r sufficient.

IAPP CIPP-E Exam - Topic 3 Question 119 Discussion

Actual exam question for IAPP's CIPP-E exam
Question #: 119
Topic #: 3
[All CIPP-E Questions]

What was the main failing of Convention 108 that led to the creation of the Data Protection Directive (Directive 95/46/EC)?

Show Suggested Answer Hide Answer
Suggested Answer: C

Convention 108 was the first legally binding international instrument in the data protection field, adopted by the Council of Europe in 19811.However, it had some limitations that led to the creation of the Data Protection Directive (Directive 95/46/EC) by the European Union in 19952.One of the main failings of Convention 108 was that it was implemented in a fragmented manner by a small number of states, resulting in divergent and inconsistent national laws and practices3.The Data Protection Directive aimed to harmonize the data protection rules within the EU and to ensure a high level of protection for individuals' rights and freedoms2. Therefore, option C is the correct answer.Option A is incorrect because Convention 108 did account for the rapid growth of the Internet by allowing for amendments and protocols to adapt to technological developments1.Option B is incorrect because Convention 108 did include protections for sensitive personal data, such as those revealing racial origin, political opinions, religious beliefs, health, or sexual life1.Option D is incorrect because Convention 108 did not prescribe specific penalties for violations of data protection rights, but left it to the Parties to adopt appropriate sanctions and remedies1.Reference:

Convention 108 and Protocols

CIPP/E Certification

Convention 108+ and the Data Protection Framework of the EU


by Fernanda at Mar 31, 2026, 05:56 AM

Limited Time Offer

25%

Off

Get Premium CIPP-E Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Aleshia
1 month ago
Totally agree, that was a huge oversight!
upvoted 0 times
...
Lewis
2 months ago
It didn't account for the rapid growth of the Internet.
upvoted 0 times
...
Silvana
2 months ago
I think the penalties for violations were definitely seen as insufficient, but I’m not sure if that was the primary reason for the Directive's creation.
upvoted 0 times
...
Kris
2 months ago
I recall a practice question that mentioned the fragmented implementation by states. It could be a reason, but I’m not confident if it was the main failing.
upvoted 0 times
...
Kayleigh
3 months ago
I'm not entirely sure, but I feel like it might have been about the lack of protections for sensitive personal data. That seems like a big deal, right?
upvoted 0 times
...
Kristal
3 months ago
I think the main issue with Convention 108 was that it didn't really address the rapid growth of the Internet. I remember discussing how that led to gaps in protection.
upvoted 0 times
...

Save Cancel