U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IAPP CIPP-E Exam - Topic 3 Question 71 Discussion

A news website based m (he United Slates reports primarily on North American events The website is accessible to any user regardless of location, as the website operator does not block connections from outside of the U.S. The website offers a pad subscription that requires the creation of a user account; this subscription can only be paid in U.S. dollars.Which of the following explains why the website operator, who is the responsible for all processing related to account creation and subscriptions, is NOT required to comply with the GDPR?
D) The website cannot block connections from outside the U.S. that use a Virtual Private Network (VPN) to simulate a US location.
A) Payments cannot be made in a European Union currency.
B) The controller does not have an establishment in the European Union.
C) The website is not available in several official languages of European Un on Member States

IAPP CIPP-E Exam - Topic 3 Question 71 Discussion

Actual exam question for IAPP's CIPP-E exam
Question #: 71
Topic #: 3
[All CIPP-E Questions]

A news website based m (he United Slates reports primarily on North American events The website is accessible to any user regardless of location, as the website operator does not block connections from outside of the U.S. The website offers a pad subscription that requires the creation of a user account; this subscription can only be paid in U.S. dollars.

Which of the following explains why the website operator, who is the responsible for all processing related to account creation and subscriptions, is NOT required to comply with the GDPR?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Bette at Jul 05, 2023, 05:47 AM

Limited Time Offer

25%

Off

Get Premium CIPP-E Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rolande
7 months ago
I’m not convinced, seems like a loophole to me.
upvoted 0 times
...
Abraham
7 months ago
Payments in USD doesn't matter for GDPR compliance.
upvoted 0 times
...
Kathrine
7 months ago
Wait, does that really mean they can ignore GDPR?
upvoted 0 times
...
Jolene
8 months ago
Totally agree, B is the right answer!
upvoted 0 times
...
Lorrine
8 months ago
The controller doesn't have an EU establishment, so no GDPR.
upvoted 0 times
...
Stephane
8 months ago
I wonder if the VPN aspect in option D could play a role, but I feel like it’s more about the business's location than the users' methods of access.
upvoted 0 times
...
Daisy
8 months ago
I think we had a practice question about a similar scenario, and it was about the establishment in the EU being a key factor. So, option B seems likely.
upvoted 0 times
...
Marshall
8 months ago
I'm not entirely sure, but I feel like the payment method being in U.S. dollars doesn't really matter for GDPR compliance.
upvoted 0 times
...
Royal
8 months ago
I remember discussing how GDPR applies mainly to businesses with a presence in the EU, so I think option B might be correct.
upvoted 0 times
...
Brittani
9 months ago
This looks like a straightforward question about the Service Abstraction design principle. I think the key is to focus on the definition and identify the correct term that fits.
upvoted 0 times
...
Deonna
9 months ago
Okay, let's see here. I need to make the tablespace read-only, export the metadata, convert the data files, copy everything over, and then import the metadata on the other end. Seems doable, but I'll need to double-check the order of the steps.
upvoted 0 times
...
Thaddeus
9 months ago
Hmm, I'm a bit confused on this one. I know we need to configure the VoIP Service DNs, but I'm not sure if the requirements for the SIP Server and Media Servers are all separate or if some can be combined. I'll have to re-read the question carefully.
upvoted 0 times
...
Mozell
1 year ago
I'm pretty sure the correct answer is that the website operator doesn't have an EU establishment. Unless they're secretly running the site from a villa in the south of France, they should be in the clear.
upvoted 0 times
Izetta
1 year ago
A: Exactly, it's all about jurisdiction and where the website operator is based.
upvoted 0 times
...
Elli
1 year ago
B: Yeah, that makes sense. They can't be held accountable if they're not physically located in the EU.
upvoted 0 times
...
Brinda
1 year ago
A: I think you're right, the website operator not having an EU establishment is probably why they don't have to comply with GDPR.
upvoted 0 times
...
...
Nickie
1 year ago
Oh come on, paying in USD is the key here! Everyone knows GDPR only applies if you accept EU currencies. *wink wink* Nailed it.
upvoted 0 times
Jin
1 year ago
A: Makes sense. It's all about the payment method when it comes to GDPR.
upvoted 0 times
...
Jesusita
1 year ago
B: Exactly, it's all about the currency they accept. That's why they're not required to comply.
upvoted 0 times
...
Elmer
1 year ago
A: Yeah, that's right. If they don't accept EU currencies, they don't have to comply with GDPR.
upvoted 0 times
...
...
Milly
1 year ago
But what about the fact that payments can only be made in U.S. dollars? Could that also be a reason why they are not required to comply?
upvoted 0 times
...
Ozell
1 year ago
That makes sense. If they don't have a presence in the EU, they wouldn't be subject to GDPR regulations.
upvoted 0 times
...
Dulce
1 year ago
I think the website operator is not required to comply with GDPR because they do not have an establishment in the European Union.
upvoted 0 times
...
Olga
1 year ago
Haha, the website can't block VPN users? That's like saying 'my house is accessible to anyone who teleports inside, so I don't have to follow building codes!' Nice try, but I don't think that flies.
upvoted 0 times
Zoila
1 year ago
B) The controller does not have an establishment in the European Union.
upvoted 0 times
...
Leana
1 year ago
A) Payments cannot be made in a European Union currency.
upvoted 0 times
...
...
Emilio
1 year ago
But what about the fact that payments can only be made in U.S. dollars? Could that also be a reason why they are not required to comply?
upvoted 0 times
...
Olive
1 year ago
I'm not sure, the fact that the website is open to anyone regardless of location could still make it subject to GDPR. Hmm, tough call.
upvoted 0 times
...
Joni
1 year ago
That makes sense. If they don't have a presence in the EU, then they wouldn't have to follow GDPR regulations.
upvoted 0 times
...
Lorrie
1 year ago
The website operator not having an establishment in the EU seems like the obvious answer here. GDPR only applies to companies with a presence in the EU, right?
upvoted 0 times
Jaleesa
1 year ago
D: Exactly, that's why they are not required to comply with GDPR.
upvoted 0 times
...
Lanie
1 year ago
C: So, the website operator not having an establishment in the EU exempts them from GDPR compliance.
upvoted 0 times
...
Rolande
1 year ago
B: That makes sense, GDPR applies to companies with a presence in the EU.
upvoted 0 times
...
Lajuana
1 year ago
A: I think the answer is B) The controller does not have an establishment in the European Union.
upvoted 0 times
...
...
Kenneth
1 year ago
I think the website operator is not required to comply with GDPR because they don't have an establishment in the EU.
upvoted 0 times
...

Save Cancel