IAPP Exam CIPP-E Topic 3 Question 71 Discussion

Actual exam question for IAPP's CIPP-E exam

Question #: 71
Topic #: 3

A news website based m (he United Slates reports primarily on North American events The website is accessible to any user regardless of location, as the website operator does not block connections from outside of the U.S. The website offers a pad subscription that requires the creation of a user account; this subscription can only be paid in U.S. dollars.

Which of the following explains why the website operator, who is the responsible for all processing related to account creation and subscriptions, is NOT required to comply with the GDPR?

APayments cannot be made in a European Union currency.

BThe controller does not have an establishment in the European Union.

CThe website is not available in several official languages of European Un on Member States

DThe website cannot block connections from outside the U.S. that use a Virtual Private Network (VPN) to simulate a US location.

Show Suggested Answer

Suggested Answer: D

by Bette at Jul 05, 2023, 05:47 AM

Limited Time Offer

25%

Off

Get Premium CIPP-E Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Dulce

2 days ago

I think the website operator is not required to comply with GDPR because they do not have an establishment in the European Union.

upvoted 0 times

...

Olga

4 days ago

Haha, the website can't block VPN users? That's like saying 'my house is accessible to anyone who teleports inside, so I don't have to follow building codes!' Nice try, but I don't think that flies.

upvoted 0 times

...

Emilio

5 days ago

But what about the fact that payments can only be made in U.S. dollars? Could that also be a reason why they are not required to comply?

upvoted 0 times

...

Olive

6 days ago

I'm not sure, the fact that the website is open to anyone regardless of location could still make it subject to GDPR. Hmm, tough call.

upvoted 0 times

...

Joni

9 days ago

That makes sense. If they don't have a presence in the EU, then they wouldn't have to follow GDPR regulations.

upvoted 0 times

...

Lorrie

10 days ago

The website operator not having an establishment in the EU seems like the obvious answer here. GDPR only applies to companies with a presence in the EU, right?

upvoted 0 times

...

Kenneth

11 days ago

I think the website operator is not required to comply with GDPR because they don't have an establishment in the EU.

upvoted 0 times

...