Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-E All Questions

View all questions & answers for the CIPP-E exam
Go to Exam

Exam CIPP-E topic 1 question 282 discussion

Actual exam question from IAPP's CIPP-E
Question #: 282
Topic #: 1
[All CIPP-E Questions]

SCENARIO -
Please use the following to answer the next question:

Gentle Hedgehog Inc. is a privately owned website design agency incorporated in Italy. The company has numerous remote workers in different EU countries. Recently, the management of Gentle Hedgehog noticed a decrease in productivity of their sales team, especially among remote workers. As a result, the company plans to implement a robust but privacy-friendly remote surveillance system to prevent absenteeism, reward top performers, and ensure the best quality of customer service when sales people are interacting with customers.

Gentle Hedgehog eventually hires Sauron Eye Inc., a Chinese vendor of employee surveillance software whose European headquarters is in Germany. Sauron Eye s software provides powerful remote-monitoring capabilities, including 24/7 access to computer cameras and microphones, screen captures, emails, website history, and keystrokes. Any device can be remotely monitored from a central server that is securely installed at Gentle Hedgehog headquarters. The monitoring is invisible by default; however, a so-called Transparent Mode, which regularly and conspicuously notifies all users about the monitoring and its precise scope, also exists. Additionally, the monitored employees are required to use a built-in verification technology involving facial recognition each time they log in.

All monitoring data, including the facial recognition data, is securely stored in Microsoft Azure cloud servers operated by Sauron Eye, which are physically located in France.

What is the main problem with the 24/7 camera monitoring?

  • A. It must not be operated during non-business hours and employee holidays.
  • B. It may accidentally film third parties whose consent is required for monitoring.
  • C. It has no valid legal basis to be implemented in the context of Gentle Hedgehog’s business.
  • D. It must first be approved by the trade union and then granted a license from the national DPA.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Ssourav at Aug. 6, 2024, 10:25 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Ssourav
3 months, 2 weeks ago
Selected Answer: C
Legal Basis: For monitoring to be lawful under GDPR, it must have a valid legal basis. Common legal bases include the necessity for performance of a contract, compliance with a legal obligation, protection of vital interests, consent, and legitimate interests. In the context of employee monitoring, legitimate interests often apply but must be balanced against the employees’ rights and freedoms. Continuous 24/7 surveillance is likely to be deemed excessive and intrusive, lacking sufficient justification.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel