Which of the following would make Google’s consent process GDPR-compliant?

Providing detailed and accessible explanations of data use in clear language

Automatically enrolling users in personalized ads

Placing consent information in fine print in the terms and conditions

Only offering a single opt-in option for all data processing activities

What condition might justify the social media platform’s refusal to delete the user’s data?

The data is required for legal compliance

The user did not formally request deletion

The platform has proprietary rights over the data

The data includes only the user’s name and contact information

Which GDPR principle allows users to request data erasure under certain circumstances?

Lawfulness, Fairness, and Transparency

If Facebook wanted to prevent such issues, which measure would align with the GDPR principle of Purpose Limitation?

Limiting data access strictly to intended uses

Sharing all collected data with third-party partners

Enabling users to share more personal data freely

Allowing partners to define new uses for the data

Which of the following actions by Facebook would align with the data minimization principle?

Only collecting data relevant to user profiles

Collecting as much data as possible to improve the algorithm

Storing user data indefinitely for future use

Allowing unrestricted access to third-party apps

Week 8 - GDPR Compliance Case Studies

Authored by Rohit Verma

Computers

University

Used 2+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

19 questions

Show all answers

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Case Study 1: British Airways Data Breach

Scenario:
In 2018, British Airways experienced a data breach that exposed the personal information of approximately 400,000 customers. Hackers exploited weaknesses in BA’s security measures, leading to the unauthorized access of customer names, payment details, and addresses. Following the incident, the British Data Protection Authority (DPA) investigated the breach under GDPR regulations.

I read it

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What GDPR principle was most directly violated in the British Airways data breach?

Data Minimization

Integrity and Confidentiality

Purpose Limitation

Storage Limitation

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Under GDPR, British Airways is required to notify the DPA of the data breach within what timeframe?

24 hours

48 hours

72 hours

1 week

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following actions would best demonstrate GDPR compliance after a data breach?

Issuing a public apology without further action

Implementing additional security measures and notifying affected individuals

Changing the data controller’s position

Storing breached data on a more secure server without notifying individuals

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What right do the data subjects affected by the BA data breach have under GDPR in this scenario?

Right to Portability

Right to Object

Right to Access

Right to be Informed

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Case Study 2: Google’s Consent Violation

Scenario:
Google was fined €50 million by the French Data Protection Authority (CNIL) for not obtaining valid consent for personalized advertising. The consent process was not transparent, and users found it challenging to navigate the privacy settings. CNIL ruled that Google’s consent mechanisms did not meet GDPR’s standards.

I read

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Under GDPR, which condition must be met for consent to be valid?

Consent must be implied from the user’s activity.

Consent must be freely given, specific, informed, and unambiguous.

Consent must be required only when sensitive data is collected.

Consent must be given verbally.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

18 questions

U3.1. Connections (JDBC)

Quiz

•

University

15 questions

Firewall and Network Security

Quiz

•

University

18 questions

PBO Inheritance Episode 2

Quiz

•

University

15 questions

DBC CHAPTER 3 - REVISION

Quiz

•

University

15 questions

4.6.4 Logic Gates

Quiz

•

10th Grade - Professi...

20 questions

Information Management - QUIZ

Quiz

•

University

15 questions

GAME QUIZ!!

Quiz

•

University

15 questions

ADVACOMT-Quiz No.1 (final term)

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

10 questions

Probability Practice

Quiz

•

4th Grade

15 questions

Probability on Number LIne

Quiz

•

4th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

6 questions

Appropriate Chromebook Usage

Lesson

•

7th Grade

10 questions

Greek Bases tele and phon

Quiz

•

6th - 8th Grade

Discover more resources for Computers

12 questions

IREAD Week 4 - Review

Quiz

•

3rd Grade - University

20 questions

Endocrine System

Quiz

•

University

7 questions

Renewable and Nonrenewable Resources

Interactive video

•

4th Grade - University

30 questions

W25: PSYCH 250 - Exam 2 Practice

Quiz

•

University

5 questions

Inherited and Acquired Traits of Animals

Interactive video

•

4th Grade - University

20 questions

Implicit vs. Explicit

Quiz

•

6th Grade - University

7 questions

Comparing Fractions

Interactive video

•

1st Grade - University

38 questions

Unit 8 Review - Absolutism & Revolution

Quiz

•

10th Grade - University

Week 8 - GDPR Compliance Case Studies

Case Study 1: British Airways Data Breach

What GDPR principle was most directly violated in the British Airways data breach?

Under GDPR, British Airways is required to notify the DPA of the data breach within what timeframe?

Which of the following actions would best demonstrate GDPR compliance after a data breach?

What right do the data subjects affected by the BA data breach have under GDPR in this scenario?

Case Study 2: Google’s Consent Violation

Under GDPR, which condition must be met for consent to be valid?

What key GDPR principle was violated by Google according to CNIL?

Which of the following would make Google’s consent process GDPR-compliant?

If users wish to withdraw their consent for personalized advertising, what GDPR right are they exercising?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers