Certified Information Privacy Professional – Europe (CIPP/E) — Question 129
Tanya is the Data Protection Officer for Curtains Inc., a GDPR data controller. She has recommended that the company encrypt all personal data at rest. Which GDPR principle is she following?
Answer options
- A. Accuracy
- B. Storage Limitation
- C. Integrity and confidentiality
- D. Lawfulness, fairness and transparency
Correct answer: C
Explanation
The correct answer is C, as encrypting personal data at rest aligns with the GDPR principle of integrity and confidentiality, ensuring that the data is protected against unauthorized access or breaches. The other options do not relate directly to the act of safeguarding data through encryption, as accuracy focuses on the correctness of data, storage limitation pertains to how long data is kept, and lawfulness, fairness, and transparency are about processing data in a compliant manner.