IAPP Updated CIPM Exam Questions and Answers by soraya

End-to-end encryption directly reduces confidentiality risk during transit and limits exposure from interception or misrouting. Contract terms (B) help governance but don’t technically prevent compromise; personal email (C) increases risk; audit logs (D) support detection/accountability, but they’re not as strong as preventive transfer security controls.

=============

This is an example of Privacy by Design (PbD), which is an approach to systems engineering that integrates privacy into the design and development of products, services, and processes from the outset7 PbD aims to ensure that privacy is embedded into the core functionality of any system or service, rather than being added as an afterthought or a trade-off. PbD is based on seven foundational principles: proactive not reactive; preventive not remedial; privacy as the default setting; privacy embedded into design; full functionality – positive-sum, not zero-sum; end-to-end security – full lifecycle protection; visibility and transparency – keep it open; and respect for user privacy – keep it user-centric8

Rationalizing requirements in order to comply with the various privacy requirements required by applicable law and regulation means that you have a systematic and logical approach to harmonize and streamline your compliance efforts. Rationalizing requirements does include harmonizing shared obligations and privacy rights across varying legislation and/or regulators, implementing a solution that significantly addresses shared obligations and privacy rights, and addressing requirements that fall outside the common obligations and rights (outliers) on a case-by-case basis. These steps can help you avoid duplication, inconsistency, or inefficiency in your compliance activities.