Under the General Data Protection Regulation (GDPR), which of the following situations would LEAST likely require a controller to notify a data subject?

Under the General Data Protection Regulation (GDPR), which of the following situations would LEAST likely require a controller to notify a data subject?
A . An encrypted USB key with sensitive personal data is stolen
B . A direct marketing email is sent with recipients visible in the ‘cc’ field
C . Personal data of a group of individuals is erroneously sent to the wrong mailing list
D . A hacker publishes usernames, phone numbers and purchase history online after a cyber-attack

View Answer

Answer: B