WP29’s “Guidelines on Personal data breach notification under Regulation 2016/679’’ provides examples of ways to communicate data breaches transparently. Which of the following was listed as a method that would NOT be effective for communicating a breach to data subjects?
A notice on a corporate blog would not be effective for communicating a data breach to data subjects. Corporate blogs typically require individuals to visit them actively, which means that not all affected persons will receive the message in a timely manner. Effective communication methods should ensure that the message is directly received by individuals, such as through electronic messages, postal notifications, or prominent advertisements in print media.
The answer should be C. "Examples of transparent communication methods include direct messaging (e.g. email, SMS, direct message), prominent website banners or notification, postal communications and prominent advertisements in print media." - WP29 Guidelines
Based on this WP29 Guidelines, I agree C is the correct answer. not D
"A notification solely confined within a press release or corporate blog would not be an effective means of communicating a breach to an individual." - WP29
Examples of transparent communication methods include direct messaging (e.g. email, SMS, direct message), prominent website banners or notification, postal communications and prominent advertisements in print media.
D is correct
A is correct. Postal cannot be considered as timely and effective as compared to other electronic media.
A. A postal notification This is because postal notifications might be too slow and may not provide timely communication to data subjects in urgent situations, as opposed to more immediate methods like direct electronic messages, notices on corporate blogs, or advertisements in print media.