Question 34
Domain 1: Data Collection, Use, Dissemination, and DestructionA mobile app asks for contact-list access during onboarding with no explanation. Which change is most likely to improve informed user behavior?
Correct answer: B
Explanation
Informed user behavior improves when permission requests are contextual and transparent. A just-in-time explanation tells users “why contacts are needed” and “what happens if the user declines,” which supports informed consent before access is granted.
Why each option is right or wrong
A. Move the request earlier so users see it before any context
B. Add a just-in-time explanation of why contacts are needed and what happens if the user declines
Under the GDPR’s transparency and fairness requirements, users must be told the purpose of any personal-data access at the point it is requested, not left to infer it from onboarding flow alone (Articles 5(1)(a) and 13(1)(c)–(e)). A just-in-time notice that states the specific reason for contact access and the consequence of refusing gives the user the information needed to make a valid, informed choice before consent or permission is granted.
C. Replace the prompt with a legal disclaimer only
D. Ask again every time the app opens