Which of the following is a key element of the accountability principle under the GDPR?

The key element of the accountability principle under the GDPR is that organizations must demonstrate compliance with GDPR principles. This entails proactively taking steps to ensure that their data processing practices align with the regulation's requirements. Organizations are expected to implement appropriate technical and organizational measures to comply with data protection obligations and to be able to show evidence of this compliance.

This means that businesses should not only adhere to the rules set forth by the GDPR but also actively track, document, and be prepared to provide proof of their compliance. The principle emphasizes the importance of accountability in data protection, requiring organizations to take responsibility for how they manage personal data.

In contrast, keeping data processing activities secret does not reflect the openness and transparency that the GDPR promotes. The statement about organizations having no responsibility unless an individual complains is misleading, as accountability under the GDPR goes beyond just responding to complaints. Lastly, focusing solely on reducing costs is contrary to the GDPR's intent, which prioritizes the protection of personal data over financial considerations.