Why was the GDPR created? Who is subject to it? In what ways is the GDPR similar to U.S. privacy laws? In what ways is it different? Who can enforce the GDPR? What issues were presented in the French case against Google? How did the French DPA and the court resolve those issues? What was the outcome of the U.K. DPA's investigation against Marriott International? What did the DPA identify as the violation?

1. Adam Satariano , "GDPR, a New Privacy Law, Makes Europe World's Leading Tech Watchdog," The New York Times, May 24, 2018 2. General Data Protection Regulation (EU), 2016/679), Art. 3, 4, 5, 6, 15, 30, 32, 33, 34, 82. 83 3. Stephen P. Mulligan and Chris D. Linebaugh, "Data Protection Law: An Overview," Congressional Research Report, R45631 4. Example GDPR Enforcement Actions: United Kingdom Information Commissioner's Office Press Release, "ICO fines Marriott International, Inc. 18.4 million for failing to keep customers' information secure," October 30, 2020 Commission Nationale de L'Informatique et des Liberts Press Release, "The CNIL's restricted committee imposes a financial penalty of 50 million euros against Google LLC," January 21, 2019 French Highest Administrative Court Upholds 50 Million Euro Fine against Google for Alleged GDPR Violations," June 23, 2020 5. Catherine Barrett, "Emerging Trends from the First Year of EU GDPR Enforcement," American Bar Association SciTech Lawyer, February 28, 2020