1. What is GDPR? Who and what does it protect? What are the rights of a data subject?
2. How to interpret “contractual necessity”, which is the legal basis of data processing in GDPR (show examples)?
3. How to interpret “third-party interests?” Show some examples of legal third-party interests.
4. What are the differences between Privacy and Data Protection? Does the EU privacy regime focus on data protection or establishing laws to emphasize privacy?
5. What are the strengths and weaknesses of the EU approach?
6. Do you agree that real consent must be “freely given, specific, informed, and unambiguous?”
7. Is the EU a bully? To get assured access to their market, a company’s country must have“adequate” privacy and surveillance laws. What could justify that long-reach into the domestic legal system of other countries?
8. Do all procedures in the EU system slow down innovation? Should the EU trade off privacy for a little more innovation and growth?