There recently have been cases of inconsistent applications of the European Union (EU) law by European Courts against U.S.-based companies. One law implicated a portion of General Data Protection Regulation law (GDPR) and the other involved the EU’s e-commerce directive. Questions, however, remain as to the jurisdiction of the EU’s privacy enforcement authorities on U.S.-based companies. In a September court case, the European Court of Justice narrowly interpreted its enforcement against Google, holding that the GDPR was only applicable in the EU and not globally. But just a few days later, Facebook received an opposing and unfavorable view by the same court. International privacy laws and the EU’s authority over U.S.-based companies have certainly caused companies to feel confusion in terms of compliance.