The European Union has enforced the General Data Protection Regulation (GDPR) from May 2018. After the GDPR was enacted, European privacy organizations have filed various complaints against global companies for violating the GDPR. Privacy protection associations such as None Of Your Business (NOYB) and La Quadrature du Net complained to Commission nationale de l informatique et des libertés(CNIL) about Google s privacy policy and personalized advertising issues. In January 21, 2019, France’s data protection regulator, CNIL, has issued Google a 50 million euros fine for failing to comply with its GDPR obligations. Google has filed appeal to a higher court, but France’s top court has dismissed Google’s appeal on June 20, 2020. The most widely-discussed regulation in the process of enacting the revised privacy law is the European General Data Protection Regulation(GDPR). For this reason, research on the impact of the GDPR on the revised Personal Information Protection Act has been actively discussed. However, there is a little study on personal information processing and legality of consent procedures that are discussed in GDPR are applied in real cases. This paper focuses on analyzing CNIL imposing a penalty of 50million Euros on Google cases on January 21, 2019. With this study, the research will clarify the criteria for judgement on the procedure for privacy data collectiong consent based on GDPR’s transparency policy. Furthermore, by comparing the Google case with the legal case of Homeplus in Korea, it further examines a possible way that the GDPR s transparency principles and procedure for consent can be affected to legal interpretation of the Personal Information Protection Act. With this comparative study results, this paper will not only set the criteria for the principle of transparency and procedure for consent after the enforcement of the revised Personal Information Protection Act, but also argue that the data controller should collect and use personal information based on the principle of transparency. The research will focus on following research questions in below: First, how does the revised Personal Information Protection Act correspond to the GDPR s transparency principles? Second, how does the revised Personal Information Protection Act and GDPR s procedure for consent ensure the legality? Third, what are the implications of the comparison between the Google case and the legal case of Homeplus in Korea? The scope of the study was limited to the revised Personal Information Protection Act among the Three Data Acts. In addition, among the principles of personal information processing, the study focuses on the GDPR s transparency principles. This is because the Google case is judged based on the GDPR s transparency principles, and the legal case of Homeplus in Korea also shows a judgment that applies the transparency principles.