OneTrust Certified Privacy Professional Practice Exam - Practice Test & Questions

The primary enforcers of GDPR compliance are the Data Protection Authorities (DPAs). Each EU member state has its own DPA, which is responsible for overseeing the enforcement of the GDPR within its jurisdiction. These authorities have the power to investigate violations, impose fines, and ensure that organizations adhere to the regulations that protect personal data.

DPAs also play a key role in providing guidance and resources to businesses to help them comply with GDPR requirements. Their function is essential because the GDPR is law in multiple countries, and having designated authorities allows for localized enforcement while still adhering to overarching EU regulations.

The other entities mentioned, such as the Federal Trade Commission and the National Security Agency, operate under different mandates and jurisdictions, focusing on consumer protection and national security, respectively. Meanwhile, the Consumer Product Safety Commission is concerned primarily with product safety rather than data privacy. Thus, the DPA's specific focus and authority regarding data protection make it the correct answer in the context of GDPR compliance enforcement.