[peoplewindow]

Why have any law at all, by your logic? Just have a single law that says "Whatever we decide, is final" and make up all rulings and fines on the fly. No 'weaselling' is possible then. Only problem is, it's totalitarian. Nobody knows what is or is not allowed, there is no such thing as justice.

Law is meant to be precise. If it's not, then ignorance of the law does become an excuse and law loses its moral authority.

Unfortunately the EU does seem rather keen on laws so vague that they're impossible to understand - it's rule by law, not rule of law.

[ghaff]

Somewhat ironically, as it's the--presumably soon without the UK--EU we're talking about, but you're basically objecting to a Common Law system. Admittedly, in modern times, there's a lot less practical distinction between civil and common law jurisdictions than there once was, but nonetheless common law is "the part of English law that is derived from custom and judicial precedent rather than statutes."

[Joe-Z]

As mentioned in another reply, the actual laws will have to be implemented by the member states anyway. So the text for each country can vary and can be more specific.

As for your strawman that I somehow argued to abandon all law: I won't deal with that.

[Tomte]

No, they actually won't. The Data Protection Directive needed to be implemented by national legislators into national law, but the GDPR is a regulation which means it is directly binding law.

Only a few technical, minor points need to be spelled out in national regulations or laws.

[x0x0]

That's simply not true.

Each country (or state, in the case of Germany I believe) will have their own privacy commissioner with substantial leeway. Now technically these differences won't be implemented as laws, but there will be substantial differences between eg the French and the UK privacy regulators.

The GDPR also allows for individual states to strengthen its provisions, eg for genetic data.