[caffeine5150]

Agreed. GDPR replaces the current Directive and the various member state laws implementing it. GDPR's requirements are (making up a number) 80% or 90% already required by current laws. It's just that the fines were small. GDPR allows fines of up to 4% of annual revenue for the corporate group. So that's why it's getting so much attention. Large multinationals can't afford to ignore such a fine. The reality is probably that the enforcement authorities would only be able to hand out so many mult-million dollar fines (and fight the ensuing battle) at a time. We'll see what enforcement really looks like over time and that'll indicate how serious this is all taken.

[Moru]

It is companies like Cambridge Analytica, Google and others that caused this law change. In general the EU countries tries to leave the market to develop on it's own without interfering. However when there are a feeling that the market is doing the wrong thing, someone feels there needs to be a correction of ways and then we end up with things like this.

I'm sure someone once said "This is why we can't have nice things".