[kelnos]

There's no reason for them to do that.

Look, their goal here is compliance. They don't want to fine a company into oblivion, because that just encourages companies to be fearful and do what you're doing: cut ties with the EU entirely. And that's not a win for them either.

I get that it's hard to trust governments, but remember that they're still made up of people. If you deal with the regulators in a straightforward way, and cooperate to the best of your ability, they're not going to stick it to you. No, I don't know that for every single instance. But I also don't know a lot of other things that can add risk to a business, but that doesn't stop me from doing business in general.

But sure, if you've done the math, and the cost of compliance isn't worth the EU revenue you'd otherwise get to keep, that's your call. I'm just getting a little tired of all the FUD getting spread around GDPR.

[downandout]

There's no reason for them to do that

Sure there is. Their government will be the direct beneficiary of the money. Why would they care if they bankrupt a foreign company? In fact, they may use it for this explicit purpose. They win by collecting the money, and they win by decimating foreign competitors of local businesses.

[kelnos]

I get that you're incredibly cynical about this process (and probably any government process), but I really don't see it as dire as you do. I don't think any further discussion will be productive, though, since we seem to be operating under some vastly different base assumptions about human behavior.

[M2Ys4U]

Data protection authorities have to be independent of government according to the GDPR.

[downandout]

They have to be citizens of the given country, do they not? They probably wouldn’t mind their government collecting a few extra million from foreign businesses. It still goes to their benefit.