[jdietrich]

>This sentiment and the hilariously large fines (regardless of company size, even) on relatively-ill-defined requirements make the whole GDPR process feel like it was designed to bully businesses into compliance.

>Some pieces of GDPR are definitely for the benefit of the end-user (at the expense of companies, who happen to be providing those users other benefits). It all feels really heavy-handed, though.

The GDPR isn't vastly different to the old Data Protection Directive, which has been in force since 1997. The panic over GDPR suggests that a lot of companies had simply been ignoring the DPD. If a bit of bullying is required to get businesses to obey the law, then so be it.