[tatersolid]

That’s the issue with GDPR, it’s that the regulatory burden for Facebook is the same as it is for a small company.

At $dayjob we are at hundreds of thousands of dollars in staff time and legal fees (mostly updating and reviewing existing contracts). We don’t do anything shady with user data, and already have a robust data security program due to our industry.

A family member’s small business which packages meats for the grocery is similarly burdened to the tune of hundreds of thousands.

That’s a huge waste repeated millions of times over around the world. They could have just targeted this at the big web companies and Adtech firms with some simple qualifiers. This law isn’t really much good for consumers, but it’s very good for lawyers.