[nishantvyas]

Does enforcement changes behavior? I guess the time will tell. But I do expect some insurance companies start selling GDPR coverage policies soon.

[shaki-dora]

Contracts to insure against legal fines are considered immoral and therefore unenforceable.

You can get liability insurance, but that's different (not legal fines but civil law damages).

[downandout]

My guess is that nobody is going to sell coverage for fines that could range up to €20 million that can be assessed under a set of regulations as vague, difficult to follow, and up to interpretation as GDPR.

[izacus]

There's nothing difficult to follow in GDPR... unless you're specifically trying to continue collecting too much personal data while trying to skirt the law.