[dmitriid]

The ongoing burden is minuscule.

What’s wrong with actively investigating your own compliance?

What government permissions are you even talking about?

[erik_seaberg]

https://gdpr-info.eu/art-36-gdpr/

[dmitriid]

Says nothing about government permissions.

You must consult in case, quote “processing would result in a high risk in the absence of measures taken by the controller to mitigate the risk”.

[erik_seaberg]

You're free to bet $22M that they won't punish you for not waiting 8-14 weeks for their permission.

[dmitriid]

You keep saying permission even though nothing anywhere says about a permission. Now you've come up with a number that you pulled out of the blue.

You keep imagining things and expect me to have an argument about them.

What I do care about is for companies getting the highest possible fines for their mismanagement of user data. Like British Airways, https://www.wired.co.uk/article/british-airways-data-breach-...