[viraptor]

Almost no organisation / judge / regulator / ... will hit someone with the full fine immediately. This is an incentive to comply not an attempt at killing the company. It seems to work since I haven't heard of gdpr ruling being repeated for the same offence so far. I expect the fine would just go up.

[pmiller2]

Taking away a few percent of a company's profit, while still leaving a quite substantial profit margin is not "killing the company." There needs to be some teeth behind these fines to make companies respect them. You may not have heard of repeat fines for the same offense, but all that shows is that they fix things after they're pointed out. Wouldn't it be better if they thought about how they're handling peoples' data before they got caught doing it wrong?

Somebody needs to be made an example of, and a company like Facebook that not only can absorb the hit but is not well known for respecting peoples' privacy is a great target, IMO.