It can go both ways. Just because a company has done something that deserves to be regulated does not mean the regulation itself is a good way of accomplishing that. For what it is worth, I think the EU for the most part is doing alright in some places with some severe missteps as far as encryption and privacy goes.