The loudest GDPR advocates don’t care about you. 90 years ago they would have been the ones helping collectivize the farms, unintended consequences be damned.
And this law’s effects are all about the unintended consequences. Anyone thinking government regulators are reasonable and benevolent has never dealt with said regulators beyond any trivial level. To make it more fun each member country handles enforcement, so now you have a risk of 28 different interpretations of the law. It’s madness. Even if you do everything right there is still a compliance risk. It’s like HIPAA in the US — HIPAA is pretty “easy” to comply with, but the consequences are so severe that it necessarily drives up operational costs significantly. Unless Europe is a significant part of your revenue, better to block Europe and decrease your risk to near zero rather than have a potential risk of catastrophic, company-ending fines. Because the fine isn’t against profit, it’s against total, worldwide revenue. So unless your European profit exceeds 5% of your worldwide revenue, no sane person would take that risk. Even without the enforcement risk, you still have to deal with potentially hundreds or thousands of information requests — even if you are doing everything by the book.
That part is spot on, he's showing how history rhymes. It's an example of humans historically making the same mistake of not reasoning about unanticipated consequences.
And this law’s effects are all about the unintended consequences. Anyone thinking government regulators are reasonable and benevolent has never dealt with said regulators beyond any trivial level. To make it more fun each member country handles enforcement, so now you have a risk of 28 different interpretations of the law. It’s madness. Even if you do everything right there is still a compliance risk. It’s like HIPAA in the US — HIPAA is pretty “easy” to comply with, but the consequences are so severe that it necessarily drives up operational costs significantly. Unless Europe is a significant part of your revenue, better to block Europe and decrease your risk to near zero rather than have a potential risk of catastrophic, company-ending fines. Because the fine isn’t against profit, it’s against total, worldwide revenue. So unless your European profit exceeds 5% of your worldwide revenue, no sane person would take that risk. Even without the enforcement risk, you still have to deal with potentially hundreds or thousands of information requests — even if you are doing everything by the book.