I'm not arguing against any of that, including your statement that the GDPR might be the last drop to destroy a compliant-in-spirit company which has been surviving just so. I'm merely questioning the scale of the problem (based on my own experience implementing the GDPR in a low operating margin context) and their right to exist to begin with (based on my personal view on the sad necessity of data privacy regulation).
