It's all still up in the air, and the wording is vague. GDPR's wording is also vague, as EU laws are. When we read between the lines, GDPR's vagueness sounds promising (hard to over-reach, easy to understand intentions), and the Copyright Directive's vagueness sounds terrifying (easy to over-reach, hard to understand intentions).
A big difference is in the boundaries. GDPR is bounded by your customer records. One customer, one collection of personal data. There's a hard upper limit: about 7 billion. Companies tend to scale with customers, so generally bigger companies will have bigger customer bases and bigger employee bases to handle protecting the records.
The Copyright Directive's bounds is user content. One customer, any number of potential infringements. A single person can run a company with 100 customers who upload 10,000 images each per year. Managing the customer base is pretty easy, managing the data storage is pretty easy, GDPR-protecting 100 people's data is pretty easy. But 1 million potential copyright infringements per year, each one of which could even be claimed by multiple rights holders. Your risk exposure grows with data, not with people. That one-man show probably can't handle tens of thousands of take-down requests, nor build an AI Machine Learning Cloud Native Copyright ID Blockchain System to automate it.
It's even worse. Copyright Directive is technically bound by copyrighted content, which can grow indefinitely even without the company doing anything!
E.g. imagine a company like Snap, say that they have a constant number of users and users post a constant number of snaps per day.
Therefore the amount of content posted/stored on the site doesn't grow, but you still need to be able to keep scaling the system, as the amount of copyrighted content that you should be able to potentially recognize continues growing!
https://en.wikipedia.org/wiki/Directive_on_Copyright_in_the_...
A big difference is in the boundaries. GDPR is bounded by your customer records. One customer, one collection of personal data. There's a hard upper limit: about 7 billion. Companies tend to scale with customers, so generally bigger companies will have bigger customer bases and bigger employee bases to handle protecting the records.
The Copyright Directive's bounds is user content. One customer, any number of potential infringements. A single person can run a company with 100 customers who upload 10,000 images each per year. Managing the customer base is pretty easy, managing the data storage is pretty easy, GDPR-protecting 100 people's data is pretty easy. But 1 million potential copyright infringements per year, each one of which could even be claimed by multiple rights holders. Your risk exposure grows with data, not with people. That one-man show probably can't handle tens of thousands of take-down requests, nor build an AI Machine Learning Cloud Native Copyright ID Blockchain System to automate it.