If you ever get that in US, I sure hope your people are more competent than ours and they come up with something that actually works. Because in EU, GDPR didn't actually solve anything. It's a pain in the ass both for businesses and consumers, and it only had one real (good) effect: it made (some) people aware of the fact that software tracks their lives. Nothing more than that.
The problem with GDPR is the EU member states' cowardly lack of enforcement. You'd think that as soon as they had a stick as big and powerful as GDPR, they'd immediately start beating the big, worst offenders with it. Yet, how often have we seen headlines about "BigScummyCorp fined 4% of annual global turnover" in the news?
Does GDPR even allow the 4% fine at first? I thought the point was to start “small” and ramp up if they don’t improve. Because, while GDPR applies to Facebook, it also applies to everyone. So that small business down the street may not be able to handle a 4% fine while FAANG could. If a 0.5% fine fixes the problem, then going to 4% is unnecessary and would only serve to satisfy vengeance (which laws are not supposed to do[a]).
There’s also the fact that GDPR is a directive. Each state (nation) has to implement it in their own laws. So the EU itself can’t enforce it, only the member states.
[a]: The purpose of laws are not to be an “eye for an eye”, but to curb bad behavior (theoretically)
> There’s also the fact that GDPR is a directive. Each state (nation) has to implement it in their own laws. So the EU itself can’t enforce it, only the member states.
