Comment by MyFirstSass

As a EU citizen; The intentions are good, some of GDPR is great, and some of the huge fines have been welcome in a world where corporations usually gets tiny fines.

That said, as with most heavy bureaucracies there's just not enough internal organisational tech education so lobbying and misunderstandings end up diluting the process.

Example is the cookie banners leading people away from smaller competitors strengthening monopolies, and teaching people to click at 100 banners a day because no one has time to read so much.

Another is GDPR policies which are great but a huge hassle for smaller orgs and companies, and not really targeted them in the first place.

Everything always ends up a win for the largest players, while the smaller ones struggle to maintain legality.

That has been my experience with a few GDPR processes.

Another annoying thing is the forced Public Procurements of software solutions if you're more than 50% publicly funded in EU.

Again good intentions but it just makes the big players hire huge amounts of lawyers and sales people to game the process to win then create bad software.

That's the problem with regulation. The free market is definitely not free after consolidation and monopolisation but if you're going to regulate you need the absolute best consultants to guide the process and somehow that step always gets bungled.