> afford the engineers with the technical expertise to comply with the law while accomplishing their goals
Google is in breach of the GDPR as it stands, so no.
> afford the lawyers to address the issue when they fail at the former
Potentially, though again a clear-cut breach like theirs should result in a fine regardless of how much money they throw at the problem.
As far as building a moat, I'm not sure. Whether it's Google or a one-man shop, neither can accurately track users without being in breach. There is no moat that I can see, you either break the law or you don't.
> They were fined in Jan 2019, but are they still out of compliance?
They were fined on one specific thing and they maybe fixed it (or silently replaced with an equivalent, non-compliant thing once they went out of the spotlight), however they are plenty of other things they do that are in breach and those are not being investigated nor fined which is why we're discussing the lack of enforcement.
> Which is why good lawyers are so important.
True, but a good law should be one that you can't lawyer your way out of and so far the GDPR outcome of that is inconclusive given there is barely any enforcement at all.
Google is in breach of the GDPR as it stands, so no.
> afford the lawyers to address the issue when they fail at the former
Potentially, though again a clear-cut breach like theirs should result in a fine regardless of how much money they throw at the problem.
As far as building a moat, I'm not sure. Whether it's Google or a one-man shop, neither can accurately track users without being in breach. There is no moat that I can see, you either break the law or you don't.