Most of my Euro friends didn't think this. There's a huge difference in approach to regulation between the EU and the US.
I would guess that this article is written from a US viewpoint - the "isn't it strange how everyone is approaching enforcement of this differently?" attitude isn't even remotely strange to a European.
As lots of people pointed out at the time, GDPR in Europe isn't that groundbreaking - almost all EU countries had/have data privacy laws that approach the GDPR (not least because the GDPR itself is a continuation of EU regulation in this area). It came as a shock to US companies because of the sudden "well, none of you paid any attention when we didn't give this regulation teeth, so here's the fangs" enforcement change.
And yeah, I'd love to take part in retrospective reviews of old news to work out who was right :)
I would guess that this article is written from a US viewpoint - the "isn't it strange how everyone is approaching enforcement of this differently?" attitude isn't even remotely strange to a European.
As lots of people pointed out at the time, GDPR in Europe isn't that groundbreaking - almost all EU countries had/have data privacy laws that approach the GDPR (not least because the GDPR itself is a continuation of EU regulation in this area). It came as a shock to US companies because of the sudden "well, none of you paid any attention when we didn't give this regulation teeth, so here's the fangs" enforcement change.
And yeah, I'd love to take part in retrospective reviews of old news to work out who was right :)