Where are all the people who were saying GDPR is fine to be underspecified because European governments are benevolent and will choose to be good even when they don't have to?
It is a problem with under-specification, because GDPR is supposed to be just a guiding framework and each government should implement its own compatible laws.
I also was afraid the Romanian government (and other autocratic governments) will do a poor job translating the GDPR into national law.
That's not true; the GDPR is not a Directive, but a Regulation, meaning the actual text applies directly, it's not transposed by the national legislators.
No law can be beneficial if the individuals and institutions applying it are corrupt and abusive.
In theory the Soviet Union and other communist governments had lots of laws outlining a fair and equal treatment of citizens, in practice they were disappearing people.
You're being lazy. This law has been under work for years, was going against massive corporate interests and was heavily lobbied against.
It's a minor miracle we have it at all.
The enemies of privacy, advertising drones, the brainwashed and careless love to attack it because it's hitting their pockets or making them click away some inconvenient pop-up.
I know of a few companies that decided to stop selling customer data to data brokers due to GDPR. Now its impossible to know if you were specifically affected by exactly these companies' business practices. But if you're in the EU you would have to live a rather strange life not to be affected in some way.
One of these companies was an airline. They would share the price you paid (meal you chose, etc.) with among others, a company specializing in "individualized pricing". Meaning: if you flew business class, the telecom company might just not show you the cheaper options next time your contract is up for renewal.
