by the time a major jurisdiction like the EU brought GDPR, regulatory compliance was already long-overdue (as usual, Govs plays catch-up with the business world), hence what followed was a rapid rise in "bureaucracy" (i guess). For example, if a company falls short in compliance (say Cambridge Analytica) issue bubbles-up to the Network (say FB or ByteDance), if FB fails it bubbles up to the Marketplace (say Apple), if Apple fails at this level, it's so high up Govs get involved to the point that it could trigger inter-continental trade wars.
Hence we're seeing Apple, Bytedance, Amazon (no doubt Google) etc make regulatory compliance a bigger part of their core business than ever before - prevention in favor of treatment.
Your team's case seems unfortunate, given the narrow scope in the trials. My initial guess is that anything involving eye-scanning could trigger Biometric ID (iris recognition) compliance worries. I get your concern about future tech developments, I also think businesses (startups) have to find new ways to account (adapt) for these changes/requirements - "bureaucracy" will naturally increase.
Hence we're seeing Apple, Bytedance, Amazon (no doubt Google) etc make regulatory compliance a bigger part of their core business than ever before - prevention in favor of treatment.
Your team's case seems unfortunate, given the narrow scope in the trials. My initial guess is that anything involving eye-scanning could trigger Biometric ID (iris recognition) compliance worries. I get your concern about future tech developments, I also think businesses (startups) have to find new ways to account (adapt) for these changes/requirements - "bureaucracy" will naturally increase.