> draconian countermeasures are drafted and constructed one by one.
Except when it’s about privacy or anything else we actually care about: then absolutely nothing is done because it would cost more than 0 to do anything.
Depends. In some sense EU companies are quite afraid of the GDPR. Privacy is used in a twisted way in that argument: if any privacy relevant data is exposed to another party, and there is any incident down the line, they fear they could be made responsible. So they to block you as a user to access your own data.
Of course, if that privacy risk came from them storing and selling your data, they happily accept that, you are right in that regard.
Except when it’s about privacy or anything else we actually care about: then absolutely nothing is done because it would cost more than 0 to do anything.