You seem to have misunderstood my comment. I was saying that from a legal complience perspective, the notion that the regulatary body is "good-natured" is meaningless. You have to comply with ever letter of the GDPR, you can't just do most of it, or interpret it loosely, and say "oh but they are good-natured people they will understand.". Legal complience doesn't work like that AT ALL!
What people mean when they say the agency is "good-natured" is not that they're going to ignore non-compliance, but that the way they enforce it is not being completely hostile and
pulling out a massive lawsuit the second they see any issues.
Their goal is not to destroy companies, it's to make them compliant, and it's much easier for them to do that with communication than expensive legal action.
> I was saying that from a legal complience perspective, the notion that the regulatary body is "good-natured" is meaningless.
It's not, because as the article explains, experience with the existing regime shows that, the good natured regulator will send you a helpful and explanatory warning letter that tells you what you need to do to become compliant before jumping into fines.
An un-good-natured regulator would behave rather differently.
No, but legal compliance in most of the EU doesn't work by slapping huge fines on people either - first you are told there is a problem and you'll be given a chance and maybe assistance to become compliant.
