...concerns over GDPR compliance.
The problem's simple. Justifiable paranoia. GDPR is woolly and ill-defined. It also comes with draconian penalties attached for violating something which even specialist lawyers have difficulty interpreting, let alone agreeing on whether or not your plans are compliant.
The result is that many implementations effectively classify everything "eyes only and shoot the reader afterwards".
So, like Global Thermonuclear War, the only winning move is not to play.