"GDPR and Data Protection law historically is not about privacy ..."
I concur, it's not fundamentally about "privacy" per se. It's about ensuring that processing does not infringe the human rights of the data subject, of which rights privacy is just one. Unfortunately the law is not (and probably never can be) specific enough to ensure all eventualities are covered for.
On material scope the GDPR states:
" 2.This Regulation does not apply to the processing of personal data: [...] (c) by a natural person in the course of a purely personal or household activity;"
The definition of "purely personal or household activity" is the point at issue here. There's no definitive interpretation and negligible precedent. This case might indeed contribute some provided the opinion is explained properly. Nevertheless, as the legislation is only invoked on the basis of complaints by data subjects, the body of precedent is likely to be slow in accumulating, and in the meantime it's pretty safe for most organisations to ignore the law. That's not so much a fault of the legislation, but of how it's universally enforced.