GDPR
One of the best things about the european GDPR law is that it pushes companies to decide what data they gather, and how long they keep it. Data that is not there cannot be stolen.
And in my personal experience of large european companies, they take their GDPR processes very seriously already. The data that my clients (telecom, banking, insurance, etc) could potentially gather on their users has major privacy implications - but fortunately, GDPR is ensuring that it is suitably trimmed and anonymized. IMO, the GDPR has brought major benefits for privacy; I shudder to think what happens in countries without such protections.
Biting the hand that feeds IT
