I don’t really understand exactly what is afoot in the EU regarding data privacy, or if it is the right thing. But I’m pretty sure I’m happy they’re taking a crack at it and hope the results work out well for end users.
I do believe that the Silicon Valley approach of “click to accept our terms, take it or leave it, and we can change the terms at any time,” deserves to die. Most human beings (some would say all) are not lawyers, and are not in a position to be weigh the infinite-term implications of their first tweet or FB post. Moreover, as most of us are not futurists (and even the best futurists are terrible at it) nobody can understand the ways their data may be used against them in future, as yet never imagined scenarios. Yes, rules will slow down SV innovation, particularly when the rules are in flux. It may well be worth it.
What worries me more is that rules will eventually benefit the largest companies like Google and Facebook, which can easily build whatever infrastructure is necessary to comply, whereas upstarts may have a hard time. There is ample evidence that regulation has a funny way of ultimately benefiting incumbents, even if they complain the most when it is first suggested.