Interesting quotes you bring. It indeed appears that regulation is wanting in regard to information technology.

Already we have a history of data leaks, misappropriations, apps stealing your phone contacts, etc. How many of the perpetrators have been indicted? No, I think this isn't EU coming to our rescue.

The GDPR does not seek to limit collection; rules focus on handling data that is already gathered. This is about enshrining into law the new practices of pervasive, privacy-invasive data sampling. Bulk data is recognized as a tool, as merchandise, and as cornerstone of modern economy.

And so. We shall certainly continue to not give the permission to collect any information. And they shall certainly continue to do it anyway.