The first months were rough. Let's be honest. I think that everyone was just trying to adjust. We have to keep in mind that it was in May 2018, so it was the first big change in the world. Just to be clear, it's been the same across the world. Brazil recently adopted its own privacy laws, Singapore.... It really was the beginning. Let's put it that way.
Then, eventually, I think the regulators, in consultation with the organizations, were able to make sure that the organizations understood what was expected from them. I think that at this stage, there's a big aspect of expectation, because the companies want to do well. That's what I see in my practice. They want to comply. No one wants to say, “Well, you know what? We don't want to comply.” The problem is always in being clear regarding the requirements and being reasonable as well.
On the GDPR, at the moment in North America we are using the GDPR as a gold standard in transactions between U.S. and Canada. We are using language from the GDPR. Clearly, it shows that it's been a success for Europe, if we are being honest. That's my position.