I am familiar with the GDPR. We had to do a lot of research when it came out (as well as the California version, the CCPA, where I live), and had to make some changes to how we dealt with data.

> There was a time where the Internet was the wild west and you could've easily been personally targeted and exploited. Businesses sold your data to whoever.

Yes, I remember when the internet was a much more dangerous place, in all sorts of ways. Browsers were not as secure, network security was not very robust. Most things were plain text. Hell, my friends and I used to run ettercap in our college dorm, because the entire dorm LAN was unprotected from ARP spoofing. Everything was sent in plain text, we would capture email passwords, AIM passwords, etc. We would play pranks on each other where we would spoof AIM messages to different people pretending we were someone else on the dorm floor.

I think some of the regulations have helped the internet be safer, but the tech is really what has changed.