An individual made 20 GDPR data deletion requests to various companies, revealing a concerning lack of compliance. Shockingly, 12 of those requests were completely ignored, highlighting significant flaws in the enforcement of data privacy regulations. This experience underscores the challenges individuals face when trying to exercise their rights under GDPR, even with prominent companies.

Many companies, including those claiming to be GDPR-compliant, failed to act on the requests. Some cited spam filters as the reason for non-compliance, effectively creating a loophole. The author's attempts to escalate issues with data protection offices led to bureaucratic dead ends, especially in cross-border scenarios, further complicating the issue for EU citizens.

The core problem lies in the ineffective enforcement infrastructure surrounding GDPR. The author proposes concrete changes: improved cross-border complaint handling, closing the spam filter loophole, mandatory minimum fines for non-compliance, and increased funding for data protection offices. Without these changes, GDPR's effectiveness is at risk.

This situation reveals a gap between the intent of GDPR and its practical execution. While the regulation aims to protect user data, the current enforcement mechanisms are insufficient. The lack of accountability and resources hinders the ability of individuals to control their data and hold companies responsible for respecting their rights. The next step is to see if any real change will be implemented.