Under GDPR the chief data office answers to the highest level of the organisation. They are not intended to block legitimate use of data nor dictate the way things should operate.  What they are is a focal point for expertise and advice for data husbandry matters.  Their position in the organisation means they have the authority to say no to ensure that the concerns of data are not dismissed for the convenience or short-term expediency.

Yes, many of us did perfectly OK and even thrived before a large number of disciplines and practises existed but we also suffered at the hands of the HIPPOs (highest paid person's opinion) and got caught in the cross fire of high level corporate egos.
The authority to say no is a great power but one to use sparingly and judiciously.
My inbox and industry press seems to imply that the steps necessary to comply with GDPR have been left to the last minute despite the 2 year advance warning.  A CDO would have had the duty and authority to mandate the necessary work much earlier and with far less disruption to the organisation.  I think such proactive work would have actually benefited the organisations for which they worked.