Playing fast and loose with the law and using financial clout to avoid consequences is nothing new. There have been some great factual books and movies on the subject, such as Erin Brokovich, Unsafe at Any Speed by Ralph Nader.
GDPR is not intended to crucify small businesses. The UK information commissioner has made it clear that they would sooner help businesses to comply than come down like the wrath of God on people acting in good faith but getting it wrong. It is intended to reign in those who deliberately flaunt the law with malign intent. The problem is that we have organisations that, if they were countries, would be in the G20 and therefore have too much power over things they have no business having power over.
In my mind there are two parts to a law. The spirit of the law which is the bit we respect and believe in, and the letter of the law which is an attempt to codify the spirit in a form that will ensure that it is applied fairly and without prejudice. Getting the letter right is incredibly hard. If it were easy there would be no need for the judiciary.
I see GDPR as a tremendously positive step but recognise it has areas that need to be refined. I would be wary of any attempt to undermine it. Perhaps I am being unjust but the louder I hear people complain about GDPR the more I question what they are trying to do and the ethics behind what they are doing.