Europe's controversial privacy law, the General Data Protection Regulator -- better known as GDPR
Two problems with that line...
1. The R in GDPR stands for regulations, not regulator.
2. The GDPR is about as uncontroversial as it gets.
A large part of the public does not care about it. Those of them who had, immediately dropped it when they found it was "to do with computers" and they think that phones are something else. They haven't clocked that it applies to paper, CCTV and all sorts of other stuff.
Those of us who work in information systems do not find it very controversial either. Certainly, it is a hassle, but so are speed limits, planning rules and waste recycling rules. I can follow them quite happily (even the speed limits if I am paying attention) as they exist for good reason. GDPR is a positive update of previous laws.
The only objections I come across to GDPR are from websites in the USA who object to the idea that their misuse of my data might be curtailed. There are some who have just not got round to dealing with it. After all, it is not much more than 3 years since the whole thing was finalised and made available. It is only 12 months since it went live...