Several studies highlight the effectiveness of the GDPR in creating a business environment where the individual has more control over how companies use the individual’s data. For example, GDPR restricts companies from moving personal data of the customers to countries lacking similar legislative frameworks. As a result, the privacy of the data is assured. Support for this assertion is abundant in the literature. Researchers supporting the GDPR assert that the broad definition of personal data expands protection beyond what as initially being protected by prior legislation. An example of the effectiveness of the GDPR was illustrated in the decisions made by companies to update their privacy statement and a reduction in the use of third-party cookies. However, while the system is widely supported, there is some evidence that it is seen as an impediment to business. For example, the fact that data cannot be shared around every country without consequences makes those with little faith over the effectiveness of the system question whether they need it. Countries without similar systems in place find it difficult to create such a system based on the intensity of the processes that go into making such changes to their privacy laws.