The Python Software Foundation on European cybersecurity

One should note that law is to be interpreted by a judge, and a good law should not be written precisely to the smallest detail, but should give enough guidance that everyone knows what to expect, including judges, while also making it obvious and punishable when someone tries to exploit a loophole.

For example, the GDPR does not precisely define what is considered consent. If the GDPR had said that clicking on "I agree" constituted consent, website operators would require you to click on "I agree" before viewing the site. Since the introduction of the GDPR, it was ruled that a shortcut "I agree" button does not constitute consent unless there is an equally prominent shortcut "I disagree" button.