The GDPR contains numerous information obligations [Tile O.13], which cause a great deal of bureaucratic effort. In many cases, the data subject is overwhelmed by the large amount of information. The flood of information should be reduced on the basis of existing opening clauses of the GDPR. In the case of low-risk data processing (e.g. image capture with subsequent anonymisation), the information requirements could also be reduced. A waiver of information by the data subject could also be provided for.

The GDPR, but also other data-related EU legal acts, contain extensive documentation, verification, notification, registration and accountability obligations [Tile O.15], which often have no significant benefit, but whose fulfillment creates an enormous data protection bureaucracy. The obligation to take technical and organisational measures and document them in order to comply with every GDPR obligation should be reduced.