The "one size fits all" approach of the GDPR [Tile C.02] proves to be inadequate in many cases: basically, the same rules apply to Google, the tax office, credit agencies, the bakery around the corner, the sports club and the blogger.

However, precisely fitting regulations require a sector-specific approach. The EU is also moving in this direction with the establishment of data spaces (industrial data space, mobility data space, health data space, etc.) [Tile PC.26].

At the national level, the opening clauses of the GDPR must be used to relieve certain sectors (e.g. crafts) or certain controllers (e.g. SMEs, associations) and to regulate certain data processors (e.g. credit agencies) more specifically.