This. Cannot be understated that many so-called GDPR vendors are the ones that made it possible for companies to accumulate “data lakes,” a serene-sounding term for collecting and holding onto far more data than you can process. Now they are helping their customers snorkel/dive the lakes to uncover personal data. Those of us who have seen this through the eyes of the data subjects need to make a splash. Sorry, taking this water thing way too far. Seriously though, consider the contrast in how a formerly data-hording vendor approaches GDPR compliance with those who search and sort for personal data on behalf of the subject. Doc, please please keep writing on this topic. Count me in as a voice who will reinforce the message.