@rosjackson yes, those five. Regarding costs. the EU has been having 27 *different* national privacy regulations. Starting May 25, there will be only one. IF an organisation is already compliant to any of the main ones (that is, except for the Eastern European countries that are too EU-young to have a proper one) THEN costs will be minimal and incentives to expand across EU will be large.
It's a big IF, but surely not the Union's fault

@rosjackson I see another plus in the GDPR: since treating personal data bears a cost, maybe somebody will start thinking whether they *actually* need as many personal data for their business (answer: they don't)