Well done the Europeans in this regard!
Australian policy makers are so far behind they make our country a hacker's dream. Requirements such as........ 'must take reasonable steps, under the circumstances, to minimise misuse or unauthorised access of a person's data' is absurd. I know as I've rung the Privacy Commissioner's office and challenged them as to the effectiveness of such laws. They actually believe its a pretty robust standard as they have the power to investigate breaches and even enforce safer data collection practices. How bizarre. Meanwhile the horse has bolted which means your identity is now earning a criminal organisation money on the dark web. What's more, your I.D data will be traded for ever. Try getting a new face! And remember, the crooks may like your money but they love your identity even more.
That said, I'm not sure the new European laws will have the impact you feel they will Sunfish. My thoughts are the data needs to be stored in Europe for the penalties and consequences to apply. CASA et al are probably fine?
I suggest if anyone feels data protection in Australia is abysmal, don't so much bother your politician (they really mostly seem to lack the necessary i.q on this stuff), challenge the organisation collecting your data. How will you prevent my data being stolen? Are you insured for cyber theft & does the policy cover class actions? Do you offer me the right to be forgotten?
You get the drift. I would say, don't necessarily expect a result or even an understanding.......... but start the challenge process. In time a change will come! Mean time..... protect your own data as far as you can.