My (EU) clients fall into two camps. Those who haven't had to do a single thing to be GDPR compliant because they were already following the various data protection and privacy laws, and the ones panicking.
The latter group say things like "this is ridiculous, they're making us change so much" but never have an answer to the fact that they're already violating PECR or the Data Protection Act.