Which simply can't happen. There's a reason websites aren't manually indexed. And that same reason means you can never fully enforce these laws. What you can do, though, is score political points for selectively applying them to large unpopular players. It's always going to be a mess everywhere else, though.
Other actors realize that noncompliance is more expensive (when multiplied by the risk of being caught) than compliance. Done.
No need to process thousands of violations. All that's needed is a few dozen with lots of publicity.
The GDPR opened the floodgates, but the wheels are in motion, and I know of multiple SMBs who got warnings to cut out their practices.
 The part-time manager of a three story building posted a "list of debtors" on the lobby (which contained false information, though that wasn't relevant for the commission, which focuses on the privacy aspect)