Sebastian, first of all, thank you for your detailed write up on this issue. I think much of your roadmap is worthwhile, and of great interest.
I cannot, however, say that I am convinced by your contentions regarding the effect of GDPR and indieweb sites. In particular, I think your definitions are excessively broad, and you elide much information from both the Regulation itself and the Recitals.
I think I fall somewhere in the middle of the two and see some of the moral and ethical pieces which are more important from a people perspective. I’m not as concerned about the law portion of it for a large variety of reasons. It’s most interesting to me to see the divide between how those in the EU and particularly Germany view the issue and those in the United States which may be looking at regulations in the coming years, particularly after the recent Facebook debacle.
As I think of these, I’m reminded about some of the cultural differences between Europe and the United States which Jeff Jarvis has expounded upon over the past several years. Europeans are generally more leery of corporations and trust government a bit more while in America it’s the opposite.