I would argue that it's the same problem and the reason GDPR is privacy theater.
It's a lot of regulations that can be worked around and the fines are hard to and rarely enforced. There are a bunch of poster children of GDPR fines that make it seem like it's doing a lot but the principal abusers (i.e. Google) just walk away with a light slap.
It needs the ability to be enforced, and I think this much should be obvious to lawmakers -- a law that can't be enforced well is useless.
That's why I'm calling it privacy theater. It's the EU saying "look what we did!" but in practice it doesn't really do much without enforcement that still does not exist both at a national and global scale.
If the law literally doesn't work because of reasons, then that's just systemic corruption.