Making fine a percentage of profit would be even worse: Amazon, for example has no taxable profit at all, so the GDPR fine for them would be $0 (or $20M, which does not make much difference). And having different fines for different industries, based on gross profit margings could be viewed as discriminatory, and therefore ruled illegal.

Though I think the GDPR is bad law in some ways (chiefly in terms of the chilling effect on small operators), I think that allowing the cap on the fine to be revenue based (and specifically global revenue based) is nearly essential.

Otherwise, you get into accounting chicanery (or outright loss-making companies being able to operate with impunity while they grow).

There's nothing stopping the enforcement action to take into account the underlying profitability if something like a grocery store were to run afoul of GDPR.