A newsletter from ACFCS on 21st September relayed an article from Email Insider saying that far from helping, GDPR and other privacy laws could actually hamper investigation of cyber crimes. For one thing, regulatory measures such as GDPR and the EU NIS Directive are limiting law enforcement’s ability to access data. In addition, the redacting of all personal data from WHOIS records is “significantly hampering the ability of investigators across the world to identify and investigate online crime,” a Europol report states. As if all that wasn’t bad enough, it says, here is the most bizarre thing: that steep GDPR fines for data breaches could lead to “scenarios where hackers may try to extort companies over their data loss,” the report states. “While this is not new, it may be that the hacked companies would rather pay a smaller ransom to a hacker for non- disclosure than the steep fine that might be imposed by their competent authority”.