Seven years after GDPR came into force, European regulators have issued over 2,245 fines totalling nearly 5.65 billion euros — and enforcement shows no sign of slowing down. Yet most compliance conversations focus on legal and governance failures, while the deeper technical root causes go unaddressed.
This article examines three recurring database-layer failures documented in the EDPB’s 2026 enforcement findings: the complexity of executing erasure across relational schemas, the backup paradox that can silently undo compliant deletions, and the audit log contradiction that traps organizations between two competing obligations.
We then look at how SQL Server, PostgreSQL, Oracle,