Like all hot air...
'Stronger rights for individuals. People should be clearly told what information is stored on them and why, and by whom.'
Useful stuff. If you are going to attack the data, put the effort into attacking where there is the most benefit, so knowing what data is held is a useful start.
'They should also have the "right to be forgotten" - to get their data deleted.'
And the right to validate that it was deleted, including the backups. This is an issue with cloud services today, they only solution is strong contractural clauses that allow you to recover all costs from the service provider in the event of a retrospective breach. What are the odds of that being available to individuals?
Whilst it is a step in the right direction, I am approaching the age where I will be chasing retirement, always a few years short of the revised retirement age, even so I doubt the EU will get this implemented in my working lifetime.