Yeah, it all still is more experimental than I’d hope. The whole reason I’m using Silverblue is low maintenance and less risk.
The plus side is that it didn’t render my system unusable - I could boot into the old version. But hopefully lessons will have been learned, and this will happen less often in the future.
GDPR applies to people based in the EU, or located inside the EU, so tourists would be protected as well. I am also absolutely not surprised that a bartender would not know about GDPR, since it doesn’t really apply to their job. (They might also know it by its Dutch acronym, AVG.)