What stats are you working off of for those 3 decade estimates? Either way the point remains, the sentiment of “we should’ve done X decades ago” doesn’t mean we should now be able to do it instantly, it just means we had the information and knowhow to start working towards it decades ago and we didn’t do it.
Even if the UK is not in the EU the GDPR still applies there, just the version it got while it was in the EU tho, no revisions