You should have different approaches when you migrate low- and high-value and low- and high-risk information. Much depends upon the cost of your migration tool, how organized the content is and who “owns” the content.
No one knows what will happen as GDPR comes into force. But plenty of people are offering a plethora of predictions, from what kind of company will be affected to the future of similar regulations in the U.S. to the connection between GDPR and cyber attacks. Whatever is true—or not—the best preparation is good information governance.
Are all those new terms of service really just businesses and other organizations self-regulating when it comes to privacy standards and customer control over data? Does that mean the U.S. Congress will forgo nationwide GDPR-style privacy regulations?