How GDPR regulators will identify noncompliers and levy fines