The problem is we don't all agree about what "outrageous prices" are, and courts are unlikely to conclude that anything that matches standard industry practices is "outrageous".
The cost of complying with the GDPR nightmare letter, for the average large company that's not designed around the ability to comply with it, is likely to involve multiple engineers for several months digging out the data - if not a large internal redesign to make it even possible to dig out the data. It is not outrageous that the cost of doing that work is objectively going to be hundreds of thousands of dollars. And end users aren't going to pay for that.
So the question is whether we think that it's worth it to society to cause companies to figure it out anyway, or not. If we don't, we don't need a law at all; we just let companies carry on as they are now. If we do, then we should give incentives to design your company right from the start, to minimize data collected, etc.
The nightmare letter is specifically designed as an instrument of malice to maximize processing costs. If it does what it was intended to do and that generates a large processing fee, the system is working as intended.
If the cost of preparing for compliance is reasonable then amortizing it over each request should not produce unreasonable costs per user. If the costs are unreasonable to begin with then that is the root of the problem which is what needs to be corrected independent of who pays.
The cost of complying with the GDPR nightmare letter, for the average large company that's not designed around the ability to comply with it, is likely to involve multiple engineers for several months digging out the data - if not a large internal redesign to make it even possible to dig out the data. It is not outrageous that the cost of doing that work is objectively going to be hundreds of thousands of dollars. And end users aren't going to pay for that.
So the question is whether we think that it's worth it to society to cause companies to figure it out anyway, or not. If we don't, we don't need a law at all; we just let companies carry on as they are now. If we do, then we should give incentives to design your company right from the start, to minimize data collected, etc.