On what data do you base your judgement that GDPR means the EU "hands out fines like candy"?

If anything they're not handing out enough fines. Companies just pay them and keep doing shady business because it's financially more sound to keep abusing the system. Paying the fine is cheaper than correcting their business practices.

On the bright side many decisions the EU takes also benefit the rest of the world by virtue of being a big enough market.

Of course you can expect any government to be a little easier on local businesses but as far as correctness goes the EU has always done a pretty good job.

Amazing how your single data point lead you to that conclusion..

A years-long investigation into a mega-corp is "trigger-happy" and cause for worry?

The amount of the fine is. Seems petty at best, vindictive at worst

The amount of the fine is literally proportional to the revenue that was made using the practices in question. The more money you make by breaking the rules, the bigger the fine. Which part is petty or vindictive?

I'm sorry in what planet do you get to not be heavily punished after openly ignoring the law for two years?