Apple's malicious GDPR compliance

It's interesting how Apple manages to even solve the "problem" of users being able to request a copy of their own data maliciously.

How? Well, after they managed to compile your data you have the honor to manually download each one of their services' data by clicking on a small download button. This would normally be fine-ish, but what breaks it for me is that this does not start the download directly upon clicking it, but rather needs 2-5 seconds to start it whilst disabling all the other download buttons during that wait. Afaik there is no real reason to not start downloads directly or do things like authentication in the background. The missing "download all" button is also a shame imo, because it would have been quite easy to implement. At least on the user's side.

This feels pretty malicious compliance-y (or at least like they're just not caring about it) to me, ngl. If you want a nice example of this being implemented correctly, take a look at Google Takeout.