GDPR is the General Data Protection Regulation and is a regulation of the European Parliament, the Council of the European Union and the European Commission, which regulates the data protection for all individuals within the European Union (EU). Approved in April 2016, the enforcement date will be on 25 May 2018.
The GDPR will affect the advertising as expands the definition of personal information, which will include IP addresses, cookie ids, and device ids.
The users will be able to access, correct, erase, restrict the processing, and have the ability to do data portability.
There is sensitive information regarding race, religion, and children. The data needs to be transparent.
Advertising companies, especially the ad tech companies need to have in place technical safeguards, breach protocols, and an employee that has the responsibility of the data - processors, and controllers -, a DPO - Data Protection Officer.
And if companies opt to not follow the new EU regulation about data, they can be fined with huge fines (4% of global turnover or 20M Euros).