Data is the “raw material of the 21st century”, according to Germany’s Chancellor Angela Merkel. Speaking at the World Economic Forum in Davos in January, she said that the answer to the question of who owns this data will ultimately decide whether “democracy, participation, sovereignty in the digital age, and economic success can go together”.

Merkle added: “I believe that our European social market economy gives us a chance to foster a fair digital age in which the privatisation of all personal data is not simply accepted as the normal state of affairs, but it is accepted that, in order to make the best of this era for the public, data is the raw material of the 21st century”.

The issue of data ownership is key to GDPR; after nearly two decades in which companies have been financially incentivised to trawl the web for user data, now consumers have the right to opt-in rather than carry the burden of opting-out.

Wired magazine says it presents a real chance to renegotiate the terms of engagement between people, their data, and companies. For the latter, particularly in the marketing and ad-tech sectors, the implications are significant.

The companies that will fair best and profit most out of the GDPR are those who see it and use it as a customer advantage rather than a hindrance – Stephen Grant, Wright, Johnston & Mackenzie LLP

“In terms of the marketing sector, any business which relies heavily on e-mail newsletters to generate business is likely to be most affected by GDPR consent,” said Stephen Grant, solicitor and GDPR expert at Wright, Johnston & Mackenzie LLP. “The business which stands out to me is the Groupon- type which emails consumers on a daily basis, if not multiple times a day.

“Over the past few weeks, consumers have been asked to re-opt-in; my assumption is that many will see this as a way of stopping the daily onslaught of semi-spam. This will hit the effectiveness of e-mail newsletters drastically; many of these businesses rely on sheer quantity of subscribers to generate any return.

“I think the email newsletter will become a thing of the past as companies think of new ways to advertise their products and services.”

Grant anticipates that legislation will not stand still either: “The last enactment of data protection legislation in the UK was the Data Protection Act 1998 – 20 years ago. I envisage it will be a moving feast, with various updated guidance notes from the ICO and the Article 29 Working Party over the next couple of years, as businesses try to squeeze their business models into the GDPR mould.

The businesses which adapt may survive – those who don’t will be forever waiting and worrying about the knock on their door from the ICO.

“The companies that will fair best and profit most out of the GDPR are those who see it and use it as a customer advantage rather than a hindrance. These companies will use it to connect and engage with customers to build trust.”