The General Data Protection Regulation (GDPR) is a law concerning data protection and privacy for all individuals within the European Union. It states that “[t]he protection of natural persons in relation to the processing of personal data is a fundamental right” and sets out to unify regulations across EU members.
While the stated intentions are to protect individual rights and provide simplified laws for conducting business, there is concern of unintended consequences regarding marketing accountability. In particular the required consent and legal basis disclosure could make it more difficult for companies to collect and process data needed for measuring the returns from digital marketing investments. 
GDPR was adopted in April 2016 and became enforceable within the EU in May 2018.