The GDPR is breaking advertising apart.
Never mind the specifics of the regulation. Just look at the effects. Among those, two are obvious and everywhere: 1) opt-back-in emails and 2) "consent walls" in front of websites. Both of those misdirect attention away from how an entire branch of advertising ignored a simple moral principle that has long applied in the offline world: tracking people without their knowledge, approval or a court order is just flat-out wrong.
That branch of advertising is adtech. As I put it here a year ago:
Let's be clear about all the differences between adtech and real advertising. It's adtech that spies on people and violates their privacy. It's adtech that's full of fraud and a vector for malware. It's adtech that incentivizes publications to prioritize “content generation” over journalism. It's adtech that gives fake news a business model, because fake news is easier to produce than the real kind, and adtech will pay anybody a bounty for hauling in eyeballs.
Real advertising doesn't do any of those things, because it's not personal. It is aimed at populations selected by the media they choose to watch, listen to or read. To reach those people with real ads, you buy space or time on those media. You sponsor those media because those media also have brand value.
The GDPR won't make adtech go away, but it will separate the advertising wheat from the adtech chaff.
The question then is whether advertisers and publishers can recover their lost taste for wheat. Lots of brands still like to advertise on the broadcast and print media that operate in the physical world. In fact, advertising there is still how most brands are made and sustained. In the online world, however, advertisers' appetite for data far outweighs their interest in branding there—with the exception of podcasting. Advertising on podcasts is growing rapidly. While there is data to be gained there, the main reason brands advertise on podcasts are old-fashioned sponsorship ones: brands supporting brands.