The new EU data privacy laws, GDPR, could give brands a chance to strengthen their relationships with customers, says Mike Teasdale, as long as new-world companies realise they need to offer their customers rewards for the privilege of handling their data.

The brand new EU data privacy laws (General Data Protection Regulation) go live this month and we all need to be compliant – very compliant – or we’ll get a knock on the door from heavies armed not only with warnings, reprimands and bans, but also with scary-sized fines.

On top of fines, there will be the inevitable compensation claims for damages suffered, plus the reputational risk from having been censured. And judging by the outrage generated during the recent Facebook/Cambridge Analytica scandal, the loss of consumer trust could be huge for a brand found wanting.

What happened at Facebook/Cambridge Analytica was exactly the sort of dodgy data-handling that GDPR is designed to stop. When 305,000 Facebook users took a quiz, they did not sign up for having their friend networks harvested to enable pro-Trump material to be sent to 87 million other Facebook users during the 2016 US presidential election.

The point is not that data was scraped. Facebook is not a community; it’s an app, and data scraping to influence the way we vote is no different from data scraping to influence the things we buy. No, the point is that Facebook data was sold to a third party without the owners’ consent.

The titan of new media has apologised, resorting to old media to do so with an open letter in newspapers. Its sloppy syntax makes me think it was written by a Millennial lawyer who was probably instant messaging and taking selfies at the same time as composing the apology. People will get over this (the scandal, not the syntax), but the arrival of GDPR marks a rebalancing. We’re moving into a new world of proactive permission, so companies won’t be allowed to make any assumptions when it comes to what data they can and can’t scrape, and how they use it.

For the consumer, GDPR ushers in an era when we can monetise ourselves by selling our data. I can imagine a whole new sub-industry springing up with GDPR claims firms to help consumers gain compensation for illegally obtained data (maybe that’s where all the old PPI sales guys will end up when that deadline finally passes). It should also mean the end of cold calling, the end of badly targeted programmatic ads, and the prospect of better deals for those who opt in. However, we’ll still get those emails about cheap Viagra. And the ones promising to transfer money into our bank account once we’ve paid an admin fee. Some things never change.

GDPR will prove to be a good thing, not just for consumers but also for those of us in the world of commercial creativity. Much of the coverage about GDPR has focused on the stick rather than the carrot. Yes, the sanctions open to the authorities are powerful, but I am an adman, so I naturally think of the upside.

GDPR offers an opportunity to strengthen relationships with our customer base. It’s estimated that up to three quarters of currently-held marketing data will be rendered obsolete by GDPR. That sounds catastrophic, but remember that about 90% of all digital data was created in the past two years, so the chance to wipe the slate clean and re-engage with our customer base in a way that offers them real value in exchange for their personal data is an exciting prospect.

Today’s high-volume, low-quality data sets aren’t built around a meaningful notion of value exchange, so if GDPR forces new-world companies to realise they need to offer their customers rewards for the privilege of handling their data, then that’s a good thing.

Frankly, it’s ridiculous that it should take a law to make new-world companies do what the old world understands instinctively: that you need to respect the consumer rather than treat them like a resource to be mined. Good brand TV ads employ a powerful value exchange. They entertain us, and in return we like them and remember the brand when making a purchase from the category they are in.

Ultimately, GDPR should make people more, not less, willing to share information. If you know what an organisation is doing with your information, and you know you can change that at any point, you’re likely to trust them and thus share more information. And that deepens the relationship.

GDPR means the balance between scale and creative will be tipped more towards creative. Big data sets being replaced by permission data sets increases the need for creativity to create content that people proactively vote to receive. That’s got to be good news, for everyone. Old-world values in a new-world context. Now that’s progress.