Ever since May the 25th, you might have noticed that every site has updated their terms of service and are basically spamming you with messages about storing cookies on your device/s. This happened after the General Data Protection Regulation was passed in the European Union. This regulation is supposed to protect EU citizen personal data, especially given all the social networks and data breaches in this online world.

Here are some key elements of the GDPR.

Territorial Protection

This is probably the biggest change that the GDPR brought to the online world, and most likely the reason for all those messages regarding cookie transparency. This change applies to all companies, whether they are based in the EU or not, which process the information and data of EU citizens. This means that any company which provides services to EU citizens will be subject to the regulation, no matter whether the service is financial. Companies offering goods are also included, as well as any company which processes data, such as the plethora of social networks and forums.


This is the second reason for updated cookie messages. Penalties have been increased for companies who breach the regulation. Penalties can go as high as 20 million euros or 4% of the total global turnover for the said company, whichever one is higher. This probably left a lot of people panicking as they rushed to update their terms of service and transparency about data processing and handling.

Take note that there are tiers to penalties. The above-mentioned are the most severe penalties, while a company can also be penalized with 2% for having their data records sorted badly, or failing to notify the authorities and subject whose data was compromised by a breach.

Customer Consent

This is also an important thing to take from the 99 article long GDPR. Companies must use intelligible and easily acceptable forms for consent, as well as state the purpose of that data processing and handling. They must also make consent very clear, using simple and plain language. Hiding behind legalese is no longer possible. It is important that consent can easily be withdrawn, as easily as it can be given.

All of these things are just parts of a very long regulation which serves the purpose to protect EU citizens and their data. If you ever wondered why the cookie messages keep appearing when you visit a site, this is the answer.