GDPR: Why you just got bombarded with privacy policy updates
GDPR: Why you just got bombarded with privacy policy updates

– So you may have noticed a ton of privacy policy emails
lately from companies like Facebook, Twitter, Venmo, Spotify, this dating app I used to use, or MOO, which, to be honest, I have no idea what MOO even is but I know
they updated their policy. So the emails don’t always say it, but those new polices are the result of something called the General
Data Protection Regulation, or GDPR, which goes into effect May 25th. It’s a new rule in the
European Union that’s rewriting how data sharing
works on the internet and almost no one is ready for it. Most people don’t even know what it is, even a lot of the Verge staff. – What is GDPR? – Data Privacy– – [Crew] Nope. – Really? Personal? – I’ve heard of the term GDPR. – Global. – I work here but I really don’t know. – I didn’t look into it. – So it’s totally okay
to not fully understand the GDPR because it’s really complicated, but basically it sets new rules for how companies can treat user data with a particular eye
towards tech companies. And even if you don’t live in Europe, companies are rewriting
their policies for everyone, which is why you’re
seeing all those emails. The big difference is that
the GDPR’s idea of consent is a lot more intense
than previous regulations so companies have to ask
for permission more often. In concrete terms, that means a lot more “Click to Proceed” boxes, although the transparency
requirements also mean the text inside should
get a lot more explicit. Probably the most important change is how companies share
data behind the scenes. Right now, visiting a single website might feed data to dozens
of different companies for analytics, log-ins,
and, above all, advertising. But the GDPR means any company that gets that data second-hand will have to explain why they need it and what
they’re doing with it. So no more sharing data willy nilly. Another cool thing is that EU residents now have the right to request
their data from companies and ask for certain
information to be deleted or corrected if it’s inaccurate. Once you put in the request companies will have 30 days to respond or face penalties. For a big company like Google or Facebook, the scariest part is the fines. If they’re found to
have violated the GDPR, regulators can fine companies up to four percent of their global revenue. So if that company is
Amazon, for instance, that would mean a fine of
up to seven billion dollars. And remember, no one knows
exactly what compliance means so there’s no sure-fire
way to avoid the fine. Although it’s bound to have a messy start, the assumption is that
regulators will treat the May 25th deadline as
a kind of soft opening, giving more guidance and
adjusting as time goes on. Still, the GDPR really
does mark a sea change in how data is handled across the world. Bit by bit, the internet’s
getting less creepy, and while the US is maybe
rolling back internet rules and grappling with privacy
concerns around Facebook, the GDPR is a reminder that the government really can protect your
data when it wants to. – Something to do with your data privacy and we’re getting a lot of emails about it from everyone you’ve
ever given your email to. – Yeah, I have no idea
what that stands for. – Is that right? – [Crew] I don’t know.

100 thoughts on “GDPR: Why you just got bombarded with privacy policy updates”

  1. The Verge says:

    Do you think GDPR should be a global policy?

  2. Maxi says:

    The EU is great

  3. Haider Rizvi says:

    Google updated their privacy policy, and so did FORTNITE! Well, actually epic games but mainly for fortnite

  4. Marc says:

    You gotta love the EU.

  5. Ken S says:

    So it’s the European government protecting European citizens not anyone else in the world?

    We in the US is only getting the email is so those companies can do business overseas right?

  6. Said Filfil says:

    i live in the EU and i approve of this.

  7. Don Lew says:

    Meanwhile, Yahoo is sending out Oath® emails which sounds like the exact opposite of GDPR….

  8. CorneredTarget says:

    That sounds great!

  9. Almighty42 says:

    I saw so many people talking about this yet im not bombarded with it.Maybe because our great leader Aleksandar Vucic still did not made the country join the EU…..maybe in 20 years…maybe.

  10. dale caldwell says:

    Oma Angela is watching, and she knows her doublespeak double plus plus good.

  11. Lyndon says:

    I like to see your hands move. Also nice video!

  12. NorwayDuck says:

    I hate this. Now I have to be 16 or older to use Twitter. .-.

    (they are locking and removing accounts left and right. just take a look at r/Twitter)

  13. Juzer Dana says:

    I am still confused…

  14. peepsbates says:

    I'm all for consumer advocacy and more consumer rights. At the same time, I don't like the /forced/ compliance with the new regulations. Some Free To Play games have had to shut down as a result of not being able to cover the costs (Probably in regards to implementation of new features in their database, site, UI, all that.).

    Sounds to me like compliance shouldn't be forced but a lack of compliance should be forced to be noted, maybe some warning on the website/application that you have to accept the TOS of to use their service. Anything else just looks like businesses get stepped on by the government, something which already happens on a day to day basis as-is. I'm not saying to let anyone off with it but I'm saying that the consumer should be allowed to take the risk if that's the case, otherwise, smudge the reputation of the business somewhat by not being GDPR-compliant but don't fine or force operations to cease as a result.

  15. Zappy Redstone says:

    For printing business cards

  16. uindy4 says:

    Us Congress will never have gdpr for the Americans because of the lobbyists and the president

  17. bigbad bear says:

    Verge, your contents just reached new levels.Thanks for the info 😊

  18. Jonathan F says:

    It doesn't protect you if you're outside the EU. But you can be a non-EU citizen and still receive protections if you're in an EU country. It's just that some companies are using a blanket policy.

  19. Niklas Haiden says:

    Hopefully Verge also updated their privacy policy.

  20. Robert Oortwijn says:

    In the video the presenter mentions that EU citizens have the right to request a change to certain types of data. I tried looking this up, but can't find it in the GDPR text.

    Short story. My Playstation account has its date of birth set to 1990. But I'm from 1994 and would like to have this changed.
    Playstation doesn't offer the ability to change this through.

    But with the GDPR, wouldn't I, as EU citizen (from Netherlands) have a right to request for my date of birth to be corrected?

    Hope someone can assist me on this!

  21. Mehdi Ko says:

    The BEST GDPR software plugin available :

  22. Ari Hollaender says:

    Good video, although you could explain not so fast

  23. Srab23 says:

    Alright, cool

  24. Brando Luis says:

    hell yeah, proud to live in Europe

  25. Sean Reeves says:

    Is no one going to ask why there's an oscilloscope on the table in the background?

  26. Ailín Ó'S says:


  27. Kostas1601 says:

    Why does GDPR apply in the US legally? How can the EU enforce rules for US companies?

  28. Artivisual says:

    Can't we just add some… B L O C K C H A I N to fix the issue?

  29. fj14 says:

    opens refrigerator


  30. واردات تخصصی لپ تاپ says:

    Thanks. We need something like this.

  31. Helabi Esabis says:

    sick world

  32. Aristo Nicholas says:

    opening Coca Cola can

    We have updated our Privacy Policies

  33. Johan Last says:

    All your base are belong to us, resistance is futile….lol. This is nice but does it cover government agencies too? in which I mean collected data by means of spying on communication. A US based government entity may collect PII of EU resident while in the states using services/technologies offered there, but what happens to that information once the EU citizen leaves the states?

  34. Sarthak Pratik says:

    Let's move to Europe

  35. Gusta González says:

    Excellent video The Verge

  36. Surreal Engineering says:

    I was never scammed by a big company, but i know that they will never make a mistake with the GDPR. Starting a small business is now almost impossible without breaking the law, even if you are just cutting hair for a living and i dont want to be a criminal. it sucks and I whish we could somehow escape this bs.

    Think i am liying ?

    Here is a video showing you how an iteraction with a customer would look like without violating the law:

  37. tony b says:

    You don't know how lucky you are, back in the GDPR

  38. sevenSixDB says:

    So after GDPR I could download all the data google has collected about me.

    I browsed between the data and I found a 200MiB file containing every geolocation data about me dating back from 2012.
    A entire folder containing vocal recording of me using google now.
    Every activity with my phone, opened app downloaded file, website I've been to, every search I've done from 2006.

    It was very unnerving.

  39. Dawiiz says:

    Correction "The higher level of fine, up to €20 million OR 4% of the company’s global annual turnover of the previous financial year, whichever is higher."

  40. Akshay Aradhya says:

    4% is just ridiculous. If it violates GDPR 25 times that means a company is bankrupt.

    For a big company like google with like 100+ apps crossing 25 should not be hard at all

  41. MrLunithy says:

    Is this why google have started add booming me on YouTube?

  42. Patrick Angelo Amable says:

    7 BILLION DOLLARS FOR A FINE!? Wow! Go Europe!

  43. Thobiex says:

    Americans explain GDPR

  44. O. C. P. says:

    Too little too late… blockchain will set you free.

  45. Martin Zanichelli says:

    Keep spamming in your own country, not any more in the European Union. You wanted to keep on the spam, right? Not in our country. We are the European Union and we have REAL respect for our rights and our privacy.

    This law should have come from the US and the rest of the Western Civilization follow it.

    It has to come from us in the EU because USA is completely ABSENT from its role as the leading global democracy.

  46. Rahul S says:

    You must be really popular at your workplace with that video. Way to go.

  47. The Guy That Did The MATH says:

    You know it's serious when Brazzers sends you a policy change update.

  48. Olsoney says:

    Generally you are right but you missed a few things and got the fines wrong.

    You missed the the concept of "privacy by design" aspect, which I is one of the key components of this legislation

    and here are the actual fines… I guess media companies just push out news without fact checking (looking at you verge, cnet etc…)

    Up to €10 million, or 2% of the worldwide annual revenue of the prior financial year, whichever is higher, shall be issued for infringements of:
    Up to €20 million, or 4% of the worldwide annual revenue of the prior financial year, whichever is higher, shall be issued for infringements of:


  49. an237251 says:

    Gdpr is stupid! Anyone who wants privacy should stop using social media and with that stop being on the internet all together.

  50. Wak says:

    unless im getting paid for it i don't want companies using my data thats why you learn to protect yourself

  51. Theo Hallenius says:

    4% in penalties? That's some harsh punishment even for soul eating corporations.

  52. kyokushinfighter78 says:

    I cannot believe that someone actually really do this. I am a tech startup founder and also an internet user. I support GDPR and thankful for the Europeans to start the initiative. This what the world needs. US Vulture Capitalists won't be so happy though, they will still find a way to steal our data, but this is the first step. Way to go EU!

  53. Dhany says:

    we've updated our privacy policy

  54. Phoonyy dude W. says:

    thanks for the short explaination, everyone else doing 10+ mins videos kill me now

  55. Banks says:

    This policy seems to have also affected spam emails and nuisance calls. I haven't received a single call or email from any company since May 25th. Peace at last.

  56. M 6 says:

    Just watch his hands, that's the real show

  57. Jumo says:

    As a citizen of the European Union I think the GDPR is not as good as many of you think. Maybe these regulations would be great for America because you're not having any net neutrality anymore, but most european countries have had strong regulations before GDPR took place. With GDPR these regulations were generalized and that cause problems for photographers and a lot of people who making money with other people. Because every citizen in the European Union now have the right to let delete his data or photos and have a right to know how their data is used, you have to inform every customer who only calls your business before they are even saying their name or you write it down. That law is not bad but it's not very well made.

  58. Santarpan Roy says:


  59. Steed Films says:

    MOO makes business cards

  60. Ashton Snapp says:

    The one good thing about Europe.

  61. Jubach says:

    MOO makes business cards.

  62. Yo Yo says:

    Ur a legend for this video

  63. David Sutherland says:

    So many clueless people chiming in. Mostly liberals who will never run a business and have no understanding of the benefits of targeted advertising.

    But what a great reminder of how big government will screw everything up. Brussels has figured out how to destroy American capitalism efficiency. Soon the American consumer will start to understand how terrible this is, how basically foreign bureaucrats have managed to squelch American free speech.

    Want to remember anything about someone, and record their "private" information? Yeah, you don't get to do that.

  64. Digital_U4ia says:

    0:40 "This time baby, our policy is; Bullet-Proof."

  65. Christian Lamey says:

    Meanwhile in the US, Net Neutrality is almost dead while Europe just threw the big middle finger to tech companies, many of which net neutrality is hindering from complete takeover in its last remaining days. Our ISP’s must be having a great time.

  66. online bussiness says:

    Get the solutions of GDPR for your company

  67. Luci3nTv says:

    Thanks Zucc

  68. XxAngelReaperxX says:

    We must revive the Holy Roman Empire in the EU!

  69. baconsandham93 says:

    wE've UpDaTed oUr PrIVaCy pOlICy

  70. Kevin Oliveira says:

    No, the government cannot protect your data. be aware.

  71. Kratos Aurion Plays says:

    That's interesting.

    Also I updated my privacy policy.

  72. Mick Knight says:

    does it also include governments

  73. Prasad Patil says:

    does his haircut looks like iPhone x notch?

  74. - DarkBeaT - says:

    And thus a new meme format was born: "wE UpdATed OoF pRIvAcY
    P O L I C Y"

  75. Do Ma says:

    The font used in the thumbnail reminds me of the Overwatch Developer Update videos. "Hey guys, it's The Verge from the Overwatch team."

  76. Emotionally Challenged Subordinate says:

    Why should we in the US be subject to EU rules?

  77. The celestial Moon goose says:

    Is this bad?

  78. Scripterrific says:

    It sounds all good on the surface, but it's vague AF.

  79. D Conner says:

    But oh, the possibilities for abuse.

  80. Guap says:

    Ez profit

  81. Gigel Chiazna says:

    goverments can protect your personal data? ha, ha, ha; yep, for sure!

  82. Andreas Ioannou says:

    GDPR should be global and should not be taken as granted. We should consider it as the starting point of shielding a very important subject, as we've all seen the last couple of months, data protection. GDPR hopefully with new regulations to follow and from other countries on the matter will help increase confidence in data exchange and communication (the internet).

    Going through the regulation myself, I've put together a simple checklist of the GDPR making it as simple as possible at

  83. Cristi says:

    And how the hell are they going to check that whatever they say the data is for or whatever they do with it is legit? That's the loop, they can say one thing and privately do another. And that's good because you dont want the government to be spying on you.

  84. Cristi says:

    What's the downside of this, there is no way a totalitarian thing like EU would do anything great for the people, they want to controll everyone more and more.

  85. OPJuiceBox says:

    Wtf I didn’t get any privacy policy updates 🤔

  86. ArMy_ BaNgTaN_ says:

    Screw europe! I'm moving to the north pole!

  87. Oliver Truswell says:

    Actually it's 4% OR 20m euros whichever is higher. So Amazon or Google won't lose as much as you think.

  88. Neulandlotse says:

    It's great to talk about the global player but millions of small companies are already affected in a way that they can work no more. So many are already closing their websites, logs and even Facebook fanpages. Cause the effort takes more time an power they can branch off.

    Asking for permission more often, sounds so smart. But in real ist could mean to give a privacy policy anytime before making photo or video, before save the name and number of a customer on phone or even before presenting a business card. GDPR is a monster for small companies. Just cause it dosen't make any difference in the size of the company. So a onemanshow has the same effort as the biggest player like Google or Facebook.

    Espacially in Germany companies could be warned by lawyers with a paying note. If a competitor says you will not fulfill all GDPR rules he can send a lawyer you have to pay or receive a indictment.

    And the next thing is looking around the corner. For posting and sharing editorial content, anybody has to pay. A bit like Youtube any portal has to lookup into a author database if any content is effected. But other than youtube it will not mean you could not monetize this content. It means you have to pay for or you are not able to upload. If someone would start upload something like Wikipedia now, he/she has to pay for most of the articles!

    Many free news papers in Europe already speak about the end of free information online.

  89. Raffini says:

    The EU should promote accomplishments like this more in response to all the anti-EU morons. I get that the EU is a bureaucratic nightmare sometimes and the democratic process is so complicated that it's easy to dismiss it as undemocratic, but fighting back against mega corps like Google is only possible through unified European regulation.

  90. SonoFelice says:

    In my opinion,

    We've updated our privacy policy
    We've updated our privacy policy
    We've updated our privacy policy

    We've updated our privacy policy

  91. Thomas White says:

    Who gets the fine money is the question? Local to where the data violation occur? Are other countries are trying to rake over US companies through fine money? It looks as if "Free" has a whole new meaning in the 21st century… Unplugging certain countries from "Free Services" may have some advantages to a lot of social media outlets.

  92. Butiti says:


    Protecting data


  93. Iack says:

    why would americans care about anything outside of USA?
    and why is he saying that "goverment can really care about you when it really wants to?" you're comparing USA to EUROPE, yet you're combining them. they're not the same.

  94. Mode says:

    Zucc's not happy

  95. Theodor Bourelius says:

    is GDPR only good… or are there any cons?

  96. Phlogistan Jones says:

    WTF is …
    NICE JOB STEALING from Total Biscuit you ghouls.

  97. Average Channel says:

    This does not make up for banning memes

  98. ataallah al-shammary says:

    I actually want to protect my data from the government. Not the opposite
    The Saudi government doesn't respect freedom of speech so i might get arrested because of my tweets if they got my data, my phone number, my name and where i live..

  99. MANNA song says:

    i didnt need information about gdpr but i needed where can i generate it from

Leave a Reply

Your email address will not be published. Required fields are marked *