If a person gives an informed consent it means that this person has a clear understanding of the facts, implications, and future consequences of an action.

According to article 2 h) of the Data Protection Directive (95/46/EG), 'the data subject's consent' is defined as “any freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed”.

Informed consent is important, because only a person who knows what she or he gives consent to can truly mean to agree with the respective use of personal data.

Nevertheless, in many cases, especially those ones involving the use of complex online services, the necessary understanding of all these aspects at the consumers’ end has been hard or impossible to achieve. At the same time, the consumer’s wish for usability might in actual fact often supersede principally existing data protection concerns. Therefore, it has been doubted whether informed consent in such scenarios still is an appropriate tool, in particular regarding consent given in and for use of social networks, because in these the processing of data is so complex that hardly anybody will be able to fully understand all its objects and consequences. In this regard, programs certifying companies that offer e.g. IT products or IT-based services to comply with privacy standards or rules might be a way forward.