I’ll explain this in terms for someone who is five and got the same attention span:

You get put on the Cookie Monster’s watch list, for now he will know your every move and preferences.

Great (and correct) answers already, but I wanted to add a shorter version.

Not only are you consenting to storing information in your browser, but also to *send* it to whoever they want; You are allowing the site to configure your browser to automatically send data describing your actions and history to them and other parties.

The only difference now is that they have to get your consent before doing it. Before they did it without asking or letting you know. An arguably unfortunate side-effect of this is that it has lead to people consenting just to make the internet work, so the site owners can insert whatever else there for people to agree to without reading it.

Every shop you visit, the shopkeeper has someone slap a coloured and number sticker on you when you enter.

The next time you come into that shop, with your sticker, the shopkeeper looks up the number and knows what you bought last time, how much you generally spend, all the information they have on you.

Another shop will use different coloured stickers but with the same thing. A unique number on it, that identifies you as their customer #27, and so they know about you from previous visits (even if you never bought anything, or if you said “I’m interested in…” at some point – and the other shops don’t necessarily have that information because you’re #27 to the pink shop, but #437289 to the red shop, and so on). Those interactions are all recorded against your sticker number for each individual shop you go into, even if they never ask your name.

“Accept all cookies” means that you’ll just keep those stickers on you forever, and take any sticker that someone tries to put on you. Some guy walks up to you in the street, you have no dealings with him, he’s not selling anything, but he puts a numbered sticker on you and you just leave it there for years.

“Reject all cookies” is like taking those stickers off regularly or not letting anyone put a sticker on you. The shops “don’t know who you are” unless you tell them. They don’t know your order history, unless you tell them, etc.

“Essential / necessary cookies” means that once you log into Amazon, Amazon will give you a sticker so you don’t have to log in for EVERY SINGLE PAGE. But they won’t just stick things on you randomly or let their corporate partners put stickers on you.

Nowadays, those stickers are most often left by companies that you have no personal dealings with – the strangers in the street. They are monitoring everything, not just that you went into the butcher’s shop, but that you had previously come out of the adult store, and now you’re going to the supermarket, and oh look, you work in that government building, and you regularly spend the night with your best friend’s wife, and SHE has stickers that tell you that she spends a lot of time in lingerie stores, etc. They then sell that information on to other companies for them to try to target your custom. You walk into a shop you’ve never been into before, they look up all your stickers and they say “Ah, yes… hey, if you’re interested, I can sell you a nice bunch of flowers for your wife, because you’ll be at the hotel this Tuesday, won’t you?”

Cookies are just tracking numbers that each site gives you. They are necessary for some things (e.g. staying logged in without having to log in for every single page you visit), but they are also abused, especially by third-parties who just want to join all the information about you from a dozen websites together to build a “customer profile” so they can sell that to someone who will target you for certain products.

“Accept all cookies” allows that to happen.

If you’re using the latest Firefox, not much. The cookies remain siloed (Total Cookie Protection) and can’t cross reference other cookies except those from the same domain. Net result is you’re not overwhelmed with Dell laptop ads on Instagram when you browse for them on Amazon.

I accepted em, oh boy was i wrong.
Gained 40 pounds.
Would not recommend.

​

​

Accept lettuce

As a follow up question: if I use an extension (in my case, I Don’t Care About Cookies specifically) to disable cookie popups, am I not getting tracked beyond essential cookies since I did not specifically give the website consent?

Many responses are more ELI15 – seeing if i can bring down to 5:

When you visit a website you’re actually asking another computer, over the internet, for content – the pictures and videos and everything else on the screen. Accepting cookies means that this computer also sends a package of extra content that you can’t see that stays on your computer even after you leave the website. This is the cookie, and it’s there so that the next time you visit that website, the computer already knows who you are- it remembers what you did the last time you were there. Sometimes this is great because it will show you cool stuff that it knows you’ll like. Other times it’s annoying because they may use what they know about you to show ads on other parts of the internet. Some people don’t like that so many computers across the internet are remembering them and learning about them.

In my case? Dad bod.

Web-developer here.
I have built Cookie-Acceptance menus.
It’s worth mentioning that Cookie-Acceptance is a very new standard. Like.. within my career.
When I started, GDPR and Cookie-Acceptance weren’t things, and there were no real rules.
There are still no rules. Every project is bespoke, there are no hard-and-fast standards or common standard plugin modules for this.
We build the menu and functionality in our own way and with our own ideas about how it should work.

In principle, there are sections of tracking code on the site which are locked until you press Accept on the cookies.
However it’s possible that it’s on by default and only disables the cookie after you press the No button.
This is a workaround, making it opt-out rather than opt-in technically fulfills the GDPR requirements, but by the time you turn it off, your tracked data is already up on the website’s analytics database and turning it off is mostly irrelevant.
If the developers are lazy, or there’s someone unscrupulous in charge, the buttons might not even do anything other than close the popup, which is in defiance of GDPR, but takes effort to prove. If you catch a company doing this you should definitely call them out on it.
If you really don’t want 3rd party cookies then you should disable them in your browser settings, because every website is different and you cannot trust that they’re operating in a sensible or scrupulous fashion.

Cookies are little pieces of data stored on your browser so that when you reload a website, it can see what you were up to last time. Most first learn about cookies as a way of storing session tokens and what not so you don’t have to re-login every time you visit a website for example. It’s still used like that today, but it also enables a lot of cross-site tracking and enables companies like Facebook & Google to harvest data and present better ads.

Similar to a Cache, but a Cache is just content that the servers gave you so that you don’t have to re-download them.

Accepting all cookies just means that websites don’t have to ask to store some data on your machine.

Cookies = Piece of data about the last time you were on that site

Cache = Piece of data the servers gave you, stored on your machine so you don’t redownload it