According to the General Data Protection Regulation (GDPR,) information society services that wish to process any personal information related to a child under the age of 16 years will require parental/guardian consent. The GDPR is the European Commission’s tool that will unify data protection in the EU and there are plans for it to be adopted in 2018. In the most recent GDPR draft released by the European Council, the age limit where parental consent is mandatory has raised from 13 to 16 years. The implications for children digital rights are not well understood and, at the moment, nobody knows if this regulation will protect children or by the contrary make them more vulnerable. Something certain is that, until now, minimal consultation to incorporate the children voice has taken place and consequently, children’s digital rights are not being treated with the respect or seriousness they deserve.