Suche
Mein Konto
Shocking legal situation: Cookies and the new data protection laws!
Find out how the new regulations on cookie consent will be implemented at the University of Erlangen-Nuremberg from May 25, 2018.
Shocking legal situation: Cookies and the new data protection laws!
On March 20, 2025, the Friedrich-Alexander University Erlangen-Nuremberg (FAU) will take an exciting stock of the developments in the last five decades of higher education in its current reporting. The anniversary story is underscored by a special series of images depicting the university's milestones and special moments. With over 50 years under its belt, FAU has gained importance not only in the region but also internationally and has made a valuable contribution to science. The FAU takes particular account of the fact that looking back and looking forward join hands here.
A central aspect that is being discussed at the university relates to data protection regulations, particularly regarding the use of cookies in the online world. Dealing with cookies is particularly complex in Germany, as numerous regulations already existed before the introduction of the General Data Protection Regulation (GDPR) in 2018. For example, the EU Directive 2002/58/EC, also known as the e-Privacy Directive, requires explicit consent for the setting of cookies.
Regulation of the use of cookies
The change in legislation has led to Google asking users for consent for services such as Google Analytics in the past. Before the introduction of the GDPR, the German Telemedia Act (TMG) only provided for an obligation to provide information, but was replaced by the GDPR and the Telecommunications Digital Services Data Protection Act (TDDDG), which has been in force since December 1, 2021. The latter combines provisions of the TMG and the Telecommunications Act (TKG) and implements Article 5 Paragraph 3 of the ePrivacy Directive, which makes it clear how important user consent is for cookies.
The TDDDG formulates clear guidelines that regulate access to data on end devices, in particular the storage of information, which may only take place with the user's consent. Exceptions are defined, for example for technical cookies that are necessary to provide a service. Nevertheless, it is necessary to provide information about the use of cookies requiring consent using cookie banners. These banners must provide clear information, an opt-in function and the opportunity to object.
Current challenges and requirements
The increasing complexity in dealing with cookies is reinforced by the discussion about the e-Privacy Regulation, which is currently being discussed in the EU. This regulation aims to update the Cookie Policy and will require companies to obtain explicit consent to use cookies until the new regulation comes into force. Violations of the TDDDG can be punished with fines of up to 300,000 euros, which illustrates the legal risks for companies.
It remains to be seen how the legal framework will develop, particularly with regard to the use of cookies and the urgently needed protection of user privacy. The last decision of the European Court of Justice on October 1, 2019, which confirmed explicit consent for non-essential cookies, is already having a major impact on the digital landscape. Here too, the question remains as to how user rights and data protection can be further strengthened in the coming years.
FAU faces the challenge of interpreting such legal frameworks and integrating them into its digital strategy. The review of 50 years of successful university work is supplemented by the need to find innovative solutions in the digital space while at the same time meeting data protection requirements.