Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Germany: Bundestag approves cookie ordinance
On October 17, 2024, the German Parliament (Bundestag) announced that it approved the Consent Management Ordinance pursuant to Section 26(2) of the Telecommunications Digital Services Data Protection Act (TDDDG) (the Ordinance). This follows the adoption of the Ordinance by the Federal Government on September 4, 2024.
What are the key provisions of the Ordinance?
The Bundestag noted that the aim of the Ordinance is to create user-friendly, recognized consent management services that manage decisions made by end users regarding consent or non-consent to a digital service provider. End users should be given a transparent tool with which they can understand and review their decisions at any time. Importantly, the integration of recognized consent management services by providers of digital services is voluntary.
Scope
Specifically, the Ordinance regulates:
- the obligations of a recognized consent management service provider;
- the process of recognition of a consent management service; and
- the technical obligations of digital services and retrieval and display software providers.
In addition, the Ordinance outlines, among other things, that a consent management procedure is considered user-friendly if:
- the user interface is designed to be transparent and understandable so users can make free and informed decisions; and
- end users' settings, including the date and time the decision was made, can be viewed by the end user at any time using the information provided, and the information can be changed or revoked.
The Ordinance also requires that consent management service providers present a security concept that allows an assessment of the quality and reliability of the service and the technical applications and that shows that the service meets, both technically and organizationally, the legal requirements for data protection and data security under the General Data Protection Regulation (GDPR).
The Ordinance also provides end users with the right to data portability and the right to switch to another consent management service.
Next steps
According to the TDDDG, the Ordinance may be adopted by the Federal Government with the consent of the Bundestag and the German Legislature (Bundesrat).
The Ordinance provides that it will come into effect on the first day of the quarter following its publication.
You can read the press release here and the Ordinance here, both only available in German.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
