Suche
Mein Konto
Targeting cookies: This is how the new law protects your data!
Find out everything about the TDDDG, which regulates the handling of cookies in Germany, including new EU regulations and user rights.
Targeting cookies: This is how the new law protects your data!
On April 28, 2025, an important topic will be put on the agenda in Germany: the TDDDG, the Telecommunications Digital Services Data Protection Act. This law came into force on December 1, 2021 and supplements the existing regulations of the General Data Protection Regulation (GDPR). Among other things, it regulates access to data located on end devices and in particular the use of cookies. fau.de reports that the importance of this law for users' digital privacy cannot be underestimated.
The creation of the TDDDG came about in response to confusion about the previous regulations for cookies in Germany. Before the law was introduced, Section 15 Paragraph 3 of the Telemedia Act (TMG), which allowed an opt-out for cookies, applied. However, this led to ambiguity and was incompatible with EU requirements. The Federal Court of Justice (BGH) decided in the so-called “cookie judgment” (Planet 49) that the interpretation of the TMG must correspond to the European guidelines.
Changes caused by the TDDDG
One of the central aspects of the TDDDG is the opt-in principle for the use of cookies. The regulation implements Article 5 Paragraph 3 of the ePrivacy Directive. This means that information can only be stored and accessed on end devices with the consent of the user. However, there are defined exceptions for absolutely necessary services, such as the transmission of messages or technically necessary cookies for session management.
An important part of the law is the requirement for clear and understandable cookie banners. These must offer users a real choice between “agree” and “reject”. Methods such as “nudging” or “dark patterns” that force users to consent are not permitted. Fines of up to 300,000 euros can be imposed for violations of the TDDDG. Enforcement responsibilities vary by state.
Protection of user rights in digital services
In the context of the TDDDG there are also comprehensive regulations on the security and transparency of digital services. These are enforced through various legislation, such as the eIDAS Regulation and the Digital Services Act. dr-datenschutz.de emphasizes that the aim is to promote innovation and digital sovereignty without losing sight of the rights of users. Current steps by the federal government aim to curb online disinformation and improve the framework for data protection.
A central aspect is also the new regulation on political advertising, which is intended to ensure transparency and data protection. This is particularly important given increasing concerns about foreign interference in elections and public opinion. In addition, the current revision of the eIDAS regulation regulated secure digital identities and the introduction of a digital wallet in Europe. bmdv.bund.de enables citizens to identify themselves across the EU and manage evidence digitally.