GDPR Compliance in the U.S.: What to Know
In 1992, Singapore banned the sale of all chewing gum. But if you...Read Now
The simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline the DSAR workflow
Ensure your customers’ data is in good hands
Gain insights with privacy assessment templates and workflow management
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Don’t let data privacy compliance get in the way of growth
Preserve your competitive edge
Manage data privacy at scale
Expert insights on all things privacy
Subscribe and become a Privacy Insider
Research the most essential privacy topics
We'll scan your website for privacy risk at no cost
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
No fines, no penalties
Add Osano data privacy ratings and recommendations to your application
Fresh duds for data privacy fans
January 12, 2022
On Dec. 1, 2021, Germany passed the Telecommunications-Telemedia Data Protection Act (it's being called the TTDSG because of its German translation). The law aims to start implementing the forthcoming ePrivacy Regulation provisions, which the EU government has been trying to pass for a few years.
The law regulates over-the-top (OTT) services like email and messaging services and requires they be covered by telecommunication law. The TTDSG codifies into national law that organizations deploying tracking technologies must gain consent – regardless of whether the data is processed. As Deloitte reports, consent is not required if the tracking technology is used to transmit a message or necessary for the user's service.
Here is the portion of the TTDSG that applies to cookies:
Section 25: Protection of privacy in terminal equipment
(1) The storage of information in the end-user's terminal equipment or access to information already stored in the terminal equipment is only permissible if the end-user has consented on the basis of clear and comprehensive information. The information to the end-user and the consent shall be provided in accordance with Regulation (EU) 2016/679.
In late December, the German Data Protection Conference (the group of German data protection authorities) issued guidance on the law. The group said that organizations must differentiate their requests for user consent under the TTDSG and the GDPR. If user consent is obtained in a bundled format (with one click), consent banners must include transparent and specific information. In addition, rejecting consent can't take more clicks than accepting it, and there must be a simple way – on the website – to withdraw consent at any time.
The group also reiterated that website operators remain responsible for obtaining valid consent even if they're using a third-party consent management tool.
Writer at Osano
Writer at Osano
The Osano staff is a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet. Occasionally, the team writes under the pen name of our mascot, “Penny, the Privacy Pro.”
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
Osano makes it easy. Ready to get serious about data privacy? Choose your plan and get started. All plans come with a 30-day FREE trial!