For the first time, the legislator has implemented the E-privacy directive requirements on cookies.

Last week the German parliament adopted a law regulating data protection and privacy in telecommunications and telemedia. 

Until recently, German data protection was regulated by a series of laws - which led to legal uncertainty as a result of its contradictory provisions. The Data Protection Act (TTDSG), passed on 20 May, aims to resolve this by unifying the country’s rules and aligning them with the EU’s General Data Protection Regulation (GDPR).

Social Democrat (SPD) MP Falko Mohrs told EURACTIV Germany: 

“Until now, questions about data protection and privacy were split between these two laws. These different data protection rules will now be merged into a single law so that the legal situation is clearer and more consistent.”

The new legislation implements the E-privacy directive’s requirements to have users agree to cookie settings, stating that failure to require internet users to explicitly consent to the use of cookies was incompatible with EU law. 

However, the new law has come under fire from critics, with some arguing that the new cookie regulation did not contribute to the handling of personal data. FDP MP Manuel Höferlin said it was “not a real system to manage personal information.”

Whilst other critics argued that the TTDSG undermined “the right to anonymity on the internet.”