Germany: Consent Management Ordinance under Telecommunications-Digital Services Data Protection Act enters into force

On 1 April 2025, the Consent Management Ordinance under the Telecommunications-Digital Services-Data Protection Act (TDDDG) entered into force. The Ordinance establishes the legal basis for the recognition of consent management services that enable end-users to manage, store, and revoke their consent for the use of terminal device data under Section 25 TDDDG. These recognised services are designed to offer a user-friendly and privacy-preserving alternative to individual cookie consent banners. The regulation outlines procedural, technical, and organisational requirements for recognition, including usability standards and interoperability with digital services and retrieval software. The use of such services by digital service providers is entirely voluntary. However, providers may apply for official recognition by the Federal Commissioner for Data Protection and Freedom of Information (BfDI). This status is granted only if the provider can demonstrate both legal and economic independence and full compliance with the Ordinance’s neutrality and transparency standards.