Database

Browse Database

GERMANY

Since 2016

Pillar Online sales and transactions  |  Sub-pillar Restrictions on domain names
DENIC terms of service
According to the DENIC terms of service, §3 (4), ".de" domain holders not domiciled in Germany shall name an authorised representative domiciled in Germany within two weeks of a corresponding request by DENIC.
Coverage Horizontal

GERMANY

Since 2020

Pillar Technical standards applied to ICT goods, products and online services  |  Sub-pillar Product screening and additional testing requirements
Federal Act on the Security of Information Technology Systems
§9b of the Federal Act on the Security of Information Technology Systems requires that critical components register with the Federal Ministry of the Interior before their first use. The use of these components can be prohibited on three grounds: if the producer is controlled by a third state government, its military or other public authorities, directly or indirectly; if the producer has previously been involved in activities with negative consequences on the public safety or order of the Federal Republic of Germany, other member states of the EU, the European Economic Area or the North Atlantic Treaty; or if the use of the critical component is in contradiction with the security interests of the Federal Republic of Germany, the EU or the North Atlantic Treaty.
Coverage Critical infrastructure, including telecommunications

GERMANY

Since March 2010, entry into force in May 2010, last amended in 2018
Since November 2020

Pillar Quantitative trade restrictions for ICT goods, products and online services  |  Sub-pillar Local content requirements (LCRs) on ICT goods for the commercial market
EU Directive on Audiovisual Media Services (AVMS)

Interstate Treaty on the Modernization of Media Regulation in Germany (Staatsvertrag zur Modernisierung der Medienordnung in Deutschland)
The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Article 13(1) provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works through facilitating access to such works using any appropriate means to ensure prominence of European works. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
The directive has been transposed in 2020 with the Interstate Treaty on the Modernization of Media Regulation in Germany.
Coverage On-demand audiovisual service

GERMANY

Since October 2017

Pillar Intermediary liability  |  Sub-pillar Monitoring requirement
Act to improve law enforcement in social networks (NetzDG)
NetzDG establishes broad requirements for dealing with illegal content and user complaints. Under §3 of the law, platform operators have to remove or block manifestly illegal content within 24 hours after receiving a complaint unless otherwise agreed with the competent law enforcement agency. Other illegal content has to be blocked or removed seven days after receiving a complaint, unless the decision whether the content is illegal is contingent on the veracity of a factual claim or the provider has put in place an independent body dealing with these claims. These procedures have to respect due process. Providers which receive more than 100 complaints per year have to submit two reports on these procedures each year (§2 NetzDG). The law has faced criticism from various human rights groups, the United Nations and the Council of Europe, among others. Criticisms include the potential undermining of freedom of speech and expression, vague definitions and arbitrary criteria for removal of content, and disproportionate sanctions for failing to comply.
Coverage Online platforms

GERMANY

Since July 2000
Since 2007

Pillar Intermediary liability  |  Sub-pillar Safe harbor for intermediaries for any activity other than copyright infringement
Directive 2000/31/EC (E-Commerce Directive)

Telemedia Act (Telemediengesetz)
The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbor. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.

Under §7-10 of the Telemedia Act, there are liability exemptions for intermediaries in cases where these have not actively triggered a transmission; chosen its recipient; where they have no knowledge of illegal content or activities or where they immediately remove related content. This broadens the scope of Art. 14 of the EU E-Commerce Directive, which only refers to "knowledge".
Coverage Electronic information and communication services

GERMANY


Pillar Intermediary liability  |  Sub-pillar User identity requirement
Mandatory SIM card registration
It is reported that Germany imposes an identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card, or a passport in case of foreigners, to activate a new prepaid SIM card.
Coverage Horizontal

GERMANY

Since July 2000
Since 2007

Pillar Intermediary liability  |  Sub-pillar Safe harbor for intermediaries for copyright infringement
Directive 2000/31/EC (E-Commerce Directive)

Telemedia Act (Telemediengesetz)
The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbor. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.

Under §7-10 of the Telemedia Act, there are liability exemptions for intermediaries in cases where these have not actively triggered a transmission; chosen its recipient; where they have no knowledge of illegal content or activities or where they immediately remove related content. This broadens the scope of Art. 14 of the EU E-Commerce Directive, which only refers to "knowledge".
Coverage Electronic information and communication services

GERMANY

Since June 2017

Pillar Domestic Data policies  |  Sub-pillar Requirement to perform an impact assessment (DPIA) or have a data protection officer (DPO)
Federal Data Protection Act (Bundesdatenschutzgesetz), implementing the EU General Data Protection Regulation
Germany's implementation of the EU General Data Protection Regulation (GDPR) broadens the scope of the requirement for a data protection officer under Art. 37 GDPR. According to Art. 38 of the Federal Data Protection Act, public entities and private entities with at least 20 permanent employees in automated data processing have to appoint a data protection officer; "automated data processing" here includes most computer-based activities. In addition to GDPR requirements, all entities which perform operations for which a data protection impact assessment is necessary according to the GDPR also have to appoint a data protection officer.
Coverage Horizontal

GERMANY

Since 2004

Pillar Domestic Data policies  |  Sub-pillar Requirement to allow the government to access personal data collected
Telecommunications Act
Section 174 of the Telecommunications Act requires that providers of publicly available telecommunications services for consumers establish an automated system for data access for the Federal Networks Agency and law enforcement agencies regarding certain types of data (name and address, date of birth, telephone number of a certain user) and immediately respond to other data demands if there is evidence of a concrete criminal act within the meaning of Section 2 (1) of the Federal Criminal Police Office Act.
Coverage Telecommunications sector

GERMANY

Since April 2020

Pillar Cross-border data policies  |  Sub-pillar Conditional flow regime
Digital Health Appliances Ordinance (Digitale Gesundheitsverordnung)
Under the Digital Health Appliances Ordinance, data related to digital health appliances can only be processed in the EU or in jurisdictions where there is an adequacy decision (Section 4(3)), while other exceptions such as standard contractual clauses are not allowed. Digital Health Appliances (Digitale Gesundheitsanwendungen) are low risk, medical digital devices that are intended to detect or alleviate illnesses, that assist in diagnosis, and that are based primarily on digital technology. They include apps, or browser-based applications. A "DiGA" can be used either by the patient alone or shared by the doctor and patient.
Coverage Digital health appliances

GERMANY

Since February 2005, last amended in December 2022

Pillar Cross-border data policies  |  Sub-pillar Local storage requirement
Value Added Tax Act (Umsatzsteuergesetz)
According to §14b of the Value Added Tax Act, all VAT invoices must be stored within Germany. When these invoices are stored electronically, they can be stored within another EU member state. However, the tax authority must be notified of the location of the data servers, and have the ability to access and download the data.
Coverage Horizontal

GERMANY

Since October 2002, last amended in December 2022

Pillar Cross-border data policies  |  Sub-pillar Local storage requirement
The Fiscal Code of Germany (Abgabenordnung)
Pursuant to Section 146 of the Fiscal Code, financial accounts and records must be kept within Germany. Exceptionally, the competent revenue authority may authorise the storage of electronic accounts data outside of Germany if certain conditions are met (e.g., information is given about the location of the data processing and name of the third party processor; the data remains fully accessible and taxation is not hampered).
Coverage Horizontal

GERMANY

Since January 1998

Pillar Telecom infrastructure and competition  |  Sub-pillar Presence of independent telecom authority
Presence of independent telecom authority
It is reported that the Federal Network Agency for Electricity, Gas, Telecommunications, Post and Railway (BNetzA), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.
Coverage Telecommunications sector

GERMANY

Reported in March 2022

Pillar Telecom infrastructure and competition  |  Sub-pillar Presence of shares owned by the government in telecom companies
Presence of shares owned by the government in the telecom sector
It is reported that German State holds a 16.63% stake in Deutsche Telekom AG stock. Deutsche Telekom AG is a telecommunications company based in Germany, and it is one of the largest telecommunications providers in Europe operating in over 50 countries worldwide.
Coverage Telecommunications sector

GERMANY

N/A

Pillar Telecom infrastructure and competition  |  Sub-pillar Functional/accounting separation for operators with significant market power
Lack of mandatory functional separation for dominant network operators
It is reported that Germany does not mandate functional separation for operators with significant market power (SMP) in the telecom market. However, accounting separation applies to SMP operators in some wholesale markets (e.g. IP bitstream + fibre LLU).
Coverage Telecommunications sector