The Technology, Media and Telecommunications Review: Germany


With an annual business volume of approximately €281 billion in 2020, the information and communications technology (ICT) sector has not only increased business volume six years in a row; it is also one of the largest economic sectors in Germany, employing more than 1.28 million people in about 102.000 companies.2 ICT has become a driving force in Germany's economy, contributing to 5.1 per cent of the national gross value-added services in 2019.3

By focusing on key issues such as digitalisation, mobility, data protection and cybersecurity, the government has tried to advance the information society through targeted policies to modernise legal and technical frameworks and to promote research and market-oriented development over the past decade. As part of this overall effort, the federal government has adopted specific programmes and strategies tailored to the needs of the ICT sector. In 2014, it concluded the Digital Agenda 2014–2017, focusing on a strategy for the digital future of Germany,4 which was extended by the Digital Strategy 20255 in 2016. Since 2016, the federal government has issued a set of further national strategies that outline a roadmap for digital transformation, such as the 5G Strategy for Germany from July 2017, the 'Action Plan: Digitalisation and Artificial Intelligence in the Mobility Sector' from 2018 and the recently published cybersecurity strategy of Germany 2021.6 Beyond that, ethical aspects in the ICT sector are increasingly moving into the political spotlight.7

As far as media regulation is concerned, it is worth pointing out a fundamental reorientation. The newly enacted Interstate Treaty on Media (MStV) is now also intended to take into account the changed circumstances of broadcasts via the internet. It regulates activities geared to the production or distribution of media content in different ways. With regard to telecommunications, data protection and privacy, the current amendments to the Telecommunications Act (TKG), the Telemedia Act (TMG) and the new Act on Data Protection and Privacy in Telecommunications and Telemedia (TTDSG) are worth mentioning.


i The regulators

All television and radio broadcasters are subject to state control. Public service broadcasters are self-governing bodies and therefore largely supervised by internal committees: content-related supervision is carried out by the respective broadcasting council. The respective administrative board, which is appointed by the broadcasting council, supervises all management decisions made by the director. External (legal) supervision is carried out by the 16 state governments.8 The competent authority for legal supervision of private broadcasters is the respective state media authority of each German state,9 whose responsibilities include granting authorisations and assigning transmission capacities.10 They also have a wide range of powers to supervise broadcasters, such as warnings, prohibitions or withdrawals and revocations of licences.11

The state media authorities work together in a working group (including various committees) concerning licensing and supervision as well as in the development of private broadcasting on fundamental questions, primarily with a view to the equal treatment of private TV and radio broadcasters (die medienanstalten – ALM GbR).12 The state media authorities are also responsible for the compliance of private TV and radio broadcasts with basic programming principles. They supervise the observance of regulations on advertising limitations, the protection of minors and the protection of pluralism. Their tasks are carried out by several committees.

The main regulator in the area of telecommunications is the federal legislator due to the competence regarding telecommunications. Important federal laws are the TKG and, for telemedia services, the TMG. The compliance of telecommunications companies with the TKG is monitored by the Federal Network Agency (BNetzA). The BNetzA monitors and supervises the markets and infrastructure for telecommunications, post, energy and railways. It ensures the liberalisation and deregulation of the telecommunications, postal and energy markets, for example through the supervision of non-discriminatory infrastructure access. It is responsible, inter alia, for securing the efficient and interference-free use of frequencies and protecting network security. Apart from regulation, the BNetzA performs a number of other tasks related to the telecommunications market such as allocation of telephone numbers.

The Federal Commissioner for Data Protection and Freedom of Information (BfDI) is responsible for the supervision of data protection at telecommunications companies insofar as they provide telecommunications services.13

ii Main sources of law

The use and distribution of media and telecommunications are first of all protected by fundamental rights. The Basic Law (GG) guarantees freedom of information, freedom of the press for journalists and publishers, as well as freedom of broadcasting and film (Article 5(1)) and freedom of art (Article 5(3)). Furthermore, the GG guarantees the secrecy of telecommunications (Article 10 (1)). These are not only individual freedoms, but with regard to the press an institution guarantee and with regard to broadcasting a guarantee of existence and development.

Broadcasting law is the responsibility of the 16 federal states. However, the 16 states have agreed on a fundamental treaty regulating the legal framework, the MStV. The MStV replaced the State Treaty on Broadcasting Media (RStV) in 2020, primarily in order to adopt the Audiovisual Media Services Directive 2010/13/EU.

Further legal sources, at the level of the federal states, are various other interstate treaties, such as the Interstate Treaty on the Protection of Minors in Broadcasting and in Telemedia (JMStV) and the Interstate Treaty on ZDF.14

In addition to the content requirements, the transmission of telemedia is regulated in the TMG, which includes in particular the transmission of media via the internet. The TMG is not applicable to individual communications, which are specifically regulated in the TKG.

Telecommunication law lies in the shared competence between the EU and the Member States.15 The EU has issued several regulations and directives relating to telecommunications.16 Germany adopted the most important regulations in particular in the TKG and related ordinances. A major reform of the TKG was adopted in 2021 via the Telecommunications Modernisation Act to meet the EECC requirements. The implementation date of the revised TKG is 1 December 2021.17 The goals of the new TKG include, among others:

  1. the expansion of very high capacity networks;
  2. the extension of the TKG scope to interpersonal telecommunications services (such as over-the-top (OTT) services);
  3. certain amendments to the asymmetric market regulation for companies with significant market power as well as the introduction of a symmetrical regulation;
  4. enhancement of consumer rights;
  5. increased security requirements; and
  6. modernisation of frequency management.

iii Regulated activities

Private and public broadcasting is governed by the MStV, which outlines the side-by-side existence of public and private broadcasting. All private broadcasters require a licence for the purpose of providing broadcasting programmes.18 According to the MStV, broadcasting is a linear information and communication service; it is the provision and dissemination of journalistic and editorial content in moving images or sound along a broadcasting schedule for the general public and for simultaneous reception by means of telecommunications.19 A broadcast programme is a sequence of content arranged in time according to a broadcast schedule.20 These are comprehensively regulated activities, including, for example, streaming content via social media platforms. However, a licence may not be required if the programme reaches or is expected to reach an average of less than 20,000 concurrent users over a six-month period.21

When providing telecommunication services or operating a telecommunication network, operators have to adhere to the TKG. As mentioned above, the new TKG extended its scope: the term telecommunications service now includes internet access services, interpersonal communications services and signal transmission services. The TKG does not generally oblige telecommunications service providers or network operators to apply for a licence; however, it requires them to notify the BNetzA when they start to provide the services or operate the network.22

iv Ownership and market access restrictions

German law provides for certain restrictions on foreign investments. The Federal Ministry of Economics and Technology (BMWi) may prohibit transactions that might interfere with German or foreign interests according to Section 4 of the Foreign Trade Law and Section 55 et seq. of the Foreign Trade Law Ordinance. The scope of foreign investment control has developed in past years via the stipulation of a list of particularly sensitive business areas that relate to critical infrastructures23 and that, depending on certain threshold values, explicitly cover specific ICT activities.

As regards telecommunications, the new TKG continues to follow the principle of asymmetrical regulation of companies with significant market power (SMP). The BNetzA has the power to assess whether a company has SMP in a defined market. SMP companies are subject to stricter regulation under the TKG, including non-discrimination obligations, transparency obligations, access obligations, regulation of charges and separate accounting rules. The new TKG has now extended the symmetric regulation that governs companies without SMP. The BNetzA is in the position to impose access obligations on some companies, especially those controlling access to end-users or to networks that are difficult to replicate.

The MStV contains special ownership control provisions24 that are designed to achieve media-plurality objectives. These rules apply in addition to the general merger control regime under German and European competition law and are administered by the Commission on Concentration in the Media.

Since 2012, proceedings concerning the tagesschau-App have been ongoing. Publishing houses claimed that the tagesschau-App provides a high amount of non-broadcasting-related textual content and therefore has a competition-distorting effect. On 30 April 2015, the Federal Court of Justice (BGH) held that not only the concept of the app has to comply with the RStV, but also the specific content, which is subject to full judicial review.25 If broadcasting and non-broadcasting elements are implemented, it is necessary to determine the focus. On 30 September 2016, the Higher Regional Court of Cologne came to the conclusion that the app content on the relevant day was not sufficiently broadcasting-related but equivalent to print media and hence not permitted.26 In 2018, the BGH did not accept the appeal of the decision, ultimately bringing the case before the Federal Constitutional Court (BVerfG) where the legal dispute has now been pending for years.27

v Transfers of control and assignments

The German merger control provisions are enforced by the Federal Cartel Office (BKartA). The current legislation can be found in Chapter VII of the Act Against Restraints of Competition (GWB), which deals with the control of concentrations affecting the German market. In addition, Section 101 et seq. of the TFEU and the EC Merger Regulation apply.28

The filing of merger notifications in Germany is mandatory if the thresholds according to Section 35(1) or (1a) of the GWB are met. If the statutory conditions for prohibition are fulfilled, the BKartA will prohibit the merger or issue clearance conditioned on the divestment or disposal of certain assets from the transaction perimeter or merged entity.

Mergers that are subject to merger control may not be completed before either the BKartA has cleared the transaction or the relevant waiting periods of one month (first phase) or up to an additional five months (second phase) after submission of a complete notification have expired without the BKartA having prohibited a transaction.

There are no legal deadlines for a notification of a concentration, but notifiable concentrations must not be completed before clearance. Therefore, it is advisable to submit a notification well before the envisaged completion date. It is possible to file a pre-merger notification even prior to the signing of the transactional documents. In principle, all acquiring parties involved in a merger are responsible for filing.

Submission of an incorrect or incomplete filing, failure to submit a post-merger completion notice, or cases of incomplete, incorrect or late notices, constitute administrative offences and can lead to a fine of up to €1 million or, in the case of companies, up to 10 per cent of their preceding business year's total revenues.

The BKartA can also consider services provided without remuneration and scaling effects in its assessment of market share or market power, and the threshold for merger control is a transaction value of €400 million.29

Telecommunications and internet access

i internet and internet protocol regulation

All IP-based services are regulated under the TMG and, as regards data protection (as of 1 December 2021), under the TTDSG. Commercial rules for telemedia are covered in the TMG, while aspects relating to (journalistic) content are regulated in the MStV and the JMStV. Telemedia services are permission-free and generally do not need to be registered.30

Telecommunications services and telemedia services are mutually exclusive; therefore, telecommunications are excluded from the scope of the TMG. In practice, the distinction is often difficult to make. When granting access to the internet, a distinction must be made according to the services and functions offered by the provider. If the provider restricts itself to the exclusive data transmission of third-party content from the internet to the user and does not prepare any content, this constitutes a telecommunications service and thus not a telemedium.

ii Universal service

Broadband availability continues to increase steadily throughout Germany.31 At the end of 2020, about 94.5 per cent of households were connected with broadband connections of at least 50Mbit/s. Over 59 per cent of households have gigabit (1,000Mbit/s) connections (2019: 43.2 per cent). Bandwidths of at least 200Mbit/s are available for about 78.5 per cent of households. While the increasing use of super-vectoring technology has contributed to increased availability in the bandwidth classes up to 200Mbit/s (available to 52 per cent of all households), the expansion of cable TV networks (CATV) based on the new DOCSIS 3.1 technology and the expansion of fibre to the building/fibre to the home (FTTB/H) fibre optic networks are driving growth in the higher bandwidth classes: CATV with 1.000MBit/s is available in 53.3 per cent and FTTB/H in 14.5 per cent of all households. However, Long Term Evolution (LTE) coverage can still be improved in Germany. In each federal state, 4G coverage had to be at least 97 per cent. According to an evaluation by the BNetzA from April 2021, LTE coverage is at 96 per cent.32 However, there is a 7.19 per cent quota of gray spots in which only one (of three) mobile network operators provides LTE coverage.

The federal government intends to give a further boost to the development of the broadband network by, for example, capitalising on synergies in the construction of infrastructure, using the digital dividend33 and formulating regulations that foster investments. Moreover, the federal government encourages projects to pursue industry solutions. For example, small and medium-sized telecommunications companies can borrow funds on privileged terms and with adequate risk pricing through the corporate financing programme of Germany's state-owned development bank.34

In any event, the existing federal and state loan guarantee scheme is generally available to companies in the telecommunications sector to prevent economically desirable broadband projects from failing as a result of the lack of suitable financing.

Since 2015, the government has been providing massive funding for the expansion of broadband connections in underserved areas. While the broadband guideline was aimed at reducing white spots,35 the introduction of the gigabit guideline of 2021 is aimed at improving coverage of grey spots.36 The aim of the expansion is to build networks that enable bandwidths of at least 1 gigabit/s symmetrically. The federal government is providing a total of around €12 billion to promote fibre-optic connections. The federal states are also contributing to the costs of gigabit expansion.

The revised TKG is expected to make a further contribution to broadband expansion. In particular, Section 156 TKG et seq. implement a right to fast internet access based on criteria defined by the BNetzA. In addition, certain sanctions will be laid down in the event that a network operator fails to deliver the guaranteed transmission rates.37

iii Restrictions on the provision of service

An amendment of the TKG in 2012 initially introduced the concept of net neutrality. The federal government was authorised to draft a regulation that sets out, inter alia, the requirements for non-discriminatory data transmissions.38 However, with the entry into force of the European Net Neutrality Regulation,39 a national regulation was no longer pursued and the TKG provision was repealed. Article 3 of the Net Neutrality Regulation provides, inter alia, that providers of internet access shall treat all traffic equally, but permits reasonable traffic management measures provided these are transparent, non-discriminatory and proportionate, and are not founded on commercial considerations. The Body of European Regulators for Electronic Communications published guidelines for the implementation of the obligations of national regulatory authorities.

An example of controversial restrictions on network provisioning is the reduction of the internet speed on mobile phone plans. In Germany, mobile phone plans usually only offer a few gigabytes40 of traffic with full speed. Having exceeded this data amount, the internet speed will be reduced to 32 or 64kbit/s. For some years, mobile network carriers offered 'passes', which exclude certain music streaming services or social media services from this amount of data.41 In 2018, the BNetzA prohibited certain conditions of a zero-rating mobile tariff option, which has been challenged by the provider. The Administrative Court of Cologne as well as the Düsseldorf Higher Regional Court referred questions to the European Court of Justice (CJEU), which have not been answered yet.42 In another case regarding the reduction of internet speed by a provider, the Administrative Court of Cologne also referred a question to the CJEU concerning the conformity with Article 3 of the Roaming Directive.43 In a recent ruling, the CJEU states:

the requirements to protect internet users' rights and to treat traffic in a non-discriminatory manner preclude an internet access provider from favouring certain applications and services by means of packages enabling those applications and services to benefit from a “zero tariff” and making the use of the other applications and services subject to measures blocking or slowing down traffic.44

Finally, the Act against Unfair Competition (UWG) provides restrictive provisions regarding unsolicited calls, emails and text messages.45 Making first contact with consumers by such measures requires, as a general principle, the explicit approval of the consumers.46

iv Privacy and data security


The protection of personal data in the ICT area is governed by the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) as well as sector-specific telecommunications and telemedia laws (now the TTDSG). The regulation is supervised by the BfDI, data protection authorities on the federal state level, and partly the BNetzA.

The GDPR is a uniform framework laying down principles for legitimate data processing in the EU and the EEA. Compared to the predecessor Data Protection Directive (95/46/EC), the GDPR entails significantly stricter requirements for data protection. The GDPR introduced substantial sanctions for non-compliance and, depending on the nature of the infringed provision, may consist of civil liabilities, criminal sanctions or administrative fines. Administrative fines can amount to €20 million or up to 4 per cent of the total worldwide annual revenue, whichever is higher, for each violation. With the enactment of the GDPR further strengthening individual rights and meeting the challenges of globalisation and new technologies, the BDSG was also heavily amended and revised with effect from 25 May 2018.

In addition, both the TKG and the TMG provide sector-specific privacy rules that will apply until the end of November 2021. With effect from December 2021, the sector-specific rules will be consolidated in the TTDSG. Among other things, this new act contains rules about telecommunication secrecy, traffic and location data as well as youth protection. Infringements can be sanctioned with administrative fines of up to €300,000 or even imprisonment up to two years.

Data security

Data security is governed by the Law on the Federal Office for Information Security (BSIG), and sector-specific regulations in the TKG, TMG, TTDSG and, on the EU level, GDPR. An amendment of the BSIG was made in 2015, aiming at an improvement in the IT security of critical infrastructure,47 including ICT infrastructure. Parts of the BSIG govern the position of the Federal Office for Information Security (BSI) while other sections impose obligations on private entities maintaining critical infrastructure or providing digital services (e.g., cloud computing).

The BSI is a superior federal authority with wide-ranging tasks of threat prevention in IT systems. The BSI tasks include developing criteria, procedures and tools to test and evaluate the security of information technology systems. Therefore, the BSI is the central reporting office for disruptions and attacks on IT systems.

The BSIG especially imposes obligations on private enterprises to safeguard IT security, such as the duty to report disturbances in IT systems to the BSI. Private enterprises that are subject to these obligations are, in particular, operators of critical infrastructure, like the telecommunication sectors. Within two years of the BSIG coming into force, the operators had to upgrade their IT systems to make them state of the art, and from then on must prove their compliance once every two years through security audits or certificates.48

Operators of telecommunication services have the duty to inform their customers of any IT security risk, and to provide information on solutions for these problems.49 Telemedia services operators must ensure that their users are protected from attacks on IT security through state-of-the-art technical and organisational means.50

The European Commission has adopted several measures to prepare Europe against cyber incidents. In particular, the Directive on Security of Network and Information Systems (NIS Directive) was the first EU-wide legislation on cybersecurity.51 It includes measures to ensure a high common level of network and information security across the EU. The NIS Directive was implemented into German law (BSIG) on 29 June 2017.52

On 28 May 2021, the new IT-SiG 2.0 came into force. It includes adjustments to the protection mechanisms and defence strategies in the area of IT security, mainly through amendments to the BSIG.53 Mainly, the position of the BSI is strengthened by declaring it the independent and neutral advisory body for consumers on IT security issues as well as the National Cybersecurity Certification Authority.54 The revised BSIG also implemented the obligation for operators of critical infrastructures to use systems for detecting attacks from 1 May 2023. Infringement can now be fined up to an amount of €2 million.

The BNetzA has published a revised catalogue of security requirements for the operation of telecommunications and data processing systems and for the processing of personal data (Version 2.0). According to the new TKG, telecommunications companies have to comply with the new requirement one year after its enactment.

Data retention for the purpose of inner security

Since the BVerfG rendered data retention of traffic data as intended under the TKG of 2007 to be unlawful,55 the question of whether and to what extent data retention is in line with national and European law has been discussed widely. The CJEU decided similarly that European Directive 2006/24/EC setting out the framework for data retention is invalid.56 After two drafts of a German data retention act in 2011 and 2013 were not adopted, a new law came into force on 18 December 2016.57 However, further legal proceedings prevented the retention of traffic data. In proceedings for interim relief before the Higher Administrative Court of Münster, a telecommunications service provider obtained a temporary exemption from the retention obligation.58 In response to this decision of 22 June 2017, the BNetzA declared that until final clarification in the main proceedings, telecommunications providers who do not comply with the retention obligation as of 1 July 2017 will not be held responsible under supervisory law. In its ruling of 20 April 2018, the Cologne Administrative Court followed the Higher Administrative Court. The Court found that the plaintiff – a telecommunications service provider – is not obliged to retain the telecommunications connection data of its customers in the context of data retention because the statutory provisions are not compatible with EU law. On 25 September 2019, the Federal Administrative Court (BVerwG) decided to refer the final interpretation of the Data Protection Directive for Electronic Communications (Directive 2002/58/EC) to the CJEU.59 Pending final clarification in Luxembourg, data retention in Germany remains suspended. In addition, several constitutional complaints against the 2015 law are currently pending before the BVerfG in Germany.

In another case, the CJEU confirmed that European data protection law precludes legislation that provides for the general and undifferentiated retention of traffic and location data as a preventive measure for the purposes specified in Article 15 Directive 2002/58/EC. In addition, however, the CJEU also stated that data retention legislation may not conflict with European data protection law when it is a matter of protecting national security, combating serious crime or preventing serious threats to public security.60

Enforcement of law in social networks

With effect from 1 January 2018, the Network Enforcement Act (NetzDG) was implemented to secure and improve the enforceability of penalties against unlawful contact on significant social media platforms. Social network providers are obliged to combat fake news and hate speech by blocking, and to remove unlawful content. Furthermore, it is required that a transparent, accessible and effective procedure for users to report unlawful content has to be established under which social network providers have to report biannually.61

The NetzDG has been the subject of considerable criticism from the outset. In 2021, it was supplemented and reformed in parts after being evaluated in 202062 – as was already planned when the law was enacted. One new element, for example, is the obligation for providers of the major social networks to report criminal acts to the Federal Criminal Police Office, which will come into force on 1 February 2022. This obligation is highly controversial and has already led to elaborations by the Scientific Service of the Bundestag63 and to court proceedings.64 Other noteworthy changes include a regulated appeal procedure against decisions by online platform operators and the implementation of the content-related requirements65 of the (revised66) AMS Directive 2010/13/EU.

Protection of children

Youth protection provisions applicable to the media can primarily be found in the Law for the Protection of the Youth (JuSchG) and the JMStV.

The Federal Agency for the Protection of Children and Young People in the Media (BzKJ) is the authority responsible for protecting children and adolescents from media67 that might contain harmful or dangerous content under the JuSchG. The BzKJ can act only at the request of other administrative institutions. Once an official request has been filed, the BzKJ is obliged to process the complaint. Possible measures in the event of a violation are a prohibition on publication, blocking the provider and fines of up to €5 million.

In 2021 the JuSchG was reformed in particular to respond to new dangers for young people in telemedia. Until now, corresponding obligations mainly affected providers of carrier media. With the new JuSchG, dangers within online games (via chat function or paid additional services) are now meant to be responded to as well (e.g. Section 10b(3) JuSchG). Furthermore, providers of platforms for films and video games must ensure that all content distributed via their digital distribution platform has undergone an official age rating procedure (Section 14a JuSchG).

The JMStV forms the legal basis for assessing content distributed in broadcast or media services. The compliance of broadcast and media services with the JMStV is controlled by the Commission for the Protection of Minors in the Media (KJM). The JMStV distinguishes between illegal content and content that impairs the development of minors: illegal content must not be distributed via broadcasting or media services. Content that is rated as impairing the development of minors (e.g., a severe depiction of violence) is subject to access restrictions. In the event of a breach of the provisions of the JMStV, the KJM decides on the sanctions to be imposed against the respective media content provider.68

Spectrum policy

i Development

Originally, frequencies in Germany were used – with a few exceptions – by Germany's federal mail service, Deutsche Bundespost. Since 1996, however, the markets for network and telephony have been fully liberalised.69

Today's developments go hand in hand with the population's increasing demand for mobile communication services. Not least because of the technical possibilities opened up by, inter alia, universal mobile telecommunications service (UMTS) and LTE, demand for more bandwidth will continue to rise in line with increasing mobility. Growing demand and technological innovation both call for the availability of an adequate frequency spectrum. The next generation of mobile network – 5G – is already being realised on 2.0GHz and 3.6GHz, while most of the 3G/UMTS networks (1.9GHz and 2.1GHz) were shut down in mid 2021 to make room for 4G and 5G.

Since the current allocations for the 800MHz, 1,800MHz and 2.6GHz frequencies will expire by 31 December 2025, there is a public inquiry being carried out to guarantee early availability of suitable frequencies for high-performance networks.70

A relatively new spectrum was recently auctioned off. The new 450MHz network will be implemented by an alliance of electricity providers. They will provide an LTE network for smart meters, the smart grid and communication with critical infrastructure.71

ii Flexible spectrum use

The use of a spectrum requires its prior allocation.72 The TKG states that the allocation of spectra shall be regulated by a Spectrum Regulation,73 and requires the Federal Council's consent.74 Based on the allocation of frequencies and the specifications set out in the Spectrum Regulation under Section 89 TKG, the BNetzA shall divide the spectrum ranges into spectrum uses and related terms of use.75 Spectra for wireless access to telecommunication networks must be assigned in a technologically and service-neutral manner.76

The TKG provides the framework for a flexible use of allocated spectra. Owners of an allocated frequency have the possibility to trade their frequency, and to let third parties use their frequency, for example, by way of a lease, co-use or in the form of a joint use via spectrum pooling. It is necessary, however, that the BNetzA releases such forms of use for flexible use and specifies the corresponding conditions.77

The recent TKG reform modernised the frequency regime and implemented a list of objectives for radio spectrum regulation and amended rules on the time limit and extension of frequency allocations. In the case of an undersupply of telecommunications services (through mobile networks), the BNetzA may now require companies to engage in infrastructure sharing or local roaming. The new TKG also implemented several measures to strengthen competition (e.g., quantitative limitation of spectrum in certain cases, rules on infrastructure sharing and local roaming).

iii Broadband and spectrum auctions

If the BNetzA finds that the number of available spectra is not sufficient for their allocation, it can order that the allocation of frequencies be preceded by a procurement procedure.78 However, this is only rarely practiced, for example in the case of the recently allocated 450MHz spectrum. Often, the procurement is held in the form of a spectrum auction, which is organised by the BNetzA.79

On 12 June 2019, the latest auction of mobile broadband spectrum ended following 497 bidding rounds over seven weeks.80 The auction of 5G frequencies in the fields of 2.0 and 3.6GHz aggregated a total amount of approximately €6.5 billion.


i Regulation of media distribution generally

Media distribution is currently mainly regulated by the TMG and the MStV. The MStV contains content-related regulations for distribution. In particular, the MStV regulates public broadcasting, private broadcasting and certain types of telemedia services that convey or serve to distribute media content. For the first time, the MStV contains comprehensive regulations on these latter telemedia, also known as gatekeepers.81 This refers to various 'new' services such as search engines, smart TVs and social media. Here, plurality of opinion is to be ensured through the obligation to maintain journalistic standards.

Various aspects of regular distribution are regulated, such as product placement. According to the MStV, product placement is generally prohibited and may only be carried out with a clear indication and without significant influence on the editorial responsibility and independence of the content.82

ii Internet-delivered video content

For the distribution of video content, Sections 10a et seq. TMG now regulate a procedure for reporting user complaints. However, internet-delivered video content is mainly regulated in the MStV. In contrast to the RStV, this is now more strictly regulated in the MStV at the level of content distributors and slightly less regulated at the level of content creators. Content distributors are regulated in the MStV if they are a media platform, user interface or media intermediary. Classification can be difficult in individual cases because a functional consideration is made that is independent of the technology used. Media platform providers are required to operate their platforms in a non-discriminatory manner and must comply with transparency obligations. Similar obligations apply to providers of user interfaces. Media intermediaries must appoint an authorised agent for service. In addition, they must also comply with transparency obligations and must not discriminate. Insofar as one of these providers also offers a video sharing service it must comply with the additional obligations set out in the MStV (e.g., advertising).

The year in review

Last year was marked by substantial legislative changes in the area of telecommunications and media law. It remains to be seen how these new rules will prove themselves in practice. However, it should be noted that the regulations are already bringing some clarifications. As an example, the MStV now stipulates a differentiated regulatory system for distributors. Although delimitation problems – as always – cannot be ruled out, the new structure should shed some light on the issue. For example, new lower limits for broadcasting licences are reasonable, showing that the legislator is certainly taking online streamers and influencers into account. However, the technological progress and the enormous diversity and complexity of the actors in the ICT sector still make it difficult to draft well-thought-out regulations.

This complexity is also reflected in recent court decisions. As an example, the BGH had to decide to what extent emails stored by the email provider are still considered telecommunications.83 The BGH ruled that the operator of an email service provides telecommunications services pursuant to Section 100a(4) Code of Criminal Procedure, whereby it does not matter whether the operator also provides telecommunications services within the meaning of the TKG. The CJEU ruled in 2019 that the email provider Gmail in any case does not offer a telecommunications service within the meaning of the TKG.84 In another case, the BGH had to decide whether the registrar of an internet domain can be responsible under the TMG.85 It rejected this on the merits, but applied the same principles for certain constellations as for access providers.

The government has also taken further steps in 2021 to achieve digitalisation goals. It has recognised that a rapid rollout of a high-performance gigabit infrastructure is needed to drive innovation forward with the aim of achieving a nationwide rollout of gigabit networks by 2025. To achieve this goal, the funding programme for a fibre rollout was significantly expanded by the government, that is, federal funding cannot only be applied for the development of particularly underserved white spots. Instead, it will also be possible to subsidise the rollout of fibre infrastructure in grey spots that are better served areas but not yet connected to a gigabit-capable broadband network.86

Conclusions and outlook

The ICT sector in Germany is highly important and fast growing, entailing a fast-paced legal and policy environment. Convergence presents an abundance of challenges for policymakers, industry and society. Cooperation on a European and global level is vital for most German ICT policy issues, including telecommunication and frequency policies, ICT research, cybersecurity and youth protection in the context of new media.

The ICT field involves numerous complex legal issues and is changing at a rapid pace, both legally and factually. The question of whether legislators and courts can keep up with the constant progress remains exciting and, in view of the current amendments to the law, will presumably become clear only in the coming years.


1 Joachim Grittmann is a counsel and Alexander Wilhelm is an associate at Latham & Watkins LLP.

6 An overview of the national strategies and other programmes and initiatives can be found at

7 On 18 July 2018, the federal government set up the Data Ethics Commission (DEK), which is responsible for ethical standards and guidelines. The DEK submitted its final report to the federal government on 23 October 23 2019.; see datenethikkommission- node.html



8 See for example Section 31 ZDF-Staatsvertrag (ZDF State Treaty), Section 31 Deutschlandradio-Staatsvertrag (Germany Radio State Treaty), Section 37 Staatsvertrag über den Südwestrundfunk (State Treaty on Southwest Broadcasting).

9 Four states have joint media authorities: Berlin and Brandenburg as well as Hamburg and Schleswig-Holstein.

10 Section 104 et seq. of the Inter-State Media Treaty (MStV).

11 Section 105(2) of the MStV.

12 The goals and remits of this cooperation are laid down in the Contract on the Cooperation of the Media Authorities in the Federal Republic of Germany (the so-called ALM Statute). The focus is on promoting programming diversity, and thus freedom of information and opinion in private television and radio. This involves, in addition to controlling media power by means of licensing limitations and licence monitoring, the promotion of media literacy among viewers and listeners.

13 As of 1 December 2021, see Section 29 TTDSG. Other data processing activities in the ICT area are supervised by local data protection authorities.

14 One of Germany's national public television broadcasters.

15 Article 4(2) lit. h, 170 et seq. TFEU.

16 e.g., the Roaming Regulations (EU) 531/2012, the Universal Service Directive 2002/22/EC, the Access Directive 2002/19/EC, the European Electronic Communications Code Directive (EU) 2018/1972 (EECC).

17 Like 23 other EU Member States, Germany failed to adapt the EECC by the end of 2020. The Commission therefore opened infringement proceedings; see

18 Section 52(1) MStV.

19 Section 2(1) MStV.

20 Section 2(2) No. 1 MStV.

21 Section 54(1) No. 1 MStV.

22 Section 6 TKG. The BNetzA publishes a list of notified undertakings at regular intervals: NotificationRequirement-node.html.

24 Section 59 et seq. MStV.

25 BGH ruling of 30 April 2015 – I ZR 13/14 – GRUR 2015, 1228 et seq.

26 Higher Regional Court of Cologne ruling of 30 September 2016 – 6 U 188/12 – GRUR 2017, 311.

27 MMR-Aktuell 2018, 402395.

28 Council Regulation (EC) No. 139/2004 of 20 January 2004 on the control of concentrations between undertakings,

29 cf. Section 18 (3a) and Section 35 (1a) GWB; cf. also Seeliger/deCrozals, ZRP 2017, 37.

30 Section 17 MStV, Section 4 TMG.

33 That is digitisation ending up in freeing up spectrum and usually resulting in its reallocation.

35 White spots are underserved areas where existing internet access does not allow download speeds of 30 Mbit/s.

36 Less than 100 Mbit/s is reliably available for downloads.

37 Section 157 of the TKG.

38 See former Section 41a(1) of the TKG.

39 European Net Neutrality Regulation 2015/2120/EC,

40 Usually 1 to 20 GB in the lower price ranges.

41 Known as zero-rating or zero tariff.

42 Administrative Court of Cologne decision of 19 November 2019 – 9 K 8221/18 –; Düsseldorf Higher Regional Court decision of 17 December 2020 – I-20 U 59/19, 12 O 158/19 –

43 Administrative Court of Cologne decision of 20 January 2020 – 9 K 4632/18 –

45 Section 7 UWG.

46 Fines can be as high as €300,000; see Section 20(1) and (2) UWG.

47 Further defined in the BSI KRITIS Ordinance; see footnote. 23.

48 Section 8a BSIG.

49 Section 169(4) TKG.

50 Section 13(7) TMG.

52 Gesetz zur Umsetzung der Richtlinie (EU) 2016/1148 des Europäischen Parlaments und des Rates of 6 July 2016 über Maßnahmen zur Gewährleistung eines hohen gemeinsamen Sicherheitsniveaus von Netz- und Informationssystemen in der Union (Law implementing Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security for network and information systems across the Union), BGBl, 2017, 1885,*%5B%40attr_id%3D%27bgbl117s1885.pdf%27%5D#__bgbl__%2F%2F*%5B%40attr_id%3D%27bgbl117s1885.pdf%27%5D__1600694321765.

53 An overview of the new IT-SiG is provided by Hornung, NJW 2001, 1985 and the BSI,

54 Within the meaning of the EU Cybersecurity Act (Regulation (EU) 2019/881).

55 BVerfG ruling of 2 March 2010 – 1 BvR 256/08, 1 BvR 263/08, 1 BvR 586/08 – BeckRS 2010, 46771.

56 CJEU ruling of 8 April 2014 – C-293/12 and C/594/12 – BeckEuRS 2014, 393023.

57 Gesetz zur Einführung einer Speicherpflicht und einer Höchstspeicherfrist für Verkehrsdaten (Law introducing a storage obligation and a maximum storage period for traffic data), BGBl 2015, 2218,*%[email protected]_id=%2527bgbl115s2218.pdf%2527%255D#__bgbl__%2F%2F*%5B%40attr_id%3D%27bgbl115s2218.pdf%27%5D__1471357640831.

58 Higher Administrative Court of Münster decision of 22 June 2012 – Az. 13 B 238/17 – NVwZ-RR 2018, 43.

59 BVerwG ruling of 25 September 2019 – Az. 6 C 12/18 – NVwZ 2020, 1108.

60 CJEU, ECLI:EU:C:2020:790 – Privacy International; CJEU, ECLI:EU:C:2020:791 – La Quadrature du Net.

61 Failure to comply with the obligations may result in fines of up to €50 million.

64 Administrative Court of Cologne, proceeding 6 L 1277/21 and 6 K 3769/21.

65 Business-related requirements were implemented in the TMG.

66 Directive (EU) 2018/1808 of the European Parliament and of the Council of 14 November 2018 amending Directive 2010/13/EU on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services (Audiovisual Media Services Directive) in view of changing market realities.

67 The types of media monitored include, inter alia, videos, books, computer games and websites.

68 The measures depend on the severity of the breach, and can range from a complaint against the content provider to fines. The issue may even be handed over to the State Prosecutor.

72 Section 91(1) TKG.

74 Section 89(1) TKG.

75 Section 90(1) TKG.

76 Section 90(5) TKG.

77 Section 101(1) and (2) TKG.

78 Section 91(9) TKG.

79 Section 100 TKG.

80 After the merger of Telefónica and E-Plus in the summer of 2014, only four operators (Drillisch, Telefónica, Telekom and Vodafone) were allowed to bid.

82 For example, a private broadcaster recently broadcast a certain format for one week under the theme of a current motion picture. During the broadcast, excerpts of the new film were shown and scenes were re-enacted. The State Media Authority declared a violation of the RStV, which was confirmed by the Administrative Court of Cologne in a ruling of 9 June 2020 – 6 K 14278/1 –

83 BGH decision of 28. 4. 2021 – StB 47/20.

84 EuGH, judgment of 13.6.2019 – C-193/18 – Google LLC/Bundesrepublik Deutschland.

85 BGH NJW 2021, 311.

86 Rahmenregelung der Bundesrepublik Deutschland zur Unterstützung des flächendeckenden Aufbaus von Gigabitnetzen „grauen Flecken“ (Framework regulation of the Federal Republic of Germany to support the nationwide development of gigabit networks in gray spots); see

The Law Reviews content