The Belgian legislature recently adopted a new act on private investigations ("Act")....more
On 19 September 2024, the Belgian Data Protection Authority (DPA) issued new Guidance on the interplay between the recently adopted EU Regulation on Artificial Intelligence (the AI Act) and the General Data Protection...more
On 7 March 2024, the Court of Justice of the European Union issued a ruling (C-604/22 | IAB Europe) clarifying the concepts of personal data and controller in the context of the use of a Transparency and Consent Framework...more
Data processing agreements are a standard part of business arrangements involving personal data due to the European Union’s General Data Protection Regulation as well as the ever-expanding number of U.S. consumer privacy...more
On May 25th, the Belgian Supervisory Authority (“GBA”) announced that it had imposed a fine of EUR 50,000 on a Belgium-based news media company for using cookies on its websites without complying with applicable cookie law...more
On 2 February 2022 the Belgian Data Protection Authority ("Belgian DPA") ruled that IAB Europe's Transparency and Consent Framework ("TCF") does not comply with the GDPR and fined IAB Europe €250,000. While the sanctions...more
On February 2, 2022, the Belgian Data Protection Authority (DPA) found that the Interactive Advertising Bureau Europe (IAB) Transparency & Consent Framework (TCF), a tool used to record individuals' online ad preferences,...more
Last week, the Belgian Data Protection Authority ruled that the IAB’s cookie consent framework violated the GDPR. This decision has tremendous potential implications on the ad tech industry, as both publishers and advertisers...more
In a decision of December 16, 2021, the Belgian Data Protection Authority (“DPA”) imposed a EUR 75,000 administrative fine on a bank located in Belgium for failure to comply with the requirement in Article 38.6 of the General...more
The Belgian Supreme Court ruled in a judgment of Oct. 7, 2021 that a data subject has the right to lodge a complaint with the Data Protection Authority against a processing practice that violates the GDPR (in this case, the...more
Belgium has spent much of the last 12 months without a government following gridlock in coalition negotiations after the general election in May 2019. As such, there has not been any new legislation covering employment law....more
In the context of their return-to-work policies companies are seeking solutions to detect individuals with fever at the entrance of their premises with the aim of preventing further contamination within the buildings. ...more
Following its investigation of a personal data breach, the Belgian Data Protection Authority (DPA) issued a ruling on April 28, 2020, imposing a €50,000 fine on an organization for negligence in having appointed the company’s...more
Coronavirus and GDPR – the Belgian authority weighs in: •Public health is paramount and prevention and the right to privacy are not incompatible. •Follow the instructions of the competent authorities so that all measures...more
On January 17, The Belgian Data Protection Authority (DPA) published Recommendation no 01/2020 providing Guidance on direct marketing. The Recommendation provides a methodology on how to comply with the General Data...more
Every day, direct marketing communications are addressed to billions of people who are targeted as a result of the processing of their personal data. Against this background, the Belgian Data Protection Authority (the...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed. ———...more
Asking to read an electronic ID card as a condition for the provision of a service (issuing a rewards/loyalty card) is disproportionate and in violation of GDPR, says the Belgian data protection authority. The company was...more
The Dutch Data Protection Authority (the "Dutch DPA") has issued guidance stating that so-called "cookie walls" are not compliant with the General Data Protection Regulation (the "GDPR"). The guidance is not legally binding,...more
On the heels of the European Union's General Data Protection law, which went into effect in May 2018, California has enacted the California Consumer Privacy Act ("CCPA")—the result of an 11th-hour compromise between...more
Law Implementing GDPR Published in Belgian Official Gazette - New Legislation Enacted - The Belgian Law of July 30, 2018, on the protection of natural persons with regard to the processing of personal data was...more
The Situation: On September 5, 2018, Belgium published two laws that implement the Belgian requirements under Regulation 21016/679, the General Data Protection Regulation ("GDPR"). The Details: The two laws include the Law...more
On 27 December 2016, the Belgian Law of 18 December 2016 concerning various health-related matters (“the Sunshine Act”) was adopted by the Belgian Ministry for Public Health....more
On February 28, 2018, the Belgian Privacy Commission issued a recommendation on the position it takes with regard to data protection impact assessments (or “DPIAs”) as foreseen in the GDPR. A DPIA under the GDPR is similar in...more
On November 16, 2017, the Belgian Senate adopted an “Act on the Establishment of the Data Protection Authority.” Following Austria, Germany, and the UK, Belgium is the fourth EU member state to pass a domestic statute...more