114 results Het arbeidsrecht moet op de schop Voor het arbeidsrecht zijn het tegenwoordig spannende tijden. De arbeidsmarkt is sterk in ontwikkeling als gevolg van fenomenen zoals flexibilisering en digitalisering. Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later. New EDPB statement on implementation of PNR directive: impact and recommendations The European Data Protection Board (EDPB) approved a new statement regarding the application of the PNR directive, in light of the ruling of the Court of Justice of the EU (CJEU) in case C-817/19. Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways. Is the Metaverse really dead? Well, not according to the EU Commission… The European Commission recently unveiled its vision for the Metaverse and virtual worlds. Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year. Belgian DPA rules on employee geographic tracking by public authorities On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority. EU Artificial Intelligence Act and Generative AI – an update In this blogpost, our TMT expert Thibau Duquin elaborates on the AI Act, the rules on generative AI such as ChatGPT, and the next steps. EU General Court denies WhatsApp’s action to annul EDPB decision The General Court has declared WhatsApp’s request to annul an EDPB binding decision inadmissible. ECJ further shapes independent position of DPOs In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR. After the Uber case and the Airbnb case … the Star Taxi App case: focus on the question of the qualification as “Information Society Service” This blog analyses the Star Taxi App case law in the light of the Uber case law and the Airbnb case law. The three judgments have in common the question of the qualification of services as Information Society Services. Online platforms and uploading of protected works: a priori no liability for operators of online platforms In a judgment dated 22 June 2021, the CJEU clarifies the liability framework of online platform operators when content protected by copyright is uploaded by platform users. Constitutional Court: fingerprints on the Belgian eID do not infringe the rights of privacy and to data protection On 14 January 2021, the Constitutional Court validated a legislative measure requiring the inclusion of fingerprints on Belgian eID. According to the Court, it is not contrary to the right to privacy and the right to protection of personal data. Facebook/Belgian DPA: Landmark ruling on cross-border enforcement under the GDPR On 15 June 2021, the CJEU delivered an important judgment on the one-stop-shop mechanism. European Commission adopts Delegated Regulations on oversight fees and critical ICT third-party service providers (DORA) and Delegated Regulations under MiCAR On 22 February 2024, the European Commission adopted two Delegated Regulations under the Regulation on digital operational resilience for the financial sector and four Delegated Regulations under the Markets in Crypto-Assets Regulation. Netflix in own privacy cliffhanger: EUR 4.75 million fine from Dutch GDPR Watchdog Netflix, the global streaming giant, has been fined €4.75 million by the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) for failing to provide customers with adequate information about how their personal data was being processed. Netherlands Chapters in Chambers: Venture Capital 2024 Marc Habermehl, Jeroen Smits, Roderik Vrolijk, David de Groot and Max de Heer contributed to Chambers: Venture Capital 2024 in chapters about Law and Practice and Trends and Developments in the Netherlands. EBA Reports on Virtual IBANs On 24 May 2024, the European Banking Authority (EBA) published a report on virtual IBAN (vIBANs) in which the EBA set outs characteristics and use cases of vIBANs and comments on identified risks associated with this development in the payments market. Pagination Previous page Page 2 Current page 3 Page 4 Page 5 Next page
Het arbeidsrecht moet op de schop Voor het arbeidsrecht zijn het tegenwoordig spannende tijden. De arbeidsmarkt is sterk in ontwikkeling als gevolg van fenomenen zoals flexibilisering en digitalisering.
Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later.
New EDPB statement on implementation of PNR directive: impact and recommendations The European Data Protection Board (EDPB) approved a new statement regarding the application of the PNR directive, in light of the ruling of the Court of Justice of the EU (CJEU) in case C-817/19.
Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways.
Is the Metaverse really dead? Well, not according to the EU Commission… The European Commission recently unveiled its vision for the Metaverse and virtual worlds.
Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year.
Belgian DPA rules on employee geographic tracking by public authorities On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority.
EU Artificial Intelligence Act and Generative AI – an update In this blogpost, our TMT expert Thibau Duquin elaborates on the AI Act, the rules on generative AI such as ChatGPT, and the next steps.
EU General Court denies WhatsApp’s action to annul EDPB decision The General Court has declared WhatsApp’s request to annul an EDPB binding decision inadmissible.
ECJ further shapes independent position of DPOs In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR.
After the Uber case and the Airbnb case … the Star Taxi App case: focus on the question of the qualification as “Information Society Service” This blog analyses the Star Taxi App case law in the light of the Uber case law and the Airbnb case law. The three judgments have in common the question of the qualification of services as Information Society Services.
Online platforms and uploading of protected works: a priori no liability for operators of online platforms In a judgment dated 22 June 2021, the CJEU clarifies the liability framework of online platform operators when content protected by copyright is uploaded by platform users.
Constitutional Court: fingerprints on the Belgian eID do not infringe the rights of privacy and to data protection On 14 January 2021, the Constitutional Court validated a legislative measure requiring the inclusion of fingerprints on Belgian eID. According to the Court, it is not contrary to the right to privacy and the right to protection of personal data.
Facebook/Belgian DPA: Landmark ruling on cross-border enforcement under the GDPR On 15 June 2021, the CJEU delivered an important judgment on the one-stop-shop mechanism.
European Commission adopts Delegated Regulations on oversight fees and critical ICT third-party service providers (DORA) and Delegated Regulations under MiCAR On 22 February 2024, the European Commission adopted two Delegated Regulations under the Regulation on digital operational resilience for the financial sector and four Delegated Regulations under the Markets in Crypto-Assets Regulation.
Netflix in own privacy cliffhanger: EUR 4.75 million fine from Dutch GDPR Watchdog Netflix, the global streaming giant, has been fined €4.75 million by the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) for failing to provide customers with adequate information about how their personal data was being processed.
Netherlands Chapters in Chambers: Venture Capital 2024 Marc Habermehl, Jeroen Smits, Roderik Vrolijk, David de Groot and Max de Heer contributed to Chambers: Venture Capital 2024 in chapters about Law and Practice and Trends and Developments in the Netherlands.
EBA Reports on Virtual IBANs On 24 May 2024, the European Banking Authority (EBA) published a report on virtual IBAN (vIBANs) in which the EBA set outs characteristics and use cases of vIBANs and comments on identified risks associated with this development in the payments market.