152 results Uitwisseling van persoonsgegevens met het Verenigd Koninkrijk Uit de Brexit deal volgt dat gedurende de eerste 4 maanden van 2021 de doorgifte van persoonsgegevens naar het Verenigd Koninkrijk (“VK”) nog op dezelfde manier mag plaatsvinden als voorheen. Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later. New EDPB statement on implementation of PNR directive: impact and recommendations The European Data Protection Board (EDPB) approved a new statement regarding the application of the PNR directive, in light of the ruling of the Court of Justice of the EU (CJEU) in case C-817/19. Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways. Is the Metaverse really dead? Well, not according to the EU Commission… The European Commission recently unveiled its vision for the Metaverse and virtual worlds. Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year. Belgian DPA rules on employee geographic tracking by public authorities On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority. EU Artificial Intelligence Act and Generative AI – an update In this blogpost, our TMT expert Thibau Duquin elaborates on the AI Act, the rules on generative AI such as ChatGPT, and the next steps. EU General Court denies WhatsApp’s action to annul EDPB decision The General Court has declared WhatsApp’s request to annul an EDPB binding decision inadmissible. ECJ further shapes independent position of DPOs In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR. After the Uber case and the Airbnb case … the Star Taxi App case: focus on the question of the qualification as “Information Society Service” This blog analyses the Star Taxi App case law in the light of the Uber case law and the Airbnb case law. The three judgments have in common the question of the qualification of services as Information Society Services. Online platforms and uploading of protected works: a priori no liability for operators of online platforms In a judgment dated 22 June 2021, the CJEU clarifies the liability framework of online platform operators when content protected by copyright is uploaded by platform users. Constitutional Court: fingerprints on the Belgian eID do not infringe the rights of privacy and to data protection On 14 January 2021, the Constitutional Court validated a legislative measure requiring the inclusion of fingerprints on Belgian eID. According to the Court, it is not contrary to the right to privacy and the right to protection of personal data. Facebook/Belgian DPA: Landmark ruling on cross-border enforcement under the GDPR On 15 June 2021, the CJEU delivered an important judgment on the one-stop-shop mechanism. Netflix in own privacy cliffhanger: EUR 4.75 million fine from Dutch GDPR Watchdog Netflix, the global streaming giant, has been fined €4.75 million by the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) for failing to provide customers with adequate information about how their personal data was being processed. TMT seminar series 2025 Our Brussels TMT team is organising five new seminars that delve into cutting-edge topics within the area of technology law, offering valuable and practical insights for your organisation. TenderNed en Klic-viewer: innoveren met overheidsinformatie kan een riskante onderneming zijn Aanbieders van online-diensten en applicaties kunnen niet altijd rekenen op bescherming van hun marktpositie op basis van de staatssteun- en mededingingsregels. Dit blijkt uit een onlangs gewezen uitspraak van de hoogste Unierechter. Dutch national police service liable for unlawful granting of firearms permit In a recent decision (ECLI:NL:HR:2019:1409), the Supreme Court has decided that the Dutch national police force is liable for damage suffered by victims of a shooting which took place in a shopping centre in 2011; an event that shocked the Netherlands. Pagination Previous page Page 2 Current page 3 Page 4 Page 5 Next page
Uitwisseling van persoonsgegevens met het Verenigd Koninkrijk Uit de Brexit deal volgt dat gedurende de eerste 4 maanden van 2021 de doorgifte van persoonsgegevens naar het Verenigd Koninkrijk (“VK”) nog op dezelfde manier mag plaatsvinden als voorheen.
Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later.
New EDPB statement on implementation of PNR directive: impact and recommendations The European Data Protection Board (EDPB) approved a new statement regarding the application of the PNR directive, in light of the ruling of the Court of Justice of the EU (CJEU) in case C-817/19.
Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways.
Is the Metaverse really dead? Well, not according to the EU Commission… The European Commission recently unveiled its vision for the Metaverse and virtual worlds.
Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year.
Belgian DPA rules on employee geographic tracking by public authorities On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority.
EU Artificial Intelligence Act and Generative AI – an update In this blogpost, our TMT expert Thibau Duquin elaborates on the AI Act, the rules on generative AI such as ChatGPT, and the next steps.
EU General Court denies WhatsApp’s action to annul EDPB decision The General Court has declared WhatsApp’s request to annul an EDPB binding decision inadmissible.
ECJ further shapes independent position of DPOs In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR.
After the Uber case and the Airbnb case … the Star Taxi App case: focus on the question of the qualification as “Information Society Service” This blog analyses the Star Taxi App case law in the light of the Uber case law and the Airbnb case law. The three judgments have in common the question of the qualification of services as Information Society Services.
Online platforms and uploading of protected works: a priori no liability for operators of online platforms In a judgment dated 22 June 2021, the CJEU clarifies the liability framework of online platform operators when content protected by copyright is uploaded by platform users.
Constitutional Court: fingerprints on the Belgian eID do not infringe the rights of privacy and to data protection On 14 January 2021, the Constitutional Court validated a legislative measure requiring the inclusion of fingerprints on Belgian eID. According to the Court, it is not contrary to the right to privacy and the right to protection of personal data.
Facebook/Belgian DPA: Landmark ruling on cross-border enforcement under the GDPR On 15 June 2021, the CJEU delivered an important judgment on the one-stop-shop mechanism.
Netflix in own privacy cliffhanger: EUR 4.75 million fine from Dutch GDPR Watchdog Netflix, the global streaming giant, has been fined €4.75 million by the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) for failing to provide customers with adequate information about how their personal data was being processed.
TMT seminar series 2025 Our Brussels TMT team is organising five new seminars that delve into cutting-edge topics within the area of technology law, offering valuable and practical insights for your organisation.
TenderNed en Klic-viewer: innoveren met overheidsinformatie kan een riskante onderneming zijn Aanbieders van online-diensten en applicaties kunnen niet altijd rekenen op bescherming van hun marktpositie op basis van de staatssteun- en mededingingsregels. Dit blijkt uit een onlangs gewezen uitspraak van de hoogste Unierechter.
Dutch national police service liable for unlawful granting of firearms permit In a recent decision (ECLI:NL:HR:2019:1409), the Supreme Court has decided that the Dutch national police force is liable for damage suffered by victims of a shooting which took place in a shopping centre in 2011; an event that shocked the Netherlands.