163 results Can you rely on your contract to process personal data? The EDPB adopted on 9 April 2019 a set of draft guidelines on personal data processing under Article 6(1)(b) GDPR in the context of providing online services to data subjects. Belgian law of 25 November 2018 on various provisions relating to the National Register The Belgian law of 25 November 2018 containing various provisions relating to the National Register and the population registers has amended the law of 8 August 1983 regulating the National Register and the use of the national identity number. Companies unprepared for increasing cyber risks Companies increasingly face cybercrime incidents. Stibbe offers tailor-made solutions. European Data Protection Board provides welcoming guidance on the territorial scope of the GDPR If personal data of a Korean employee working for a U.S. company is processed in the HR department in London, does the GDPR apply? Is the GPDR applicable to a Dutch customer visiting the website of a Canadian company? 15 aspects of Brexit you did not know A Brexit without a deal, or with a deal that does not cover all relevant aspects, is still a potential scenario. We have highlighted a number of unexpected legal consequences of Brexit in such a no deal or incomplete deal scenario. Afdeling formuleert toetsingskader voor de heroverweging in bezwaar van ((niet)handhavings)besluiten De Afdeling bestuursrechtspraak van de Raad van State formuleert in haar uitspraak van 28 oktober 2020 het toetsingskader voor de heroverweging op bezwaar door een bestuursorgaan bij besluiten. Uitwisseling van persoonsgegevens met het Verenigd Koninkrijk Uit de Brexit deal volgt dat gedurende de eerste 4 maanden van 2021 de doorgifte van persoonsgegevens naar het Verenigd Koninkrijk (“VK”) nog op dezelfde manier mag plaatsvinden als voorheen. Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later. New EDPB statement on implementation of PNR directive: impact and recommendations The European Data Protection Board (EDPB) approved a new statement regarding the application of the PNR directive, in light of the ruling of the Court of Justice of the EU (CJEU) in case C-817/19. Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways. Is the Metaverse really dead? Well, not according to the EU Commission… The European Commission recently unveiled its vision for the Metaverse and virtual worlds. Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year. Digital Law Up(to)date: EDPB guidelines on facial recognition in the area of law enforcement The European Data Protection Board adopted on 12 May 2022 Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement. Digital Law Up(to)date: New EDPB Guidelines on the practical implementation of amicable settlements The EDPB published new guidelines on the practical implementation of amicable settlements. Belgian DPA rules on employee geographic tracking by public authorities On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority. EU Artificial Intelligence Act and Generative AI – an update In this blogpost, our TMT expert Thibau Duquin elaborates on the AI Act, the rules on generative AI such as ChatGPT, and the next steps. EU General Court denies WhatsApp’s action to annul EDPB decision The General Court has declared WhatsApp’s request to annul an EDPB binding decision inadmissible. ECJ further shapes independent position of DPOs In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR. Pagination Previous page Page 3 Current page 4 Page 5 Page 6 Next page
Can you rely on your contract to process personal data? The EDPB adopted on 9 April 2019 a set of draft guidelines on personal data processing under Article 6(1)(b) GDPR in the context of providing online services to data subjects.
Belgian law of 25 November 2018 on various provisions relating to the National Register The Belgian law of 25 November 2018 containing various provisions relating to the National Register and the population registers has amended the law of 8 August 1983 regulating the National Register and the use of the national identity number.
Companies unprepared for increasing cyber risks Companies increasingly face cybercrime incidents. Stibbe offers tailor-made solutions.
European Data Protection Board provides welcoming guidance on the territorial scope of the GDPR If personal data of a Korean employee working for a U.S. company is processed in the HR department in London, does the GDPR apply? Is the GPDR applicable to a Dutch customer visiting the website of a Canadian company?
15 aspects of Brexit you did not know A Brexit without a deal, or with a deal that does not cover all relevant aspects, is still a potential scenario. We have highlighted a number of unexpected legal consequences of Brexit in such a no deal or incomplete deal scenario.
Afdeling formuleert toetsingskader voor de heroverweging in bezwaar van ((niet)handhavings)besluiten De Afdeling bestuursrechtspraak van de Raad van State formuleert in haar uitspraak van 28 oktober 2020 het toetsingskader voor de heroverweging op bezwaar door een bestuursorgaan bij besluiten.
Uitwisseling van persoonsgegevens met het Verenigd Koninkrijk Uit de Brexit deal volgt dat gedurende de eerste 4 maanden van 2021 de doorgifte van persoonsgegevens naar het Verenigd Koninkrijk (“VK”) nog op dezelfde manier mag plaatsvinden als voorheen.
Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later.
New EDPB statement on implementation of PNR directive: impact and recommendations The European Data Protection Board (EDPB) approved a new statement regarding the application of the PNR directive, in light of the ruling of the Court of Justice of the EU (CJEU) in case C-817/19.
Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways.
Is the Metaverse really dead? Well, not according to the EU Commission… The European Commission recently unveiled its vision for the Metaverse and virtual worlds.
Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year.
Digital Law Up(to)date: EDPB guidelines on facial recognition in the area of law enforcement The European Data Protection Board adopted on 12 May 2022 Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement.
Digital Law Up(to)date: New EDPB Guidelines on the practical implementation of amicable settlements The EDPB published new guidelines on the practical implementation of amicable settlements.
Belgian DPA rules on employee geographic tracking by public authorities On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority.
EU Artificial Intelligence Act and Generative AI – an update In this blogpost, our TMT expert Thibau Duquin elaborates on the AI Act, the rules on generative AI such as ChatGPT, and the next steps.
EU General Court denies WhatsApp’s action to annul EDPB decision The General Court has declared WhatsApp’s request to annul an EDPB binding decision inadmissible.
ECJ further shapes independent position of DPOs In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR.