30 results One year of Schrems II: a state of affairs for international data transfers International data transfers have been the subject of intense debates ever since the Court of Justice issued its landmark judgement of Schrems I, on 6 October 2015. Advocate General opinion on further unlawful processing In a recent opinion delivered by Advocate General Campos Sánchez-Bordona, the European Court of Justice is asked to interpret key provisions of the GDPR concerning the rights of individuals whose personal data has been unlawfully processed. Jan-Jaap Koningsveld strengthens TMT/IP practice Stibbe Amsterdam Stibbe Amsterdam is pleased to announce the expansion of its TMT/IP practice with the appointment of Jan-Jaap Koningsveld as counsel. ‘Dutch scheme’ adopted by the Dutch Parliament's House of Representatives On 26 May 2020, the Dutch Parliament’s House of Representatives (Tweede Kamer) adopted the Act on confirmation of private restructuring plans (Wet homologatie onderhands akkoord (“WHOA”)). The next step will see the WHOA put to vote in the Senate. Pieter Wouters Counsel Brussels Daniël Stein Senior Associate Amsterdam Ook WhatsApp- en sms-berichten op privételefoons vallen onder Wet openbaarheid van bestuur De Afdeling bestuursrechtspraak van de Raad van State heeft in een uitspraak van 20 maart 2019 (ECLI:NL:RVS:2019:899) bevestigd dat ook WhatsApp- en sms-berichten onder de reikwijdte van de Wet openbaarheid van bestuur (Wob) vallen. Brexit and data protection: preparing for a 'no-deal' As it stands, the UK will exit the European Union at midnight on 29 March 2019. Therefore, businesses within the UK, or with trade relations with the UK, would be best advised to assume that a no-deal Brexit is inevitable. EU Advocate General balances data protection rights against trade secrets in algorithmic credit scoring case On 16 march 2023, Advocate General Pikamäe issued his opinion on the scope of data subject rights in the context of algorithmic credit scoring. ICO to impose record-breaking fines for inadequate security measures and data breaches Though the European data protection authorities have taken their time in enforcing the GDPR two announcements by the ICO in the UK regarding proposed fines for British Airways and Marriott demonstrate that large fines are about to start landing regularly. Can you rely on your contract to process personal data? The EDPB adopted on 9 April 2019 a set of draft guidelines on personal data processing under Article 6(1)(b) GDPR in the context of providing online services to data subjects. Stibbe advises DeepOcean Group on its restructuring Stibbe is advising the DeepOcean group on its restructuring. The case involves the first use of the new “cross-class cram-down” mechanism under Part 26A of the UK Companies Act 2006. The Dutch scheme – Classes and voting The Act on confirmation of private restructuring plans – which introduces a framework allowing debtors to restructure their debts outside formal insolvency proceedings (termed the “Dutch Scheme“) – was adopted by the Dutch Senate on 6 October 2020. Webinar: Responding to Personal Data Breaches in the Post-GDPR era On 24-26 March 2021, Brussels TMT partner Erik Valgaeren will address the topic 'Managing personal data breach in a complex international scenarios' during ERA's online conference 'Responding to Personal Data Breaches in the Post-GDPR era'. Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later. Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways. Digital Law Up(to)date: The use of the free version of Google Analytics violates the GDPR The Datenschutzbehörde, the Austrian Data Protection Authority (DPA), found that the use of the free version of Google Analytics violated some provisions of the GDPR, and specifically the rules on international data transfers. Jan-Jaap Koningsveld Counsel Amsterdam Pagination Current page 1 Page 2 Next page
One year of Schrems II: a state of affairs for international data transfers International data transfers have been the subject of intense debates ever since the Court of Justice issued its landmark judgement of Schrems I, on 6 October 2015.
Advocate General opinion on further unlawful processing In a recent opinion delivered by Advocate General Campos Sánchez-Bordona, the European Court of Justice is asked to interpret key provisions of the GDPR concerning the rights of individuals whose personal data has been unlawfully processed.
Jan-Jaap Koningsveld strengthens TMT/IP practice Stibbe Amsterdam Stibbe Amsterdam is pleased to announce the expansion of its TMT/IP practice with the appointment of Jan-Jaap Koningsveld as counsel.
‘Dutch scheme’ adopted by the Dutch Parliament's House of Representatives On 26 May 2020, the Dutch Parliament’s House of Representatives (Tweede Kamer) adopted the Act on confirmation of private restructuring plans (Wet homologatie onderhands akkoord (“WHOA”)). The next step will see the WHOA put to vote in the Senate.
Ook WhatsApp- en sms-berichten op privételefoons vallen onder Wet openbaarheid van bestuur De Afdeling bestuursrechtspraak van de Raad van State heeft in een uitspraak van 20 maart 2019 (ECLI:NL:RVS:2019:899) bevestigd dat ook WhatsApp- en sms-berichten onder de reikwijdte van de Wet openbaarheid van bestuur (Wob) vallen.
Brexit and data protection: preparing for a 'no-deal' As it stands, the UK will exit the European Union at midnight on 29 March 2019. Therefore, businesses within the UK, or with trade relations with the UK, would be best advised to assume that a no-deal Brexit is inevitable.
EU Advocate General balances data protection rights against trade secrets in algorithmic credit scoring case On 16 march 2023, Advocate General Pikamäe issued his opinion on the scope of data subject rights in the context of algorithmic credit scoring.
ICO to impose record-breaking fines for inadequate security measures and data breaches Though the European data protection authorities have taken their time in enforcing the GDPR two announcements by the ICO in the UK regarding proposed fines for British Airways and Marriott demonstrate that large fines are about to start landing regularly.
Can you rely on your contract to process personal data? The EDPB adopted on 9 April 2019 a set of draft guidelines on personal data processing under Article 6(1)(b) GDPR in the context of providing online services to data subjects.
Stibbe advises DeepOcean Group on its restructuring Stibbe is advising the DeepOcean group on its restructuring. The case involves the first use of the new “cross-class cram-down” mechanism under Part 26A of the UK Companies Act 2006.
The Dutch scheme – Classes and voting The Act on confirmation of private restructuring plans – which introduces a framework allowing debtors to restructure their debts outside formal insolvency proceedings (termed the “Dutch Scheme“) – was adopted by the Dutch Senate on 6 October 2020.
Webinar: Responding to Personal Data Breaches in the Post-GDPR era On 24-26 March 2021, Brussels TMT partner Erik Valgaeren will address the topic 'Managing personal data breach in a complex international scenarios' during ERA's online conference 'Responding to Personal Data Breaches in the Post-GDPR era'.
Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later.
Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways.
Digital Law Up(to)date: The use of the free version of Google Analytics violates the GDPR The Datenschutzbehörde, the Austrian Data Protection Authority (DPA), found that the use of the free version of Google Analytics violated some provisions of the GDPR, and specifically the rules on international data transfers.