187 results Stibbe advises FEDICT Stibbe assisted FEDICT with the drafting of a contract and negotiation of that contract and related service level agreements with Belgacom and Zetes for the delivery of electronic identity cards. Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later. New EDPB statement on implementation of PNR directive: impact and recommendations The European Data Protection Board (EDPB) approved a new statement regarding the application of the PNR directive, in light of the ruling of the Court of Justice of the EU (CJEU) in case C-817/19. Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways. Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year. Belgian DPA rules on employee geographic tracking by public authorities On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority. EU General Court denies WhatsApp’s action to annul EDPB decision The General Court has declared WhatsApp’s request to annul an EDPB binding decision inadmissible. ECJ further shapes independent position of DPOs In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR. Constitutional Court: fingerprints on the Belgian eID do not infringe the rights of privacy and to data protection On 14 January 2021, the Constitutional Court validated a legislative measure requiring the inclusion of fingerprints on Belgian eID. According to the Court, it is not contrary to the right to privacy and the right to protection of personal data. Facebook/Belgian DPA: Landmark ruling on cross-border enforcement under the GDPR On 15 June 2021, the CJEU delivered an important judgment on the one-stop-shop mechanism. Stibbe advises Belgacom, T-Systems International GmbH, Strabag AG and Efkon AG Stibbe assisted a consortium composed of Belgacom, T-Systems International GmbH, Strabag AG, and Efkon AG with the preparation of its bid and with the negotiations and subsequent closing of the contract for the realization of the ETCS PPR project. Stibbe assists major telecom operator Stibbe assisted a major telecom operator with a large-scale cyber attack on its company systems. Stibbe advises Barry Callebaut Stibbe advised Barry Callebaut in connection with a global data center governance project. Stibbe advises ALD Automotive Stibbe advised ALD Automotive, market leader in Belgium for full service leasing, car rental and fleet management, on the implementation of GDPR. Stibbe advises Proximus Stibbe advised Proximus, a listed company and longstanding client, on a broad variety of matters, including innovative partnerships, regulatory compliance, M&A and finance projects, and dispute resolution. Stibbe advises AB Inbev Stibbe advised AB Inbev on a global data protection project. Netflix in own privacy cliffhanger: EUR 4.75 million fine from Dutch GDPR Watchdog Netflix, the global streaming giant, has been fined €4.75 million by the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) for failing to provide customers with adequate information about how their personal data was being processed. Jan-Jaap Koningsveld Counsel Amsterdam Pagination Previous page Page 4 Current page 5 Page 6 Page 7 Next page
Stibbe advises FEDICT Stibbe assisted FEDICT with the drafting of a contract and negotiation of that contract and related service level agreements with Belgacom and Zetes for the delivery of electronic identity cards.
Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later.
New EDPB statement on implementation of PNR directive: impact and recommendations The European Data Protection Board (EDPB) approved a new statement regarding the application of the PNR directive, in light of the ruling of the Court of Justice of the EU (CJEU) in case C-817/19.
Key takeaways and insights from the EDPB Pseudonymisation Guidelines On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways.
Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year.
Belgian DPA rules on employee geographic tracking by public authorities On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority.
EU General Court denies WhatsApp’s action to annul EDPB decision The General Court has declared WhatsApp’s request to annul an EDPB binding decision inadmissible.
ECJ further shapes independent position of DPOs In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR.
Constitutional Court: fingerprints on the Belgian eID do not infringe the rights of privacy and to data protection On 14 January 2021, the Constitutional Court validated a legislative measure requiring the inclusion of fingerprints on Belgian eID. According to the Court, it is not contrary to the right to privacy and the right to protection of personal data.
Facebook/Belgian DPA: Landmark ruling on cross-border enforcement under the GDPR On 15 June 2021, the CJEU delivered an important judgment on the one-stop-shop mechanism.
Stibbe advises Belgacom, T-Systems International GmbH, Strabag AG and Efkon AG Stibbe assisted a consortium composed of Belgacom, T-Systems International GmbH, Strabag AG, and Efkon AG with the preparation of its bid and with the negotiations and subsequent closing of the contract for the realization of the ETCS PPR project.
Stibbe assists major telecom operator Stibbe assisted a major telecom operator with a large-scale cyber attack on its company systems.
Stibbe advises Barry Callebaut Stibbe advised Barry Callebaut in connection with a global data center governance project.
Stibbe advises ALD Automotive Stibbe advised ALD Automotive, market leader in Belgium for full service leasing, car rental and fleet management, on the implementation of GDPR.
Stibbe advises Proximus Stibbe advised Proximus, a listed company and longstanding client, on a broad variety of matters, including innovative partnerships, regulatory compliance, M&A and finance projects, and dispute resolution.
Netflix in own privacy cliffhanger: EUR 4.75 million fine from Dutch GDPR Watchdog Netflix, the global streaming giant, has been fined €4.75 million by the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) for failing to provide customers with adequate information about how their personal data was being processed.