Privacy

The Belgian law of 25 November 2018 containing various provisions relating to the National Register and the population registers has amended the law of 8 August 1983 regulating the National Register and the use of the national identity number.

The EDPB adopted on 9 April 2019 a set of draft guidelines on personal data processing under Article 6(1)(b) GDPR in the context of providing online services to data subjects.

On 14 January 2021, the Constitutional Court validated a legislative measure requiring the inclusion of fingerprints on Belgian eID. According to the Court, it is not contrary to the right to privacy and the right to protection of personal data.

In this blog, we briefly present three interesting matters in the field of digital law: (1) Parliamentary initiatives to tackle cyber attacks; (2) 'Zero tariff' options and open internet access do not mix; (3) Council of State, GDPR and encryption.

Recently, the European Commission issued an implementing decision on standard new contractual clauses (“SCCs”) for the transfer of personal data to countries outside the European Economic Area.

In this blog, we present two interesting matters in the field of digital law: (1) The supply of a copy of software together with a licence to use it can constitute a "sale of goods”; and (2) WhatsApp in turmoil for its privacy policy and terms of use.

A recent decision of the Belgian Council of State shines a first light on the enforcement of the Schrems II ruling of the European Court of Justice in Belgium.

As of 27 September 2021, the old set of Standard Contractual Clauses (SCCs) can no longer be used in agreements.

In this blog, we briefly present three interesting initiatives of the CNIL, the French Data Protection Authority.

In this blog, we briefly present a judgment of the Belgian Supreme Court of 7 October 2021 on the reading of the eID card to obtain a loyalty card.

In a judgment handed down on 1 December 2021, the Market Court annulled the decision on the merits 66/2021 of 4 June 2021 of the Belgian DPA. The decision reprimanded the Belgian Ministry of Finance for not respecting the rights of the data subjects.

The Belgian Data Protection Authority published an interesting decision of its Litigation chamber. The content of the decision is not completely new, but it provides (or recalls) some relevant elements for personal data practitioners.

On 15 February 2022, the European Data Protection Supervisor published Preliminary Remarks on Modern Spyware. In fact, this document directly targets the Pegasus spyware developed by an Israeli company. 

The Belgian Parliament published a proposal to amend art. 29 of the Belgian Constitution. If adopted, art. 29 should read as follows: “The confidentiality of private communications is inviolable, except in the cases and conditions established by law”.

The Belgian DPA fined Roularta Media Group for several breaches of the GDPR on three of its websites.