Privacy & data protection

CyberSec4EU
Privacy & data protection

On Thursday the 4th of July 2019, Cyber Security for Europe (CyberSec4EU) hosted a panel on the Proposal for a Regulation establishing the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres, the NCCC regulation.

British Airways
Privacy & data protection

The British Supervisory Authority, the British Information Commissioner's Office (ICO), announced its intention to impose a GDPR fine of £183 million (equivalent to €243.47 million) on British Airways.

paris
Privacy & data protection

The French data protection authority (the CNIL) has announced that it will soon communicate to data controllers a clarification of the legal obligations in terms of obtaining consent for cookies, as well as all for all other tracking devices and techniques.

1 year GDPR
Privacy & data protection

About a year ago, on 25 May 2018, the General Data Protection Regulation (GDPR) became applicable. Today, one year later, we draw up a balance sheet of the enforcement actions taken by the supervisory authorities across the EU.

email
Privacy & data protection

The previous statement by the new Chairman of the Belgian Data Protection Authority (DPA) affirming that the DPA will step up a gear in 2019 to ensure compliance with the GDPR has in the meantime been reinforced by the imposition of the first GDPR fine in Belgium.

NIS
Privacy & data protection

The EU Network and Information Security (NIS) Directive has been implemented in Belgian law. What does it mean for you?

brussels
Privacy & data protection

Early April, a variant of the right to be forgotten was introduced in insurance law. This was achieved by means of the Act of 4 April 2019 amending the Act of 4 April 2014 on insurances, which introduces a right to be forgotten for certain personal insurances.

Frederic Debussere VTM
Privacy & data protection

On 8 May 2019, the Court of Appeal of Brussels ruled in the case of the Belgian Data Protection Authority v. Facebook following the pleadings of 27 and 28 March 2019.

EU Data Controller Processor
Privacy & data protection

International companies headquartered outside the EU but established in several European Member States are facing the question how to determine their main establishment in the Union. In the Guidelines for identifying a controller or processor’s lead supervisory authority (WP 244 of the Article 29 Working Party, endorsed by the EDPB) this question has been left open to a large extent.

The extraterritorial scope of the GDPR
Privacy & data protection

On 23 November 2018 the European Data Protection Board (EDPB) published its ‘Guidelines on the territorial scope of the GDPR’. With these guidelines, the EDPB responds to many doubts of companies located outside the EU as to whether they are subject to the General Data Protection Regulation (GDPR) as well.