On 19 September 2024, the Belgian Data Protection Authority (DPA) issued new Guidance on the interplay between the recently adopted EU Regulation on Artificial Intelligence (the AI Act) and the General Data Protection...more
On 7 March 2024, the Court of Justice of the European Union issued a ruling (C-604/22 | IAB Europe) clarifying the concepts of personal data and controller in the context of the use of a Transparency and Consent Framework...more
On 2 February 2022 the Belgian Data Protection Authority ("Belgian DPA") ruled that IAB Europe's Transparency and Consent Framework ("TCF") does not comply with the GDPR and fined IAB Europe €250,000. While the sanctions...more
On February 2, 2022, the Belgian Data Protection Authority (DPA) found that the Interactive Advertising Bureau Europe (IAB) Transparency & Consent Framework (TCF), a tool used to record individuals' online ad preferences,...more
Last week, the Belgian Data Protection Authority ruled that the IAB’s cookie consent framework violated the GDPR. This decision has tremendous potential implications on the ad tech industry, as both publishers and advertisers...more
On February 2, 2022, the Belgian Data Protection Authority (“DPA”) issued a decision finding that the Interactive Advertising Bureau ("IAB”) Europe’s Transparency and Consent Framework (“TCF”) violates key provisions of the...more
In a decision of December 16, 2021, the Belgian Data Protection Authority (“DPA”) imposed a EUR 75,000 administrative fine on a bank located in Belgium for failure to comply with the requirement in Article 38.6 of the General...more
The Belgian Data Protection Authority (DPA) has published brief guidance concerning the European Court of Justice (ECJ) judgement on the European Commission’s adequacy decision provided by the EU-US data Privacy Shield...more
On January 17, The Belgian Data Protection Authority (DPA) published Recommendation no 01/2020 providing Guidance on direct marketing. The Recommendation provides a methodology on how to comply with the General Data...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed. ———...more
The Dutch Data Protection Authority (the "Dutch DPA") has issued guidance stating that so-called "cookie walls" are not compliant with the General Data Protection Regulation (the "GDPR"). The guidance is not legally binding,...more
Recent legislative hearings in the United States and Europe have focused on the means by which large third-party data collectors track individuals via websites. Regulators have paid comparatively little attention to the...more
The Situation: On September 5, 2018, Belgium published two laws that implement the Belgian requirements under Regulation 21016/679, the General Data Protection Regulation ("GDPR"). The Details: The two laws include the Law...more
On November 16, 2017, the Belgian Senate adopted an “Act on the Establishment of the Data Protection Authority.” Following Austria, Germany, and the UK, Belgium is the fourth EU member state to pass a domestic statute...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
Antitrust and competition - A welcome limitation on the investigatory powers of the Commission when requesting information from companies - On 10 March 2016, the Court of Justice of the European Union (“CJEU”) set aside...more
On November 25, 2015, the Article 29 Working Party (the advisory body on data protection and privacy composed of representatives from the national data protection authorities of all EU Member States) was to meet in Brussels...more