Belgium

Green Light for the Enforcement of NIS 2 in Limited EU Countries Only

October 17, 2024 By Wim Nauwelaerts, Kelly Hagedorn and Alice Portnoy

EU Member States had until today, October 17, 2024, to transpose the Network and Information Security (NIS) 2 Directive into their national laws. As Directives are not directly applicable in EU Member States, the EU legislator required all 27 Member States to incorporate into their local laws the requirements of NIS 2 and to make […]

EU Artificial Intelligence Act Signed Into Law

June 13, 2024 By Paul Greaves and Wim Nauwelaerts

Today, the EU Artificial Intelligence Act (‘AI Act’) was signed into law. The AI Act will impose obligations on both private and public sector actors which provide, import, distribute, or deploy in-scope AI systems. It also contains obligations which apply in connection with general-purpose AI models. The AI Act has explicit extra-territorial effect, which means […]

Belgian Supervisory Authority Sanctions News Media Company for Violating Cookie Rules

May 30, 2022 By Wim Nauwelaerts

On May 25th, the Belgian Supervisory Authority (“GBA”) announced that it had imposed a fine of EUR 50,000 on a Belgium-based news media company for using cookies on its websites without complying with applicable cookie law requirements. The GBA decided to sanction the company mainly because although the company had obtained consent from website visitors […]

Belgian Supreme Court rules that Data Protection Authority may impose administrative fines even where a data subject’s personal data were not processed

November 2, 2021 By Paul Greaves, Wim Nauwelaerts and Privacy, Cyber & Data Strategy Team

The Belgian Supreme Court ruled in a judgment of Oct. 7, 2021 that a data subject has the right to lodge a complaint with the Data Protection Authority against a processing practice that violates the GDPR (in this case, the data minimization principle in Article 6 of the GDPR), even where the data subject’s personal […]