GDPR

Belgian Data Protection Authority Issues Updated Guidance on Direct Marketing Rules

March 20, 2025 By Alice Portnoy and Wim Nauwelaerts

On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch). The BDPA reviewed its original guidance to help companies from all sectors navigate applicable EU privacy and data protection law requirements […]

Filed Under: Data Protection, Direct Marketing, ePrivacy, GDPR, Online Privacy Tagged With: Accountability, Marketing, Transparency

Belgian Data Protection Authority Publishes Guidance on the Interplay between the GDPR and the AI Act

September 25, 2024 By Wim Nauwelaerts and Alice Portnoy

On 19 September 2024, the Belgian Data Protection Authority (DPA) issued new Guidance on the interplay between the recently adopted EU Regulation on Artificial Intelligence (the AI Act) and the General Data Protection Regulation (the GDPR), which aims to provide further insight into the use of artificial intelligence (AI) systems that process personal data. The […]

Filed Under: AI, Artificial Intelligence, Belgium, GDPR

CBDF Research Fellow Theodore Christakis Publishes Study on Cross-Border Data Transfers and the EU’s “Zero Risk” Approach

February 20, 2024 By Peter Swire, Alice Portnoy and David Keating

Theodore Christakis, Professor of International Law at the University Grenoble Alpes and Senior Fellow and Director of Research for Europe at the Cross-Border Data Forum, has published a new comprehensive analysis on cross-border transfers of personal data and the EU’s data protection authorities’ “Zero Risk” theory developed since the CJEU Schrems II Judgment. Prof. Christakis looks […]

Filed Under: GDPR, Government Access to Data, Transfers

Are You Using EU Standard Contractual Clauses for Data Transfers? Be Aware of these Breach Notification Requirements

January 8, 2024 By Wim Nauwelaerts

It has become common knowledge that the General Data Protection Regulation (2016/679) (GDPR) heavily restricts transfers of personal data outside of the European Union (EU). In the absence of an adequacy decision by the European Commission, the GDPR allows controllers and processors to transfer personal data to a third country outside of the EU only […]

Filed Under: Data Breach, GDPR, International, Standard Contractual Clauses Tagged With: Data Breach Notification, European Union (EU), International Data Transfers

EU’s Highest Court Issues Major AI Decision With Wide-Reaching Impact

December 19, 2023 By Daniel Felz, Wim Nauwelaerts and Alice Portnoy

On 7 December 2023, the Court of Justice of the European Union (CJEU) issued an important decision on how the GDPR governs AI-assisted decisions. The case arose in the financial services context, with the court holding that the GDPR’s AI rules apply when banks use credit scores to make consumer credit decisions. But, the decision […]

Filed Under: Artificial Intelligence, Data Protection, GDPR, Germany

Page 1
Page 2
Page 3
Interim pages omitted …
Page 20
Go to Next Page »