Informaticarecht

Jurisdiction, territoriality and data protection: the Belgian Google case
21/09/2020

This article deals with the private international law aspects in the Belgian Google case. With its decision of 14 July 2020, the Belgian Data Protection Authority confirms it is competent to hear a complaint filed against Google’s Belgian subsidiary, Google Belgium SA, even though the latter does not determine the purposes and means for the processing – which is determined solely by Google LLC, the mother company located in California. 

Stuurt uw onderneming persoonsgegevens veilig naar de Verenigde Staten?
17/09/2020

In onze geconnecteerde wereld komen de persoonsgegevens waarmee uw onderneming werkt veel sneller in het buitenland terecht dan u denkt en dat is niet zonder gevaar.

New controller-processor guidelines: beware of impact on data processing agreements
15/09/2020

Armed with useful flowcharts to help organisations determine their role, the European Data Protection Board (EDPB) has published new guidelines on the concepts of "controller", "processor" and "joint controller".

Online payment authentication requirements further strengthened from 22 September 2020
14/09/2020

As part of the second European Payment Services Directive (i.e. Directive (EU) 2015/2366 of 25 November 2015 on payment services in the internal market) (PSD2), which entered into force in 2019 and replaced the Payment Services Directive (PSD), new rules have been developed to provide additional protection for customers 

Recht op inzage onder GDPR geldt ook voor e-mails
03/09/2020

Ongeveer een jaar geleden schreven we op onze blogpagina al een bijdrage over een uitspraak van het Italiaanse Hof van Cassatie, dat had geoordeeld dat het “recht op inzage” onder GDPR ook van toepassing is op interne verslagen.  Enkele dagen geleden werd een vergelijkbare uitspraak van de Rechtbank Midden-Nederland gepubliceerd, waarin bevestigd wordt dat hetzelfde “recht op inzage” evengoed geldt voor persoonsgegevens die in (zelfs interne) e-mails zitten.

Data Protection Summer Dive - Transparency & Privacy Policy - common mistakes
30/08/2020

When drafting a privacy policy or privacy statement, there is one golden rule: describe what you actually do. Transparency is key!

Alarm in Privacyland - EU-VS Privacy Shield onwettig verklaard
29/08/2020

Het Hof van Justitie verklaarde in haar arrest van 16 juli 2020 het EU-VS Privacy Shield onwettig. Volgens het Hof biedt het niet voldoende garanties dat  de overdracht van persoonsgegevens naar de Verenigde Staten gebeurt conform de geldende Europese privacywetgeving (AVG of "GDPR").

Artificial Intelligence and product liability – on a path to a new regulation?
24/08/2020

AI brings a myriad of opportunities to solve complex problems and improve productivity across all sectors of the economy. However, the successful implementation of AI comes with risks and challenges. One issue which needs to be carefully considered by any organisation seeking to adopt AI is product liability.

Data Protection Summer Dive - Data Subject Rights
24/08/2020

This week’s topic: Data Subject Rights

In several recent decisions, the Litigation Chamber of the Belgian Data Protection Authority (“DPA”) provided guidance on how to deal with data subject rights under the GDPR.

The electronic signature: which validity?
19/08/2020

With the COVID-19 crisis and the rise of teleworking, certain practices have evolved as the use of electronic signatures, which may soon become the rule rather than the exception.