privacy

Subscribe to privacy via RSS

On April 25, 2019, the new chairman and the four directors of the new Belgian data protection authority were sworn in before the Belgian Parliament. This marks a new era for data protection law in Belgium.

Background

Following the effective date of the General Data Protection Regulation (GDPR) on May 25, 2018, the Belgian Privacy Commission was restructured into a Supervisory Authority under the GDPR, thus becoming the Belgian Data Protection Authority. It was given new enforcement powers, including the ability to impose fines up to €20 million or 4 percent of total worldwide annual turnover (whichever is higher).Continue Reading Belgian Data Protection Authority Is Up and Running

On March 21, 2019, the Advocate General (AG) of the highest EU Court (the Court of Justice of the European Union (CJEU)) issued an opinion (opinion) in the Planet49 case[1] on what constitutes valid consent for cookies under the Data Protection Directive, the GDPR, and the e-Privacy Directive.

In particular, the AG opines that: 1) a pre-ticked checkbox that users must untick to refuse consent does not constitute valid consent; 2) consent for cookies should not be bundled with other consents; and 3) users must be informed about the cookies’ lifespan and the third parties accessing the cookies. AG opinions are not binding on the CJEU, but are often influential. If the CJEU follows the AG Opinion, it will likely impact widely-adopted cookie consent practices in the EU and underlying business models that rely on such consent.
Continue Reading CJEU Advocate General Opinion Calls for Active and Separate Cookie Consents