Can't find what you're looking for? Try the search bar!
Myth-busting time! This week, the EDPB published its Opinion on AI models & personal data, and then the Italian authority revealed it had fined OpenAI. But unlike what some are suggesting, the Italian decision *predates* the EDPB Opinion by a month. So let’s dispel a few myths surrounding that Opinion: – “Game changer”? The positions […]
Full analysis likely to come in the coming days, but some first thoughts on the EDPB’s “AI models & personal data” Opinion. In essence, the EDPB doesn’t exclude anything entirely but leaves it up to national supervisory authorities to make a call in cases they are handling – and while it doesn’t prohibit relying on […]
NIS2 vs GDPR: fines/injunctions in Belgium to be challenged before different courts? While the Belgian legislator has gradually been entrusting one single, specialised court with highly regulatory cases (essentially regarding telecom rules, financial services rules and data protection rules), it appears for now *not* to have chosen to entrust that same court, the Belgian Market […]
NIS2: Looking forward to giving a 2-day workshop with Chris A. De Vuyst from the Centre for Cybersecurity Belgium (= Belgian cybersecurity authority) next week, further to tremendous preparatory work by Chris and Val�ry Vander Geeten. [Thanks again Val�ry as well as the Data Protection Institute for thinking of me in this respect!] The Network […]
Privacy-enhancing technologies: “death by ePrivacy”? PETs were on the agenda of the IAPP DPC24 in Brussels this week, but few talked about the dangers to PETs caused by evolving positions of regulators. PETs (for ads with less data, content-focussed analytics, etc.) are being worked on by companies of all backgrounds and sizes and touted as […]
Some thoughts on today’s EDPB “Pay or Consent” stakeholder event – in practice one about the future of GDPR enforcement, consent, adtech and even the future of the Internet: – At times, things got heated in our breakout room between two camps, typically privacy rights campaigners + contextual ad solution providers on the one hand […]
How can you reinforce your cyber resilience? Is a ransomware attack “force majeure” preventing contractual performance? Who is responsible and liable for cybersecurity (failures) in a company? I had the pleasure of taking part in a panel discussion organised by the Belgian Federation of Enterprises (VBO FEB) in which I was asked to speak on […]
Just one month to go for comments on the EDPB’s new ePrivacy guidelines, so here’s a reminder of why you *should* respond if your company has digital activities: – The new EDPB guidelines concern the scope of Art. 5(3) of the ePrivacy Directive, which was never only about cookies but about the storing of information […]
New Belgian Data Protection Authority decision on video surveillance: don’t do permanent surveillance of employees. Questions remain, but without more background (name of the stores, history of theft within the stores etc.) it’s difficult to assess whether the BDPA was right in its assessment. The decision mentions the fact that cameras were deployed in 6 […]
Does your business use profile-based advertising / personalised advertising, whether as publisher, advertiser or adtech intermediary? You will want to tune in to the free webinar this Friday at noon CET in which I will be discussing key topics regarding the GDPR, DSA and ePrivacy rules and the “consent or pay” debate – as well […]