Press releases
2025
The Market Court rules in the IAB Europe case
Today, the Market Court (Court of Appeal) has ruled in the case between the Belgian Data Protection Authority and IAB Europe, exercising its full jurisdiction. Although decision 21/2022 is annulled for procedural reasons, the Market Court endorses the reasoning of the Belgian DPA and confirms the fine of 250,000 euros imposed. However, the Court rejects the BE DPA's conclusion that IAB Europe acts as (joint) data controller for the processing operations that take place entirely within the OpenRTB protocol.
2024
The Belgian DPA publishes its Annual Report 2023
2023 has been a year of renewal for the Belgian DPA. On the one hand, its Executive Committee has been completed with the appointment of two new directors in June, and on the other, the law organising its operations has been amended.
2024
IAB EUROPE case: The CJEU answers the questions referred for a preliminary ruling
The Court of Justice of the European Union (CJEU) published today its ruling in the case opposing the Belgian Data Protection Authority and IAB EUROPE.
In its decision, the Court holds, as argued by the Belgian DPA in its decision 21/2022, that a structured character string capturing internet users' preferences such as IAB EUROPE's TC string can indeed be considered as personal data, and that IAB EUROPE can be qualified as a (joint) controller of users' preferences for online advertising.
2023
According to the BE DPA, a baptized person has the right to be deleted from the baptismal register
The Belgian DPA today ordered the diocese of Ghent to comply with the request of a baptized person to be deleted from the baptismal register of his parish. For the DPA, the Catholic Church has a legitimate interest in recording baptisms in a register, but this interest cannot always be invoked once the person expressly states his or her wish to leave the Church and have his or her baptismal data erased.
2023
Belgian DPA prohibits the transfer of tax data of Belgian “Accidental Americans” to the USA
The Belgian Data protection authority today declared unlawful, and decided to prohibit, the transfers of personal data of Belgian “Accidental Americans” by the Belgian Federal Public Service Finance (FPS Finance) to the US tax authorities under the intergovernmental FATCA agreement. According to the Belgian DPA, the data processing carried out under this agreement does not comply with all the principles of the GDPR, including the rules on data transfers outside the EU. It also asks the FPS Finance to alert the competent legislator of the shortcomings identified by the DPA.