Belgium

Unknown Case Number

Lawyer appeared before the Anvers. Fabricated: Case Law Outcome: Monetary Sanction.

Roll Q/25/0025

Lawyer appeared before the Gent. Fabricated: Case Law | Submission cited 'Cass. 25 november 2021, AR C.20.0193.F'; court verified via Google AI-mode and found the cited cassation decision/rolnummer does not exist and the provided ECLI was incorrect. Outcome: Hearing on possible sanction.

Roll Q/25/0025

Fabricated: Case Law | Submission cited 'Cass. 25 november 2021, AR C.20.0193.F'; court verified via Google AI-mode and found the cited cassation decision/rolnummer does not exist and the provided ECLI was incorrect. || Fabricated: Case Law | Submission cited 'Cass. 14 juni 2021, P.20.0810.N'; court checked and concluded no such Cassation judgment or ECLI exists — the reference is fabricated. || Fabricated: Case Law | Submission cited 'GwH nr. 104/2017 van 6 juli 2017' as a Constitutional Court decision relevant to equality; court found no such decision at that date/number and that the cited ruling does not support the asserted proposition.

Roll Q/25/0025

Safeguards for "consent or pay" models in the updated Recommendation (01/2020) on direct marketing

On 10 May 2025, the Data Protection Authority (APD) closes its consultation on the updated recommendation on direct marketing. The update builds on Recommendation 01/2020 and takes into account developments in case law, regulatory decisions and guidance from the European Data Protection Board (EDPB). An addition to the updated Recommendation is the assessment of "consent or pay" models, where users must either consent to data processing for targeted advertising or pay a fee for an ad-free exp...

Data protection requirements in the updated Recommendation (01/2020) on direct marketing

On 10 May 2025, the Data Protection Authority (APD) closes its consultation on the updated recommendation on direct marketing. The update is based on Recommendation 01/2020 and takes into account developments in case law, regulatory decisions, and guidance from the European Data Protection Board (EDPB). The revised Recommendation defines terms related to direct marketing, describes the legal basis for processing prospective customer data under the legitimate interest framework, and outlines d...

Family Law Case

Lawyer appeared before the Ghent CA. Fabricated: Case Law Outcome: Reprimand.

Family law Case

Lawyer appeared before the Gent. False Quotes: Legal Norm | Conclusion quotes Articles 871 and 877 Ger.W. in incorrect or non‑existent wording; court supplied correct formulations and found the cited language inaccurate. Outcome: Disregarded all fictitious/unfindable sources, admonished counsel.

Family law Case

False Quotes: Legal Norm | Conclusion quotes Articles 871 and 877 Ger.W. in incorrect or non‑existent wording; court supplied correct formulations and found the cited language inaccurate. || False Quotes: Legal Norm | Conclusion cites an incorrect/oversimplified wording attributed to art. 962 Ger.W. about appointment of experts; court provided correct text and noted the cited version was wrong. || False Quotes: Case Law | Cited ECHR decision 'Moretti en Benedetti t. Italië (27 april 2010, nr. 16318/07)' with passages about paternity recognition was not found in the cited judgment (which concerned adoption) and the quoted language does not appear in the decision. || Fabricated: Case Law | Regional court judgments (e.g., Hof van Beroep Antwerpen, 20 maart 2019 (2019/AR/0524); Hof van Beroep Brussel, 15 oktober 2018) cited in the conclusion could not be located in Juportal and appear unfindable. || Fabricated: Doctrinal Work | A set of Belgian doctrinal works and articles (e.g., S. Stijns RW 2012-13; M. Puelinckx-Coene TPR 2010; F. Swennen TPR 2019, Handboek 2020) were found to be fictional/complete fabrications by the court's database searches. || Misrepresented: Legal Norm | Conclusion contained an incorrect quotation attributed to old art. 1382 BW; court identified the wording as incorrect compared to the real text. || Misrepresented: Legal Norm | Conclusion cites a non‑existent/incorrect passage attributed to old art. 318 BW regarding recognition where father never maintained a familial bond; court could not find such provision. || Fabricated: Case Law | Multiple cassation decisions cited (e.g., 'Cass. 6 juni 2019 (C.18.0543.N)', 'Cass. 25 januari 2018 (C.17.0331.N)', 'Cass. 21 oktober 2013') were not found in Juridat/JURA/Juportal and appear unfindable.

Family law Case

Data protection authorities adopted joint statement on building trustworthy data governance frameworks to encourage development of innovative and privacy-protecting AI

Primary source (pcpd.org.hk) dated 17 September 2025 in BE. See linked source for full text.

Data Protection Authority investigation into NOYB complaints

On 26 June 2025, the Litigation Chamber of the Belgian Data Protection Authority (APD) dismissed 16 complaints across five cases filed by NOYB, an Austrian privacy advocacy group, on procedural grounds under the General Data Protection Regulation (GDPR). The APD clarified that Belgian law permits associations to lodge complaints only as representatives of identifiable data subjects, not in their own name. The APD noted that NOYB’s complaints involved automated identification of alleged violat...

Data Protection Authority's investigation into Garnett Media Corp's alleged unlawful consent collection for cookie placement (Case No. DOS-2021-06946)

On 26 June 2025, the Belgian Data Protection Authority’s Contentious Chamber dismissed complaints filed by NOYB against Gannett Media Corp’s cookie banner practices, finding an abuse of rights under both European Union and Belgian law. NOYB was held to have artificially created legal standing by encouraging staff and interns to become data subjects to file mass complaints under Article 80.1 of General Data Protection Regulation (GDPR), pursuing its political objectives rather than genuine ind...

APD investigation into IAB Transparency and Consent Framework regarding GDPR compliance

On 14 May 2025, the Belgian Market Court ruled in the case between the Belgian Data Protection Authority (DPA) and Interactive Advertising Bureau (IAB) Europe regarding the Transparency and Consent Framework (TCF). The ruling followed the Court of Justice of the European Union's (CJEU) judgment of 7 March 2024 (case C-604/22), which confirmed that the TC String constitutes personal data under the General Data Protection Regulation (GDPR) and designated IAB Europe as a joint data controller. T...

Belgian source source on DeepSeek and data-protection oversight

Official source record dated 31 January 2025 for Belgium concerning Belgian DPA investigates DeepSeek. See the linked brusselstimes.com source for the authoritative text, procedural context, and implementation details.

Circular banning use of DeepSeek AI system in all federal government services

On 1 December 2025, the Minister for Government Modernisation’s circular banning the DeepSeek AI system in all federal government services entered into force. Federal employees are prohibited from using DeepSeek applications, which had to be removed from staff devices. The measure implements the preventative prohibition adopted on 11 September 2025, following the June analysis that required government services to list their artificial intelligence tools and identified risks linked to data tra...

Data Protection Authority investigation into RTL Belgium's cookie banner

On 11 October 2024, The Data Protection Authority issued a decision in case no. 131/2024 regarding a complaint against RTL Belgium’s cookie banner. This complaint was lodged by a representative from Noyb (European Center for Digital Rights), alleging that RTL's cookie banner contravened both the General Data Protection Regulation (GDPR) and Belgian law. The complaint specifically highlighted that RTL's banner did not offer equal choices for users to "Accept All" and "Refuse All" cookies at th...

Law establishing a framework for the cybersecurity of networks and information systems of general interest for public security implementing the NIS-2 (2022/2555) Directive

On 18 October 2024, the Act establishing a framework for the cybersecurity of networks and information systems of general interest for public security, enters into force. The Act transposes the Directive (EU) 2022/2555 into national legislation. It mandates entities to register with the Centre for Cybersecurity Belgium and implement technical, operational, and organisational measures to mitigate cybersecurity risks. Finally, the Act outlines penalties for non-compliance.

Belgium Data Protection Agency publishes report on GDPR and AI Act

Primary source (autoriteprotectiondonnees.be) dated 22 September 2024 in BE. See linked source for full text.

Brochure on Artificial Intelligence Systems and the GDPR

On 19 September 2024, the Belgian Data Protection Authority (ADP) published a Brochure on Artificial Intelligence Systems and the GDPR, which focuses on the interplay between the General Data Protection Regulation (GDPR) and the AI Act following the latter's entry into force on 1 August 2024. In particular, the Brochure highlights the importance of aligning AI systems with data protection principles while addressing challenges related to privacy, transparency, and accountability. Furthermore,...

Data Protection Authority investigation into Roularta Media Group and Google for alleged illegal cross-border data transfer

On 6 September 2024, the Belgian Data Protection Authority (DPA)'s Litigation Chamber dismissed a complaint lodged under Article 80(1) GDPR against Roularta Media Group N.V., a magazine owner, and Google LLC. The complaint, brought forward by Noyb - European Center for Digital Rights, a nonprofit, alleged that personal data was illegally transferred to the US via Google Analytics embedded in the flair.be website owned by Roularta. The case was dismissed because the complaint was found to have...

CSA inquiry into availability of harmful content on the Online Plattform X

On 5 February 2024, the Superior Audiovisual Council (CSA) released findings from its inquiry on harmful online content conducted in the context of the Digital Services Act (DSA). The focus was specifically on pornographic content from French-speaking accounts on platform X, monitored from 6 September to 11 December 2023. Out of nearly 5'000 flagged items, 1'041 were reviewed by CSA, with 89% being identified as clearly pornographic. The CSA noted that despite this, only about 10% of these ...

Data Protection Authority investigation into processing of personal information for personalised advertising

On 15 March 2024, the Disputes Chamber of the Data Protection Authority (DPA) issued a ruling in an investigation following a complaint on the processing of personal data, including the content of payment transactions, for building models to offer “personalised discounts”. The ruling states that according to Article 5 of the General Data Protection Regulation (GDPR), processing of personalised data for purposes other than those for which the personal data was initially collected is permitted...

Lawsuit alleging unlawful shadow ban on Facebook (Meta v Tom Vandendriessche)

On 3 June 2024, the Court of Appeal in Ghent issued its ruling regarding a lawsuit alleging an unlawful shadow ban on Facebook (Meta v Tom Vandendriessche). Meta must pay EUR 27'279 to a Belgian politician for the advertising costs incurred due to a shadow ban imposed on his Facebook page from February to December 2021. Additionally, Meta must pay EUR 500 for reputational damage. The Court stated that Meta's actions reduced the page's organic reach and temporarily restricted the advertising a...

GBA investigation into Black Tiger Belgium for alleged GDPR violations

On 16 January 2024, the Belgian Data Protection Authority (GBA) imposed a total of EUR 174'640 in administrative fines and corrective measures on Black Tiger Belgium, a big data and data management company, for multiple breaches of the General Data Protection Regulation (GDPR). The GBA found that the company had unfairly processed personal data without proactively and transparently informing the data subjects. The company was also found to have violated the rights of data subjects and failed ...

Belgian DPA investigation into Google concerning right of erasure

On 22 December 2023, the Belgian Data Protection Authority (DPA) issued a decision and closed its investigation into Google concerning the right of erasure. The investigation concerned a complaint by an individual seeking to have links removed from Google Search, which contained accusations against the company of which the complainant was a director. The DPA stated that the right to erasure in the General Data Protection Regulation (GDPR) is based on balancing the individual’s right to data p...

Lawsuit concerning third party right to appeal decisions from the Belgian Data Protection Authority

On 12 January 2023, the Belgian Constitutional Court issued a ruling stating that any interested third party is entitled to bring an appeal against a decision from the Belgian Data Protection Authority before the Market Court. The Constitutional Court issued its ruling based on Article 78 of the General Data Protection Regulation (EU GDPR), which grants natural and legal persons the right to an effective judicial remedy against a legally binding decision of a supervisory authority concerning ...

Data Protection Authority Cookie Checklist

On 20 October 2023, the Belgian Data Protection Authority (APD) published a cookie checklist directed at organisations to ensure their cookies and other tracking mechanisms policies are in compliance with the law. The APD clarifies that all cookies except strictly necessary ones need consent, and consent has to be given in advance, free, specific, informed, unambiguous, and active.

Bill on the retention of personal data including traffic and location data

On 8 February 2023, the Bill regarding the retention of personal data (Bill 8148) was introduced in the Chamber of Deputies. The Bill's objective is to control the storage and usage of traffic and location data by establishing rules and conditions for obtaining and utilising electronic communications data in criminal investigations. The Bill intends to balance the need for national security, including the prevention of criminal activities and risks to public safety, with the protection of cit...

DPA investigation into the transfer of tax data from Belgium to US under Foreign Account Tax Compliance Act compliance with GDPR

On 24 May 2023, the Belgian Data Protection Authority (DPA) Litigation Chamber issued its ruling in the investigation into the transfer of tax data from Belgium to the United States under the Foreign Account Tax Compliance Act (FATCA) compliance with the General Data Protection Regulation (GDPR). The DPA ruled that the FATCA agreement doesn't comply with the GDPR, noting that the transfer of tax data violates the principles principle of purpose, data minimisation and proportionality of GDPR. ...

FSMA Regulation subjecting to restrictive conditions the marketing of virtual currencies to consumers

On 17 May 2023, the Regulation of the Belgium Financial Services and Markets Authority (FSMA), subjecting to restrictive conditions the marketing of virtual currencies to consumers, was implemented. The Regulation outlines transparency obligations for entities marketing or advertising virtual currencies, such as Bitcoin or Ether, to customers in Belgium. In particular, the Regulation requires advertisements to include a disclaimer outlining the risks of cryptocurrency investments and provide ...

DPA investigation into Google's dismissal of an erasure request compliance with GDPR

On 4 October 2023, the Belgian Data Protection Authority (DPA) closed an investigation into Google’s dismissal of an erasure request compliance with the General Data Protection Regulation (GDPR) following an individual complaint alleging that his rights under Article 17 on the right to erasure were violated. The DPA closed the case, stating that the erasure request concerned the professional activity of an individual with a role in public life and was published by journalistic sources. Furthe...

Data protection investigation regarding cookie use of Roularta Media Group

On 25 May 2022, the Belgian Data Protection Authority (DPA) concluded its investigation of Roularta Media Group for GDPR-compliance by imposing a fine of EUR 50'000. The DPA found that the news websites knack.be and levif.be, which are run by Roularta, violated the GDPR in their cookie use. Specifically, the websites did not comply with the requirement of obtaining prior consent for cookie use from users. Cookies that were not strictly necessary were applied before consent was obtained, viola...

Lawsuit concerning Data Sharing Requirements for Financial Transactions (Airbnb v Brussels-Capital Region)

On 27 April 2022, the Court of Justice of the European Union (CJEU) ruled on Case C-674/20, where the involved parties are Airbnb Ireland and the City of Brussels. Airbnb Ireland alleged that it is illegal for Belgian tax authorities to request tourist accommodation transactions. The CJEU ruled that the request is legal because the data-sharing requirements for the field of taxation differ from requirements that fall under the scope of the e-Commerce Directive.

Encryption ruled as sufficient supplementary measure for US-EU data transfer by Belgian Council of State

On 19 August 2021, the Council of State ruled that encryption is a valid supplementary measure to transfer data to the US when adequate technical and organizational measures are implemented. On 10 August 2021, a Dutch company had challenged the decision of the Flemish Region to grant a tender to an EU company (Viavan) that relies on the cloud services of Amazon Web Service (AWS). The company contested that such a decision violated the Schrems II decision because Viavan relies on AWS services ...

Belgian data protection agency approves transnational GDPR code of conduct

The Code aims to create comparability between different data processing practices in the cloud industry and to improve upon the state of the art for data protection by cloud service providers. It includes data subject rights as well as minimum security and transparency requirements.

Consultation regarding the recommendations on the processing of biometric data

The Belgian Supervisory Authority (SA) closes its consultation on recommendations regarding the processing of biometric data on September 1, 2021. The consultation period opened on July 15, 2021. The recommendation's stated goal is to instruct data controllers on how to interpret data protection law and in particular the General Data Protection Regulation (GDPR). Specifically, the scope of Art. 9 GDPR is addressed. Finally, the SA recommends a general prohibition of secondary use of biometric...

AI4Belgium (Belgian national AI coalition / roadmap)

AI law in Belgium: AI4Belgium is a national coalition and strategic roadmap initiated to coordinate Belgium’s public-private-academic AI ecosystem, promote responsible adoption, and create an observatory for monitoring AI uptake and ethics. Led by the Federal Public Service for Policy and Support together with regional hubs, industry and research partners, the initiative focuses on skills, trustworthiness, data infrastructures, and alignment with EU AI priorities....

FARI AI for the Common Good Institute

AI law in Belgium: A Brussels-based institute leveraging AI and robotics for urban common good and public interest through academic-government collaboration.

DigitalWallonia4.AI (Walloon AI programme / Digital Wallonia AI)

AI law in Belgium: DigitalWallonia4.ai is the Walloon regional AI programme launched under the Digital Wallonia strategy to accelerate AI adoption across society, business and research in Wallonia. It is a strategy-led programme managed by the Walloon Agency for Digital Affairs with multiple partners (Agoria, Infopôle, Réseau IA) and includes awareness, training, business support (Start IA, Tremplin IA), research partnerships and an open-performance dashboard....