EU Commission initiates infringement proceedings against Belgium for possible violations of the GDPR

The EU Commission has initiated infringement proceedings against Belgium for alleged violations of the GDPR. Following several complaints from data protectionists, the EU Commission has now also expressed doubts about the independence of the Belgian data protection authority. Belgium is thus threatened with proceedings before the European Court of Justice and would thus be the first EU country to be threatened with corresponding steps for violating the European General Data Protection Regulation.

Data protectionists and now also the European Commission complained that the Belgian data protection authority was not acting as an independent body. This is due to the fact that the authority’s decisions, such as imposing sanctions in accordance with the GDPR, are made in close consultation with government representatives. However, this is precisely what is required for a data protection authority according to the GDPR.

While two of the government representatives who have come under criticism have since resigned from their posts, two others remain in office. One of the two is responsible for data protection initiatives, the other for authorizing certain public sector data releases. Both government officials deny the allegations.

As a first step, the commission has now sent an official letter to the state representative, who is expected to comment on the allegations.