On Wednesday, January 28, 2015, better known as “Data Protection Day,” the Belgian Under-Secretary for Data Protection Bart Tommelein called for the creation of an EU Data Protection Authority.  He intends to present this position of the Belgian Government to the informal meeting of Ministers of Justice and of the Interior in Riga (Latvia).  The authority would be responsible for handling investigations against global companies, something national regulators would be ill-equipped to do.  His chances of success are probably limited.

The current EU data protection regime only mandates the creation of independent “national” data protection authorities (possibly with regional ones for federations such as Germany) and a European Supervisor for compliance within EU institutions.  While, the proposed Data Protection Regulation, which still under discussion, would create an European Data Protection Board, it is not anticipated to have sanctioning powers.  Moreover, Member States so far opposed the creation of a more robust EU body.  On the contrary, the latest texts suggest they intend to reduce the powers of the Board even further.   In this context, the announced Belgian initiative appears to swim against the current.

Photo of Kristof Van Quathem Kristof Van Quathem

Kristof Van Quathem advises clients on data protection, data security and cybercrime matters in various sectors, and in particular in the pharmaceutical and information technology sector. Kristof has been specializing in this area for over fifteen years and covers the entire spectrum of…

Kristof Van Quathem advises clients on data protection, data security and cybercrime matters in various sectors, and in particular in the pharmaceutical and information technology sector. Kristof has been specializing in this area for over fifteen years and covers the entire spectrum of advising clients on government affairs strategies concerning the lawmaking, to compliance advice on the adopted laws regulations and guidelines, and the representation of clients in non-contentious and contentious matters before data protection authorities.