Blog

The Court of Cassation recently issued an important ruling on one of the first and longest-running procedures for breaches of the GDPR, following a fine imposed at the time by the GBA. The result of this will probably be that a lot of entrepreneurs will have to adjust the way they create loyalty cards for their customers. The use of eID card readers for that purpose appears to be very difficult.

However, the same decision also puts some basic principles of the GDPR back on edge. Below we take a brief look at what exactly is going on and what you, as a retailer or online shop, should pay attention to.

Online reviews are everywhere these days. This digital form of word-of-mouth advertising gives consumers a voice while at the same time offering businesses a way to exude reliability.

On the 22th of October 2021, the Belgian Data Protection Authority (GBA) ruled on a complaint regarding an unsecured connection of a hospital’s website. Finally, the GBA sets some considerations about the necessary security measures to protect personal data. Because let’s be honest, the term ‘technical and organizational measures’ remains to this day a catch-all term that is not clear to companies.  

Anyone who wants to arm his or her company against cyber risks initially thinks of technical security. This is no surprise. Antivirus, firewalls, password managers, encryption software and countless other IT products and services effectively ensure a safer digital environment. Needless to say, they form the basis of any sound cyber security policy.

When we, as lawyers or legal experts, point out to companies that cyber security is also a legal issue in addition to all those technical measures, entrepreneurs are often very surprised. What on earth has a lawyer got to do with the cyber security of your company? That reaction is understandable, but also very unfortunate. After all, strong and specialised legal advice can and should play a key role in your cyber security strategy.

Of course, we have long been convinced of this ourselves, but you can also assume it from others, and not the least, such as the World Economic Forum.

We receive a lot of questions from online start-ups about the use of online scrapers and crawlers to collect content from other websites and to offer it, whether or not repackaged, on the clients’ own platform. Usually, that question is answered by a serious warning on our part. If the information collected online is integrated in an structured database, it is usually protected under the Database Law and you may not copy it in its entirety or systematically request data from it for your own use.

A recent judgment of the European Court of Justice clarified this again this summer.

We all know Nespresso, but what you may not have known is that the Nespresso capsules that George Clooney touted to us for years with his seductive smile are more than 50 years old.  

It is precisely because the concept of fast coffee from a capsule is now so old, that Nestlè is having difficulties holding off copycats. Patent rights are often limited in time and obtaining trademark protection for the shape of the capsules does not appear to be easy following a recent Swiss decision.  

Read with us how Nestlé is (unsuccessfully) trying to restrict the counterfeiting of its capsules through trademark law.

At Sirius Legal, we have a long tradition of partnerships with professional federations in technology and communication related sectors. We were very honoured and enthusiastic when technology federation Agoria asked us a while ago if we would like to become the exclusive legal partner of their new sector federation for IT consultants Techlancers, which was launched last week.

Privacy lobbyist group NOYB (None of Your Business) seems to be stirring up quite a bit of fuzz with their automated cookie infringement web crawler. This online tool can detect online infringements of cookie regulations across Europe and it seems to be so successful that it now even had the EDPB realizing that they should be better prepared on the expected flow of complaints. In order to coordinate this, the European Data Protection Board has just set up a Cookie Task Force to ensure coordinated action by the various European data protection authorities.

Since 10 June 2021, China has a new Data Protection Act, called PIPL.  At first sight, there are many resemblances with GDPR, but there are also a few notable differences.