On November 23, 2018, the Belgian Data Protection Authority (the "Belgian DPA") published a review of its activities since the EU General Data Protection Regulation ("GDPR") became applicable on May 25, 2018 (the "Review"). The Review is available in French and in Dutch.
In the Review, the Belgian DPA makes the following observations:
The GDPR in Numbers
Since the GDPR became applicable, 317 data breaches were reported to the Belgian DPA. The majority of data breach notifications came from the following sectors: (i) health care, (ii) insurance, (iii) public institutions and defense, (iv) telecommunications and postal services, and (v) financial services.
In addition, since May 2018, 3,599 requests for information, 148 complaints, and 137 advisory files have been filed. Furthermore, 3,540 data protection officer appointment notifications have been filed with the Belgian DPA.
The Composition of the Belgian DPA
In the Review, the Belgian DPA looks at the impact of the GDPR on the composition of the old Belgian Privacy Commission. Among other changes, the Executive Committee was enlarged and an Investigation Service and a Litigation Chamber were created; however, members of the Executive Committee, the...