Can the Privacy Committee soon impose fines on companies?
On 12 March 2015, the European Parliament approved a new version of the Privacy Regulation. This draft Regulation will replace the now outdated European Directive from 1995 (95/46); this Directive was transposed in Belgian law in 1992 (the law of 8 December 1992 for the protection of privacy with regard to the processing of personal information).
Even though the European Parliament already had its say, it must still pass through the European Council in June 2015, which means that changes are possible. The current text makes it possible for supervisors such as the Belgian Privacy Committee to impose significant fines on companies that fail to respect the legislation. It also requires companies who process a lot of data to appoint a Privacy Officer.
Specific to the labour-law context, attention should be devoted to ensuring that what was accepted in the most recent text version, namely that an employee’s permission is certainly a valid reason to process his information, is also maintained in the current text.
The recently appointed Belgian Secretary of State for Privacy already stated that he wants to quickly introduce the possibility for the Privacy Committee to impose fines, if necessary even before the conversion of the European Regulation, which is expected around 2016.