Through recent decisions, the Litigation Chamber of the Belgian Data Protection Authority (BDPA) has examined the role of the Data Protection Officer (DPO), the appointment of which is compulsory for several undertakings and organisations. The BDPA has set out its own interpretation of the requirements for this role, as well as the DPO’s tasks. In each case, the Litigation Chamber concluded – in a manner that may lead to controversy – that the (internal and external) DPOs appointed did not meet the requirements of the GDPR. The deadline for filing an appeal is still running in relation to these decisions, but it is already useful to look at the Litigation Chamber’s position on this topic.
It remains to be seen what position the Luxembourg data protection authority will...
|