Court of First Instance of Brussels (summary proceedings), 9 November 2015, Belgian Privacy Commission v Facebook Inc, Facebook Belgium BVBA and Facebook Ireland Ltd, case nr 15/57/C
Following the CJEU's Google Spain judgment, a local Belgian group entity that delivers lobbying activities can trigger the applicability of Belgian data protection legislation, even when the actual data controller is another group entity that has no control over the Belgian entity. Due to the fundamental rights involved, the threshold towards summary proceedings will be low when Belgian data protection legislation is breached. Installing and reading cookies that contain a unique identification code qualifies as the processing of personal data. The large-scale use of persistent cookies towards non-registered users is not allowed without these users' informed and prior consent.
Researcher at the University of Antwerp, Belgium, and company lawyer IT in the financial sector. For correspondence: <mailto:maarten.truyens@uantwerpen.be>. Acknowledgement: This article was created in the context of the IWT-SBO project nr 110067. IWT (<http://www.iwt.be>) is the Flemish government agency for Innovation by Science and Technology.
