First GDPR Fine Imposed by the Belgian Data Protection Authority
The Litigation Chamber of the Belgian Data Protection Authority recently imposed its first fine for violation of the EU GDPR.
The case concerns the use of e-mail addresses that were initially collected by a mayor to send materials in relation to his electoral campaign. Although the fine is relatively small, the Litigation Chamber declared that the defendant’s conduct constitutes a serious infringement of the GDPR.
The Litigation Chamber noted that any controller must take GDPR compliance seriously, particularly when it comes to holders of public mandates such as a mayor. The Belgian DPA also outlined that citizens should be able to trust that the personal data they share with public officers will not be illicitly reused for incompatible purposes, and in particular, for private purposes.