Privacy and Cybersecurity

Overview

Keeping up with technological change

Technological advancement is something humans do well. The advantage of this is clear – it opens our world to new discoveries and possibilities. But there are also disadvantages: the right to privacy can be threatened and the risk of a cyberattack increases.

Businesses operating in the EU rely on Crowell’s experienced Privacy and Cybersecurity team to help them navigate the laws that govern the collection, use, transfer, and protection of data both within the EU and globally. We help our clients understand their rights and obligations and ensure that they are prepared for cyberattack and data breach through risk assessment and crisis management.

Our clients come to us with many questions about data protection, including:

The processing of data through the internet;
The storing and international transfer of personal data and related cybersecurity issues;
The use of “big data” and profiling for marketing purposes; and
The use of certain technologies in the workplace (such as email monitoring and the use of social media by employees).

We understand that it is not enough for our clients simply to know the law and have the necessary policies and procedures in place. We therefore collaborate closely with them in order to understand the knowledge and culture of their people on the ground. In this way, we can help our clients to ensure that they are handling data in a safe and secure way on a daily basis, by providing tailor-made training for their key staff on the applicable law and their own internal procedures.

We also have excellent working relations with the Belgian Data Protection Authority and assist our clients in their contacts with this and with other Data Protection Authorities throughout Europe.

In order to provide our clients with a pan-European and global service, we have developed a network of experienced data protection lawyers in other jurisdictions with whom we have had strong ties for many years. We are also closely involved in Crowell & Moring’s U.S. Privacy and Cybersecurity group and work closely with our U.S. colleagues on cross-border issues involving the international transfer of personal data.

The team led by Maarten Stassen is very practical when giving advice and business minded. They are also deeply embedded in the Belgian market with strong relationships to the DPA.

— Legal 500, EMEA, Privacy & Data Protection, 2023

Our Services

|

We provide our clients with day-to-day counseling and training on data protection compliance, including on-site workshops and tabletop exercises. Our team helps with contractual work and global and Europe-wide privacy audits. We analyze our clients’ existing data protection practices and make recommendations for compliance, helping them to better understand their data processing, map the location and flows of the data, and identify potential threats and compliance issues. We assist in the development and implementation of tailor-made privacy programs, which may include drafting new privacy policies and procedures, notices, and data transfer agreements, as well as advice on security measures to be taken.
We provide our clients with day-to-day counseling and training on data protection compliance, including on-site workshops and tabletop exercises. Our team helps with contractual work and global and Europe-wide privacy audits. We analyze our clients’ existing data protection practices and make recommendations for compliance, helping them to better understand their data processing, map the location and flows of the data, and identify potential threats and compliance issues. We assist in the development and implementation of tailor-made privacy programs, which may include drafting new privacy policies and procedures, notices, and data transfer agreements, as well as advice on security measures to be taken.
Within Europe, the General Data Protection Regulation (GDPR) introduced a sea change in data law, with new principles, concepts, and obligations resulting in many companies needing to revise their personal data processing practices and culture.

We help our clients review their operations to determine GDPR applicability and impact. We conduct internal analyses of their data flows and data protection policies and practices to identify potential gaps or compliance risks and we help them design risk-based compliance frameworks that are tailored to meet their needs.

More information regarding the GDPR is available here.
Within Europe, the General Data Protection Regulation (GDPR) introduced a sea change in data law, with new principles, concepts, and obligations resulting in many companies needing to revise their personal data processing practices and culture.

We help our clients review their operations to determine GDPR applicability and impact. We conduct internal analyses of their data flows and data protection policies and practices to identify potential gaps or compliance risks and we help them design risk-based compliance frameworks that are tailored to meet their needs.

More information regarding the GDPR is available here.
In case of data or other security breach, we are on-call for our clients until the issues are resolved, from the initial internal investigation stage through the communication, government enforcement, and follow-on litigation stages.

We represent our clients before all the relevant authorities and the Belgian civil and criminal courts. We also defend clients in class action lawsuits.
In case of data or other security breach, we are on-call for our clients until the issues are resolved, from the initial internal investigation stage through the communication, government enforcement, and follow-on litigation stages.

We represent our clients before all the relevant authorities and the Belgian civil and criminal courts. We also defend clients in class action lawsuits.