Review your content's performance and reach.
Become your target audience’s go-to resource for today’s hottest topics.
Understand your clients’ strategies and the most pressing issues they are facing.
Keep a step ahead of your key competitors and benchmark against them.
Questions? Please contact [email protected]
How would you describe the government’s attitude and approach to digital content and services, digital transformation and doing business online?
Belgium is a highly digitalised and modern country with many innovative businesses. It ranks high in the list of most innovative economies in the world and has one of the best digital infrastructures in Europe. The federal and regional governments support further growth of the technology sector with national and regional support strategies and plans on technologies such as artificial intelligence, Internet of Things, robotics and cybersecurity. There is a wide array of tax incentives and subsidies available for research and development and investment in innovation. Universities and other educational institutions also obtain important funding to provide support to digital businesses, train the next generation of technology specialists and conduct important research on technological developments. Digital business is, therefore, seen as a positive factor that strongly contributes to the economy and therefore its growth must be stimulated.
What legislation governs digital content and services, digital transformation and the conduct of business online?
Given the broad impact of digital businesses and digital transformation in different sectors, it is difficult to pinpoint all the specific legislation that comes into play. The most important laws are the following:
Which regulatory bodies are responsible for the regulation of digital content and services, e-commerce, data protection, internet access and telecommunications?
The most important regulatory bodies in the digital sphere are:
What tests or rules are applied by the courts to determine the jurisdiction for online transactions or disputes in relation to digital businesses in cases where the defendant is resident or provides goods or services from outside the jurisdiction?
Under Regulation (EU) 1215/2012 of 12 December 2012 (Brussels I bis Regulation), a consumer may in principle bring proceedings against the digital business either in the home state of the digital business or in his or her own jurisdiction. On the other hand, a digital business may only bring proceedings against a consumer in the latter’s home state. Where the customer is not a consumer, the parties may agree on a forum in their agreement or apply the other rules foreseen in the Brussels I bis Regulation.
Where disputes are held against a party outside the European Union, specific international private law rules will apply to determine the applicable jurisdiction. For example, Belgian courts have jurisdiction if the defendant is domiciled or habitually resident in Belgium when the claim is initiated, or if the parties have so agreed.
A party who finds that a dispute brought before a Belgian court should be brought somewhere else based on the underlying agreement, the Brussels I bis Regulation or other laws, must raise this in court. The Belgian court will in principle have to respect such rules, and in any case has to respect these when it comes to the Brussels I bis Regulation, save for a number of exceptions. The applicable law can be different to that of the applicable forum.
What regulatory and procedural requirements govern the establishment of digital businesses and sale of digital content and services in your jurisdiction? To what extent do these requirements and procedures differ from those governing the establishment of brick-and-mortar businesses?
No particularities apply to digital companies compared to 'normal' companies, and digital businesses can therefore be established in the same way. In principle, there is no authorisation or permit required to provide digital content and services, unless the company is operating in a regulated sector (eg, financial services or gambling).
Is it possible to form and conclude contracts digitally? If so, how are digital contracts formed and are there any exceptions for certain types of contract?
It is possible to form and conclude contracts digitally. The general formation rules of the Belgian Civil Code apply, namely, the parties must have the capacity to enter into an agreement, the valid consent of the parties is required, there must be a clear object and a lawful cause. A contract can be concluded digitally (eg, through a distance sale, email, etc). Additional rules may apply, especially in consumer contracts in distance sales, which among others require certain pre-contractual information obligations to be met and include mandatory post-sale rights such as a revocation of sale right. Belgian contract law also includes rules on unfair terms in both business-to-consumer (B2C) and business-to-business (B2B) relationships, some of them being null and void by law.
Are there any particular laws that limit the choice of governing law, language of the contract or forum for disputes when entering into digital contracts? Do these distinguish between business-to-consumer and business-to-business contracts?
Regulation (EU) 1215/2012 of 12 December 2012 (Brussels I bis Regulation) determines the courts before which a person may be called upon to appear in another member state. The law applicable to non-contractual obligations is determined by Regulation 864/2007/EC of 11 July 2007 (Rome II Regulation). The parties are in principle free to determine the forum and applicable law themselves, except in the case of specific agreements (eg, in a B2C relationship, an insurance agreement, etc) where restrictions apply.
While the parties are free to choose the language of the contract, the language used in specific contracts, such as in a B2C relationship, must be understandable and legible. To avoid the nullity of a contract with consumers, it is required that it be drafted in the language of the consumers, especially when it concerns complex services.
How does the law recognise or define digital or e-signatures? Must digital or e-signature providers be registered or licensed in your jurisdiction?
According to the Belgian Civil Code, a signature is valid when it consists of a sign or a succession of signs, affixed by hand, electronically or by any other process, by which a person identifies themself and from which their expression of will appears. The Civil Code acknowledges that such a signature can be electronic.
A qualified electronic signature is recommended, in the sense of Regulation (EU) No 910/2014 on electronic identification and trust services (eIDAS Regulation), when applying a digital signature, rather than a scanned copy. Qualified electronic signatures can only be provided by a registered trust service provider, who is subject to a number of rules when providing an electronic signature service (especially in respect of consumers).
Are any special forums for dispute resolution or remedies available for the breach of digital contracts?
No. Ordinary courts or arbitration institutes (eg, CEPANI in Belgium) will deal with such disputes.
Is the advertising or selling of financial services products to consumers or to businesses digitally or via the internet regulated? If so, by whom and how?
The advertising or selling of financial services products to consumers or to business digitally is very strictly regulated. This includes rules in the Belgian Code of Economic Law and specific regulatory financial laws and may, for instance, include certain prohibitions on the type of advertising, the provision of comprehensive pre-contractual information or the provision of a cooling-off period during which the consumer can withdraw from the contract. Rules depend on the type of product, and will list in detail what information must be provided and which other obligations apply. General rules on unfair commercial practices may apply too. The supervisor of these rules is in principle the Financial Markets and Services Authority or the Federal Public Service Economy. When financial instruments are offered via the internet, the issuers thereof must also carefully verify whether or not the detailed rules on public offers, which are substantially based on European law, apply.
Are there any rules, restrictions or other relevant considerations regarding the issue of electronic money, digital assets or use of digital currencies?
The Belgian Act of 11 March 2018 on the Legal Status and Supervision of Payment Institutions and Electronic Money Institutions, Access to the Business of Payment Service Provider and to the Activity of Issuing Electronic Money, and Access to Payment Systems, regulates the issue of electronic money, which is a licensed activity. Any person wishing to issue electronic money as an e-money institution in Belgium must, save for a number of limited exceptions, obtain a licence from the National Bank of Belgium. Book VII of the Belgian Code of Economic Law contains further rules on the issuing of e-money. A number of European regulations may also apply, as well as anti-money laundering regulations. Substantially the same rules apply throughout the European Union (EU).
There are, in principle, no specific rules applicable to digital assets and digital currencies. However, under the Belgian Anti-Money Laundering Act of 18 September 2017 and the Royal Decree of 8 February 2022, the providers of exchange services between fiat and virtual currency must register in Belgium. Providers of such services from outside the European Economic Area (EEA) are prohibited from providing their services in Belgium.
What procedures are in place to regulate the licensing of domain names or use of URLs? Is it possible to register a country-specific domain name without being a resident in the country? Are there any restrictions around the use of URLs to direct users to websites, online resources or metaverses?
At international level, the non-profit organisation Internet Corporation for Assigned Names and Numbers (ICANN) is responsible for the management of domain names. A domain name must be requested from an authorised agent. At European level, several regulations govern the legal framework surrounding domain names with the .eu extension. EURid, a Belgian non-profit association with its head office in Brussels, takes care of the management. These domain names can only be requested by European Union (EU) citizens or persons or companies who have their residence or establishment within the EU. At national level, the Belgian Association for Internet Domain Name Registration (DNS Belgium) is only responsible for the management of domain names – not for requesting the domain name; that must be done through an authorised agent or ‘registrar’ who has entered into an agreement with DNS Belgium. The nationality of the party requesting the domain name is irrelevant, nor are there any other special restrictions. Foreign agents can request the registration of a domain name from DNS Belgium. Likewise, Belgian agents can address requests from Belgian and foreign customers to the relevant manager in another country.
It is interesting to note that the Belgian Data Protection Authority and DNS Belgium have concluded an agreement, dated 1 December 2020, pursuant to which certain restrictions can be placed on websites with a Belgian domain name that do not comply with the General Data Protection Regulation (GDPR), even possibly leading to a cancellation of the domain name. This procedure makes it possible to redirect .be domain names to a warning page of the government body that has the legal authority to act against serious breaches of certain rules of law. For instance, if the processing of personal data, via a website linked to the domain name, constitutes a violation of the GDPR, the Data Protection Authority can issue an order to freeze or stop that processing. Also, subsequently DNS Belgium can revoke the website linked to the .be domain name.
Can domain names or URLs be the subject of trademarks or copyright protection in your jurisdiction? Will ownership of a trademark or copyright assist in challenging a competitive use or registration of a similar domain name or URL?
Strictly speaking, the applicant only receives a licence or exclusive right to use the domain name, but not the actual ownership. Nevertheless, a domain name holder can take action under the Code of Economic Law against another domain name holder if the domain names are similar or identical, subject to a number of conditions. Ownership of a trademark can also support a challenge against a similar domain name, as the owner can also invoke trademark law.
What rules govern online advertising?
Advertising is a commercial practice. Therefore, the provisions of the Code of Economic Law apply (both in business-to-consumer and business-to-business relationships). For example, advertising is misleading if it displays false information or omits crucial information such that this induces the average consumer or business to make a decision about a transaction that the consumer or business would not otherwise have made. The rules on the permissibility of comparative advertising are also applicable. Comparative advertising is only permitted on condition that it:
These are cumulative requirements. Therefore, advertising that does not comply with all conditions is prohibited. Furthermore, specific legislation may apply, such as in the case of advertising for medicine, financial services or alcohol.
Publicity through electronic communication is also regulated in the Code of Economic Law, and may also be subject to the General Data Protection Regulation (GDPR) if it concerns the processing of personal data.
The Code of Economic Law also contains specific identification and transparency principles for online advertising.
What rules govern targeted advertising and online behavioural advertising? Are any particular notices or consents required?
There are no specific regulations regarding targeted and online behavioural advertising in Belgium. These are subject to general rules on advertising and, if personal data is processed to analyse the user’s behaviour, the GDPR. When cookies are used, which have a 'tracking' function that allows them to follow the browsing habits of internet users on other websites, prior consent to such use by the user must also be obtained following the provision of clear and precise information concerning the processing of the user’s data. This applies regardless of whether the information is personal or anonymous. Consent is only not required if the cookies are used for the sole purpose of carrying out the transmission of a communication or are strictly necessary to provide an information society service explicitly requested by the user.
Are there rules against misleading online advertising?
The provisions of the Code of Economic Law regulate misleading advertising across all industries. Misleading advertising entails, among others, that false information is displayed or crucial information is omitted. Evidence must be provided that such information or omission of information induces the average consumer to make a decision about a transaction that he or she would not otherwise have made. In case of a misleading omission, the deception must relate to the essential information (eg, the main characteristics of the product, the price or the method of payment).
Are there any digital products or services that may not be advertised online?
There are no specific restrictions for digital products and services, besides those with respect to financial services and gambling (the advertising of non-licensed gambling facilities and games being prohibited).
What is the liability of content providers and parties that merely host the content, such as ISPs? Can any other parties be liable?
Under the Code of Economic Law, and pursuant to European law, three different types of exemptions of liability for providers of information society services exist when they act as intermediaries under the mere conduit principle. Generally speaking, when such providers do not initiate the transmission or do not have the opportunity to modify the information transmitted, they are exempted from liability. Specific conditions must be assessed for each type of exemption.
When would a digital platform or online content provider be liable for mistakes in information that it publishes online? Can it avoid liability? Is it required or advised to post any notices in this regard?
There are no specific rules regarding liability for advertising and information published online. The general liability rules of the Civil Code, including those regarding the exemptions on liability through a disclaimer and its limitations, apply.
The Belgian Code of Economic Law provides for a cascading presumption of liability in the event of an action against publicity:
Liability can be shared. Criminal liability is equally possible.
Are internet service providers (ISPs) liable for content displayed on their sites? How can ISPs limit or exclude liability?
The mere conduit principle set out in the Code of Economic Law also applies to ISPs insofar as this concerns a claim for monetary damages, and exempts ISPs from liability subject to a number of conditions. ISPs can still be subject to different kinds of injunctions under Belgian law. Moreover, ISPs must take measures to pre-emptively filter illegal material from their sites. These rules will, in the near future, be amended pursuant to the European Digital Services Act.
Can an online content provider or ISP shut down a web page containing defamatory material without court authorisation?
How online content providers and ISPs deal with defamatory material is primarily regulated by themselves. There is no Belgian legislation with respect thereto. The upcoming European Digital Services Act will introduce certain rules on transparency of content moderation platforms.
Nevertheless, the Belgian Supreme Court (Hof van Cassatie/Court de Cassation) did accept in 2013 that internet access providers can be required to make a website inaccessible to internet users. The purpose of the data seizure is to stop acts that appear to constitute a crime. The data seizure is possible in two situations. Firstly, if the data constitutes the object of a crime or arose from a crime and is contrary to public order or morality; (criminal) hate speech and crimes always fall into this category, because of the broad wording. Secondly, if the data endangers the integrity of information systems or data stored, processed or transmitted by them.
Are data and databases protected by IP rights?
It is generally accepted that data are not protected by intellectual property rights. After all, there is no creative process happening with data as there is in relation to copyright. However, this view needs to be nuanced. For example, it is possible that the selection and arrangement of data take place in a certain way for which creative choices have been made. In such a case, one can claim copyright on the structure of the database.
Databases, on the other hand, are protected by intellectual property rights, specifically by the Code of Economic Law. These can be protected by:
Can a website, digital platform or other online content provider link to third-party websites or platforms without permission?
In principle, it is permitted to link to a third-party website. However, liabilities arise if a link is made to unlawful content. Restrictions may also apply if content is embedded in a webpage by means of hyperlinks and frames wherein third-party content is displayed. Under European Union copyright law, it is permissible to hyperlink to a website of a third party if the linked material is: (1) still publicly available; and (2) was originally communicated on the internet with the content owner. The link may be infringing a third-party copyright if the linked material has been removed or if it circumvents any subscription, pay or other technical barriers imposed by the original content owner.
Can a website, digital platform or other online content provider use third-party content, obtained via automated scraping or otherwise, without permission from the third-party content provider?
Yes, unless such content is protected by copyright laws or if it contains personal data, in which case the obligations under the General Data Protection Regulation apply. Scraping could also be prohibited based on a website’s terms of use.
Do the authorities have the power to carry out dawn raids and issue freezing injunctions in connection with IP infringement?
The General Directorate of Economic Inspection has several tasks, listed in the Code of Economic Law. One of its roles is to monitor compliance with economic regulations through informative, preventive, warning and repressive action. This includes detecting and determining violations of the Code of Economic Law and various economic regulations. For example, the Directorate can carry out dawn raids and seize false products that infringe intellectual property rights. In 2020, the Directorate seized 83,729 fake products in 179 of its 377 controls thereon. This number was lower due to the pandemic, as in 2019 182,554 fake products were seized in 278 such controls.
What civil remedies are available to IP owners? Do they include search orders and freezing injunctions?
The IP owner can file a cease-and-desist action in a civil court to order the cessation of an infringement of IP rights. The cessation may be accompanied by a penalty payment. The owner may also seek damages to compensate them for their loss. Furthermore, they can request measures for the description and preservation of any infringing material. This procedure is called ‘the seizure of counterfeit’. Finally, certain ancillary claims are possible, such as for the remittance of profits, the recall of the goods from the market or the forfeiture of the infringing goods.
How does the law in your jurisdiction define ‘personal data’? Are any other categories of personal data defined in the law? If so, what additional rules apply to the processing of such categories of personal data?
Under the General Data Protection Regulation (GDPR), ‘personal data’ means any information relating to an identified or identifiable natural person whereby an ‘identifiable person’ is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data or an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This definition applies throughout the European Union (EU).
Additionally, a number of categories of sensitive personal data exist (eg, data about a person's health, ethnicity, sexual orientation or political views). The processing of these data is prohibited, barring exceptions. For example, if the processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent, or if the processing relates to personal data that are manifestly made public by the data subject.
Do parties involved in the processing of personal data have to register with any regulator to process personal data? Does the law prescribe the appointment of a data protection officer?
There is no registration requirement to be allowed to process personal data. However, any organisation processing personal data must have a valid legal basis to do so. There are six legal bases listed in the GDPR:
Each legal basis is subject to a number of conditions that have to be carefully assessed. Further obligations apply under the GDPR, including the requirement to document all activities concerning the processing of personal data in the data register.
The GDPR prescribes the appointment of a data protection officer (DPO) in three cases: (1) if there is a large-scale regular and systematic monitoring of users; (2) if the processing is carried out by a public authority; and (3) if the organisation is performing complex operations with user data. If the organisation falls outside one of these cases, the appointment of a DPO is not mandatory, but allowed voluntarily.
Can data protection laws and regulatory powers apply to organisations or individuals resident outside your jurisdiction? Is there a requirement for such an organisation or individual to appoint a representative in your jurisdiction?
The GDPR is applicable in the three following situations:
Nevertheless, data controllers or processors that are not based in the EU but perform processing activities that fall within the scope of the GDPR, must designate a representative in the EU.
May a party sell or transfer personal data to third parties, such as personal data about users of an online service or digital platform?
The two most generally accepted legal bases in the GDPR for the sale, license or transfer of personal data are the data subject's consent and the data controller’s legitimate interests. If the data is sold or transferred without a legal basis for the processing, it must be deleted by the purchaser. The seller can be held liable for the sale price and any damages in case of an illicit transfer.
What rights and remedies do individuals have in relation to the processing of their personal data? Are these rights limited to citizens or do they extend to foreign individuals?
Data subjects have multiple rights and remedies under the GDPR. For instance, they have the right to lodge a complaint with a supervisory authority (the Data Protection Authority), the right to an effective judicial remedy against a controller/processor/supervisory authority and the right to compensation and liability. Specifically in Belgian law, they can invoke article 1382 of the (Old) Civil Code to hold another party liable for infringements of the GDPR and the Belgian Privacy Act of 30 July 2018.
What measures must companies take to guarantee the cybersecurity of data, communications, online transactions and payment information? Does any regulation or guidance provide for a particular level of cybersecurity or specific procedures to avoid data breaches? Are there any commonly used cybersecurity standards?
Under the General Data Protection Regulation (GDPR), organisations must take appropriate technical and organisational measures to protect their processing of personal data, taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity of these risks to potentially infringe the rights and freedoms of natural persons.
The Belgian Network and Information Security Act of 7 April 2019 (the NIS Act) transposed the EU Network and Information Security Directive 2016/1148 (the NIS Directive). In addition to the GDPR, the NIS Act adds a legal requirement for higher cybersecurity standards in respect of certain ‘essential’ services, such as energy (electricity, oil and gas), financial platforms, digital infrastructures (DNS services and domain name registrations) and transportation (air, rail, water and road). Importantly, certain digital services – such as online marketplaces, online search engines and cloud computer services – fall within the NIS Act’s scope.
To ensure an adequate level of network and information security in these sectors and to prevent, handle and respond to incidents affecting networks and information systems, the NIS Act sets out the following obligations for the operators of essential services:
A new NIS 2 directive is currently under negotiation. One of most important changes will be the extension of its scope. This means that it will not only apply to essential sectors, but also to other important sectors, including additional digital infrastructures such as trust services providers.
Does your jurisdiction have data breach notification laws that apply to digital business? If so, which regulators should be notified and under what conditions should affected individuals be notified?
With respect to data breach notifications, the Electronic Communications Act of 13 June 2005 requires companies in the telecommunications sector to notify immediately (within 24 hours) personal data breaches to the Data Protection Authority (DPA), which must transmit a copy of the notification to the Belgian Institute for Postal Services and Telecommunications. If there is a breach of personal data or the privacy of individuals, the company must also notify the data subjects affected by the breach. The NIS Act additionally provides for a detailed procedure regarding breaches for operators of essential services.
The GDPR provides for a duty for the data controller to report personal data breaches to the DPA without undue delay, and where feasible, not later than 72 hours after having become aware of a breach. This notification must describe the nature of the breach, communicate the contact details of the data protection officer or other contacts where more information can be obtained, explain the likely consequences of the breach and describe the measures taken or proposed to be taken by the controller to address the breach. A communication to the data subjects is in some cases necessary if there is a high risk to their rights and freedoms. The DPA stresses that, in the event of public incidents, it must be informed of the causes and damage within 48 hours after the data controller became aware of the breach.
Are the authorities permitted lawful access to data? If so, what types of company are required to provide data to the authorities and under what circumstances?
Article 46 bis of the Code of Criminal Procedure provides that the Public Prosecutor, in the detection of crimes and malpractices, may, by a reasoned and written decision, on the basis of any data in his or her possession or by means of access to the customer files of the actors, proceed to:
To this end, the Public Prosecutor may, if necessary, issue a request through a police department or the Federal Computer Crime Unit. He or she may also request the cooperation of the operator of an electronic communications network.
Article 88 bis states that the investigating judge, when there are serious indications that the offences may result in a correctional punishment of one year or a more severe punishment, and when he or she considers that there are circumstances that make it necessary to have electronic communications traced or to locate the origin or destination of electronic communications in order to uncover the truth, can:
A number of additional legal grounds on lawful access to data exist, including for the secret services in the Act of 30 November 1998 Governing the Intelligence and Security Services.
Is it permissible to operate an online betting or gaming business from your jurisdiction? Is any regulatory consent or age, credit or other verification required?
Belgium has a ‘system of additional licences’. Only existing gaming establishments already licensed to operate games of chance in the real world (offline) can apply for an additional licence for the internet (online). Gambling is strictly regulated.
The Gambling Act requires a minimum age of 21 to play in a casino or slot machine hall, both offline and online. In addition, you are required to register for this purpose. To participate in either offline or online betting, the minimum age is 18. Certain professions are prohibited from accessing casinos and gaming arcades, for example magistrates. Also, certain persons can be placed in a database of excluded persons that must be consulted by gambling businesses before allowing customers to play. Online gambling businesses must impose compulsory game limits and include the possibility of temporary self-exclusion for customers, who must also be informed of the risks of online betting. Credit cards cannot be used to pay for online gambling services, nor can any credit or loan be provided.
What key legal issues arise when outsourcing services to a provider either inside or outside your jurisdiction?
Since the pandemic, the outsourcing of cloud computing services has boomed in Belgium. One of the most important concerns in this field remains privacy and cybersecurity, which must be extensively addressed in the outsourcing agreement. This is also necessary in other outsourced activities. If services are outsourced outside Belgium, and especially outside the European Union, the strict European rules on personal data transfers are likely to apply and cause issues that need to be addressed in a data processing agreement. Another crucial negotiation subject is an adequate service level agreement, which guarantees that the provider will sufficiently support the customer’s outsourced services. If personnel are to be transferred together with the outsourcing, it is essential to obtain advice on the Belgian employment law in this area, as such transfers are strictly regulated, among others pursuant to the European Acquired Rights Directive. The customer must also pay attention to the exclusions and limitations of liability clauses in the outsourcing agreement. The inclusion of common law terminology such as ‘indirect damages’ does not correspond with Belgian law, which has separate rules on liability that must be carefully transposed in the agreement. The parties must also think of the exit arrangements, as a lack of them can cause major issues for the customer when the agreement is terminated for any reason.
What are the rights of employees who previously carried out services that have been outsourced? Is there any right to consultation or compensation? Do the rules apply to all employees in your jurisdiction?
If a service is outsourced, there may be circumstances in which the EU directive on Transfers of Undertakings with Protection of Employment (TUPE) applies, namely, the Acquired Rights Directive (ARD). In Belgium, the ARD is incorporated by the Act of 5 December 1968 on Collective Bargaining Agreements and by the Collective Bargaining Agreement No. 32 bis (CBA 32 bis), which may apply if an asset and employee transfer takes place at the moment of the initial outsourcing, or if there is a change of supplier or a reverse transfer.
Belgian law will apply to any employee who usually executes their contract in Belgium, even if they are temporarily seconded to another country. If an employee does not execute their contract in one single country, the law of the country in which the employer is situated will apply.
All employees connected to the outsourced (transferred) activity must transfer, and will do so automatically, so that no new employment agreement is required with their new employer. A dismissal due to the transfer of undertaking is only possible for economic or technical reasons. Infringement may lead to additional compensation being due to the employees who were wrongfully dismissed.
The employer (transferor) must inform and consult its works council prior to making any official decision on an outsourcing that results in a transfer of employees. The works council must be informed regarding the reasons for the contemplated outsourcing and the consequences for the employees. There is only a duty to consult the works council, its consent is not required. The new employer (transferee) must also inform and consult its works council beforehand. Failing to inform and consult the works council can be sanctioned by a criminal fine.
If no works council (or trade union delegation) exists within the transferor, the employees concerned must be individually informed beforehand of the envisaged transfer date, the reasons for the transfer, the legal, economic and social consequences, and the intended measures that will affect the employees. In practice, the customer and the service provider will in most cases agree on a joint communication.
Is the sale of digital products or online services subject to taxation in your jurisdiction? If so, on what basis?
A sales tax rate (VAT) of 0 per cent, 6 per cent, 12 per cent and 21 per cent applies in Belgium, depending on the product. The applicable rate for digital products and services is in principle 21 per cent. Income from digital products (such as speculation on tokens and crypto currency) may be taxed at 33 per cent on gains made, depending on the circumstances.
What tax liabilities ensue from placing servers outside operators’ home jurisdictions? Does the placing of servers, a platform or a metaverse within your jurisdiction by a company incorporated outside the jurisdiction expose that company to local taxes?
The relevant criterion to determine whether or not a foreign company is active in Belgium depends on whether the activity concerned (such as placing a server, platform or metaverse) in Belgium can be seen as a ‘permanent establishment’. The US concept of ‘being engaged in trade or business’ does not apply. The term ‘permanent establishment’ will depend on the circumstances of the activity and on the definition provided in the tax treaty between Belgium and the country of the foreign entity, if available. Generally, this is defined as the fixed place of business through which the business of an enterprise is wholly or partially carried on.
Are there any specialist courts or other venues in your jurisdiction that deal with online/digital issues and disputes?
No, ordinary courts or arbitration institutes (CEPANI) must be applied to online/digital issues and disputes.
What alternative dispute resolution (ADR) methods are available for online/digital disputes? How common is ADR for online/digital disputes in your jurisdiction?
The Federal Public Service Economy has created the Belmed platform that facilitates alternative dispute resolution through the internet by bringing both parties together in a platform and also providing access to partners to act as mediator. Its scope is not limited to online/digital disputes. The parties can also engage qualified mediators or mediation institutions such as CEPANI. Various sectors, organisations and professional associations have also set up ADR bodies that can be involved in dispute resolution.
Are there any emerging trends or hot topics in the regulation of digital content and services, digital transformation and doing business online in your jurisdiction? Is there any pending legislation that is likely to have consequences for digital transformation and doing business online?
The world of digital technologies is growing exponentially and poses new challenges to existing legal frameworks due to the novel issues it creates. The European legislator has boosted efforts in recent months to cope with these rapid evolutions, proposing and introducing laws that will significantly impact digital transformation and online businesses. The AI Regulation, which is being negotiated, will be one of the first comprehensive global laws on artificial intelligence (AI), potentially clearing the way forward for other jurisdictions to regulate this technology as was the case for privacy with the General Data Protection Regulation. Although the AI Regulation will mainly govern ‘high-risk’ AI systems, it will put forward important principles (eg, the quality of data sets and transparency obligations) that could be applied similarly to other AI products. Certain jurisdictions may become inspired by these rules and also extend them voluntarily to other systems. The challenge will, however, be to establish a legal framework that equally safeguards innovation and does not generate excessive compliance costs, especially for small and medium enterprises such as start-ups. A future revision of the Product Liability Directive may tackle further issues with respect to the liability rooted in AI and Internet of Things systems.
Cybercrime continues to be a challenge for many countries, including Belgium. The revised NIS Directive (NIS 2), with an expanded scope of application, may further boost cybersecurity efforts from a legal standpoint. It remains unclear when another important piece of legislation, the ePrivacy Regulation, which will provide for more clarity regarding specific issues that may arise concerning privacy in connection with online interactions and electronic communications, will be agreed upon. Its purpose is to reinforce trust and security in digital services, while providing flexible regulatory tools to enable innovation. The ongoing negotiations mean that its implementation will again be delayed, until 2023 or later.
While a first agreement has been reached on the Markets in Crypto Assets Regulation, bringing the first crypto regulation in Europe into being, Belgium has introduced its own rules on crypto exchanges and wallets. It is expected to further regulate crypto advertising in the near future, and could even qualify crypto currencies as financial instruments, closing an opaque gap in law and leading to the direct applicability of important financial legislation to the issue and use of these virtual currencies.
Also, final agreements have been reached on the Digital Services Act and Digital Markets Act, which will govern, respectively, online intermediaries and platforms, as well as ‘gatekeepers’ in digital markets. These rules will significantly impact tech giants in a bid to increase competition in the digital market. It will be very interesting to see how effective the new rules are and whether they can revolutionise the sector.
The introduction of the above legislation in a way that also meets business interests and innovation can potentially make Europe indeed fit for the digital age – the European Commission’s goal.
If you would like to learn how Lexology can drive your content marketing strategy forward, please email [email protected] .
© Copyright 2006 - 2022 Law Business Research