BELGIUM Law and Practice Contributed by: Wim Nauwelaerts, Alston & Bird LLP
In addition to the CCB, several sectoral authori - ties are charged with monitoring cyber-related matters for their respective sectors: • the federal Minister for Energy – the energy sector (Federal Public Service Economy); • the federal Minister for Transport – the trans - port sector, with the exception of transport over waters accessible to seagoing vessels; • the federal Minister for Maritime Mobility – transport over water accessible to seagoing vessels; • the federal Minister for Public Health – the health sector; and • the federal Minister for Economy – the digital services sector, encompassing cloud com - puting services, online search engines and online marketplaces (Federal Public Service Economy). Together with the CCB, the National Crisis Cen - tre (NCCN) ensures the organisation and co-ordi - nation of the Cyber Emergency Plan at national level. The two authorities are jointly responsi - ble for crisis management. The NCCN is also in charge of making national risk assessments, and it is the (inter)national point of contact for critical infrastructures. Moreover, the NCCN prepares national emergency plans and provides local support. It operates 24/7, ensures the protection of people and institutions and monitors events. The Belgian Institute for Postal Services and Tel - ecommunications (BIPT) monitors the security of the electronic communications networks and services of telecoms operators. The BIPT is also the sectoral authority and inspection service for the digital infrastructure sector under the NIS2 Act, and for the electronic communications and digital infrastructure sectors under the Critical Infrastructures Act.
The National Security Council is charged with the co-ordination and evaluation of general intelligence and security policy matters and the national security strategy, the prioritisation of intelligence and security services, the co- ordination of national security priorities, the co- ordination of a general policy on the protection of sensitive information, the co-ordination of the fight against terrorism and extremism and the monitoring of its decisions. The Coordination Unit for Threat Analysis (CUTA), operating under the Minister of Justice and the Minister of Interior Affairs, is an independent knowledge centre in charge of assessing terror - ist and extremist threats in Belgium. The Belgian Data Protection Authority (DPA) is an independent body that ensures that the fundamental principles of personal data protec - tion are properly observed. This includes the GDPR’s requirements relating to data security and personal data breach notifications. The DPA consists of different departments, each of which plays a specific role in enforcement cases. The Frontline Service performs a triage function to determine which complaints merit further inves - tigation, the Inspection Body carries out inves - tigations, and the Dispute Resolution Chamber issues enforcement decisions. Investigations are typically triggered by a complaint or request for information, but the DPA can also decide to open an investigation at its own initiative. The Information Security Committee (ISC) was created by the Act of 5 September 2018 to grant certain authorisations in relation to the process - ing and communication of specific categories of personal data (eg, national registry numbers).
43
CHAMBERS.COM
Powered by FlippingBook