Professionals >

Contacts >

Privacy and cybersecurity issues are becoming increasingly important in today’s technologically advanced environment, as witnessed by recent developments in EU law and several high-profile cases in the press. More than ever, companies need to understand their rights and obligations in this area and need to be aware that non-compliance may not only result in heavy fines but will also be perceived very negatively by the market.

The EU General Data Protection Regulation (in force from May 2018) introduces new principles, concepts and obligations, which will result in companies having to revise their personal data processing practices and culture. Crucially, the Regulation i) extends the enforcement powers of data protection authorities (e.g., by way of heavy fines) and ii) is of wide-reaching effect: the new Regulation affects not only those businesses established in the EU but also companies that are not established in the EU but that are offering goods or services to data subjects in the EU or who monitor the activities of such data subjects.


For more than two decades, we have been closely monitoring EU and Belgian developments in the data protection area. During this time, we have advised many national and multinational clients from different industry sectors, with a particular focus on life sciences, TMT, energy, utilities, retail, as well as HR departments in general.

In order to provide our clients with a pan-European and global service, we have developed a network of experienced data protection lawyers in other jurisdictions with whom we have had strong ties for many years. We are also closely involved in Crowell & Moring’s U.S. Data Protection and Cybersecurity group and work closely with our U.S. colleagues on cross-border issues involving the international transfer of personal data.

The Challenges of New Technology

In this technological age, an important part of our practice consists of advising clients on the processing of personal data through the internet, the storing and international transfer of personal data and related cybersecurity issues, the use of “big data” and profiling for marketing purposes, the use of new technologies in the workplace, such as email monitoring and the use of social media by employees. In particular, we advise telecommunications companies and internet service providers regarding sector specific data protection obligations.


We help our clients achieve data protection compliance through day-to-day counseling and contractual work and through global and Europe-wide privacy audits. We analyze our clients’ existing data protection practices and make recommendations for compliance. In this way, we help our clients to better understand their data processing, map the location and flows of the data and identify potential threats and compliance issues.

We develop and implement tailor-made privacy programs, which may include the drafting of privacy policies and procedures, notices, data transfer agreements and advice on security measures to be taken. We assist our clients in their contacts with the various Data Protection Authorities in Europe.


It is not enough that our clients know the law and have the necessary policies and procedures in place to handle data in a safe and secure way. The knowledge and culture of the people actually handling the personal data on a daily basis is crucial, and will only become more important under the new EU Data Protection Regulation. It serves no purpose to have policies and procedures in place when these are not applied and complied with in practice. An important part of our service therefore consists of training key staff on applicable law and the client’s internal procedures.

Our Team

Our privacy and cybersecurity team is composed of highly experienced lawyers from each of our firm’s core practice areas, including corporate, commercial, employment and TMT. The practice is led by senior counsel Frederik Van Remoortel (CIPP/E, former member of IAPP European Advisory Board). Senior counsel Maarten Stassen (also a former member of the IAPP European Advisory Board) focuses in addition on other legal and operational aspects of the digital ecosystem. Partners Thomas De Meese (who has a particular focus on TMT and competition law), and Emmanuel Plasschaert, who concentrates on HR data protection complete the Brussels team.

"‘Superb data privacy lawyer’ Frederik Van Remoortel heads Crowell & Moring’s team, which includes Thomas De Meese and Emmanuel Plasschaert, who is an expert in HR-related data protection" Legal 500 EMEA, 2016

“Senior counsel Frederik Van Remoortel is ‘reliable like a Swiss watch’” Legal 500 EMEA, 2016

Emmanuel Plasschaert, who heads the [Crowell & Moring Brussels] corporate and labour practice groups, is ‘responsive and pragmatic’”. “[He] shows exceptional attention to detail.” Legal 500 EMEA, 2016

Representative Matters

Day-to-day Advice

  • Regularly answered questions such as: ‘Can I transfer this set of personal data to third parties in the US?’ ‘How long must I retain certain personal data?’ ‘Can I use customers’ personal data for targeted advertising?’
  • Advised on the use of customers’ personal data for the installation of so-called ‘smart meters.’
  • Advised several companies on data retention periods.

Privacy Audits

  • Worldwide privacy compliance projects with respect to personal data processed by the HR departments of a U.S. and a Belgian multinational.
  • Privacy audit and compliance project for an important Belgian telecommunications company (including customer and supplier data, user data, and marketing data).

Litigation and Contractual Work

  • Conducted legal proceedings with respect to the conformity with privacy laws of a ‘bad payer list’ set up by several undertakings in the same sector.
  • Reviewed contractual documents between doctors, hospitals, patients and the client (a manufacturer of medical devices), and notified the client’s data processing with the relevant data protection authority.
  • Drafted privacy policies: for the personnel of several Belgian and multinational companies, (e.g., in the telecommunications sector); and for the websites of national and multinational clients.

View More

"European Court of Human Rights Confirms the Proportionality Test for Use of Hidden Cameras on the Work Floor," Labor & Employment Law Alert - Europe (December 3, 2019). Contacts: Frederik Van Remoortel, Emmanuel Plasschaert, Evelien Jamaels, Delphine Keppens
Client Alert/Newsletter
"Data Protection Impact Assessments, The Full Picture," IAPP Europe Data Protection Congress 2019, Brussels, Belgium (November 19, 2019). Chair and Speaker: Maarten Stassen.
"Will GDPR kill blockchain?" Beltug N-sight seminar: Blockchain - Transformation from Hype to Reality, Grimbergen, Belgium (November 6, 2019). Speaker: Maarten Stassen.
"GDPR & Blockchain: Challenges & Opportunities," Blockchain in Government, HOWEST (October 24, 2019). Speaker: Maarten Stassen.
"GDPR Audits & Certifications," Programme in European Data Protection (GDPR), Solvay Business School (October 23, 2019). Speaker: Maarten Stassen.
Europe Data Protection Digest IAPP (October 18, 2019)
In the News
"The ICO Bares its (Sharp) Teeth: What You Need to Know About GDPR One Year On," Crowell & Moring, London (October 17, 2019). Moderator: Jeffrey L. Poston; Panelists: Ambassador Robert Holleyman, Maarten Stassen, and Laurence Winston.
Why consent is the weakest link (October 10, 2019). Author: Maarten Stassen.
Court of Justice of the European Union Finds that Pre-Ticked Checkboxes Are Not Valid Consents under GDPR (October 9, 2019). Authors: Maarten Stassen, Heidi Waem and Louis Vanderdonckt.
Belgian Data Protection Authority Finds Merchant Violated GDPR by Requiring Customers to Provide Electronic ID to Receive Loyalty Card (October 8, 2019). Authors: Maarten Stassen and Louis Vanderdonckt.

To view more News & Events for this area, please go to our desktop site.

Crowell & Moring LLP is an international law firm with more than 500 lawyers representing clients in litigation and arbitration, regulatory, and transactional matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation, as well as its ongoing commitment to pro bono service and diversity. The firm has offices in Washington, DC, New York, Los Angeles, San Francisco, Orange County, London, and Brussels.

View Desktop Site | Mobile Sitemap

Contact | Subscribe | Terms of Use | Privacy Statement | Alumni

© Crowell & Moring LLP 2019
Attorney advertising - prior results do not guarantee a similar outcome.