By Patrick Van Eecke and Antoon Dierick
Almost five months after federal parliamentary elections took place, the negotiators from the four political parties around the negotiating table (Flemish parties NVA, CD&V and Open VLD and Walloon party MR) reached a coalition agreement which contains quite a few interesting policy initiatives from a privacy and IT law perspective.
The newly formed government aims to be “a digital federal authority” by the end of the legislature, the goal being to smooth away superfluous paperwork circulating in the different federal public services. Inspired by the success of Tax-on-web (an online tax declaration platform) and student@work (an online platform relating to work performed by students), the development of new tools and apps will be a priority of the new government. Moreover, public authorities will be asked to use means of electronic communication as much as possible when communicating with the public.
Several privacy and IT related areas have been explicitly discussed in the coalition agreement. Some of the announced initiatives include the following:
The new Belgian government seems to take citizens’ privacy rights very seriously. For the first time, the federal government will include a Secretary of State (i.e. a member of the cabinet assigned to a Minister) responsible for privacy matters.
This Secretary of State has not been tasked lightly. He will need to supervise the modernization of the current legal framework relating to personal data protection. Important to note is that the coalition agreement has stated that the basic principle in relation to data protection should be an informed consent (this being one of the six forms of legal basis which can be invoked to process personal data). The Belgian government itself will advocate for a strongly harmonized European regulatory framework for privacy which nevertheless gives Member States the possibility to provide a higher level of protection, especially in the government, healthcare and social security sectors.
The coalition agreement further highlights the importance of transparency of public authorities and companies with regard to the data they gather and how they are used. Security measures, including encryption, should protect governmental databases and avoid that entities obtain unreasonable access to the private life of a person.
Citizens will also see their rights reinforced based on principles such as control, reasonableness, security, transparency, etc. An interesting principle is the “contextuality principle” according to which data can only be collected and used in the same context as the one in which they were given. Abuse or negligence will be punished in an appropriate manner. During a round table with public authorities, companies and citizens the new government plans to refine and apply the aforementioned principles.
The protection of privacy will be given special attention when enacting legislation, while developing the federal ICT infrastructure and in the context of the digitization of the federal services. As an example, ICT tenders of the federal government will have to include the aspects “cyber security” and “privacy by design”.
Finally, a reform of the Belgian Privacy Commission is announced in order to avoid conflicts of interest between its members and the applicants for authorisations taking into account the increasing use of electronic services by public authorities.
2. Cyber security
Cyber security is a hot topic in Belgium since several recent cases of computer hacking, amongst others in public services. The new government has announced to improve cyber security, whilst respecting the fundamental rights and values of a modern society. It also wishes to strive for an optimal protection of critical infrastructures, scientific and economic potential and governmental systems against cyber threats.
Further, a “Belgian Centre for Cyber Security” will be put into operation, which will elaborate a cyber security strategy, play a coordinating role and give policy and general advice.
Finally, it has been announced that resources for police services, intelligence services and the Public Prosecutor with respect to cyber security will be increased.
3. E-commerce, e-invoicing and telecommunications
In the light of European reports highlighting the limited market share of (cross-border) electronic commerce (“e-shopping”), the new government intends to support this sector by creating an independent platform for e-commerce which should address structural handicaps by taking initiatives in several areas which may create obstacles for the full development of electronic commerce, such as issues relating to product safety, online payment solutions, out-of-court dispute settlement possibilities, etc.
Next, the general use of e-invoicing is one of the measures the government wishes to implement in order to reduce the administrative burden for SMEs. With regard to public authorities, the current pilot project will be widened to all departments and starting from 2016 the use of e-invoicing will be mandatory. The government will make sure that suppliers of public authorities will be able to send all their invoices through the same electronic platform, irrespective of whether the receiver is a federal, regional or local authority.
Finally, the government intends to expand the Ethical Code relating to telecommunications to smartphone applications.
We will of course further report on any further IT and privacy related initiatives taken by the new Belgian government.