European Commission challenges Belgium for lack of independence of its DPA

The European Commission has sent a reasoned opinion to Belgium for failing to ensure full independence of its Data Protection Authority (DPA). The Commission considers that Belgium violates Article 52 of the General Data Protection Regulation (GDPR), which states that the data protection supervisory authority shall perform its tasks and exercise its powers independently. The independence of data protection authorities requires that their members are free from any external influence or incompatible occupation. However, the European Commission argues that some members of the Belgian Data Protection Authority currently cannot be regarded as free from external influence because they either report to a management committee depending on the Belgian government, they have taken part in governmental projects on COVID-19 contact tracing, or they are members of the Information Security Committee.