this post was submitted on 13 Feb 2026
7 points (100.0% liked)

General Data Protection Regulation (“GDPR”) ⚖

1385 readers
2 users here now

Everything related to the #GDPR is discussed here. This is the first and only community specifically for GDPR topics which is decentralized and outside of walled-gardens. #EDPB recommendations and guidance can and should also be discussed here.

For the moment, chatter on the similar California Consumer Privacy Act (CCPA) could be discussed at least until the volume of messages compels us to split it into a separate community.

founded 2 years ago
MODERATORS
freedomPusher@sopuli.xyz
7
🇧🇪Belgium: “public bodies are exempt from GDPR fines” (web.archive.org)
submitted 1 week ago* (last edited 1 week ago) by freedomPusher@sopuli.xyz to c/gdpr@sopuli.xyz
10 comments fedilink hide all child comments
 

Gem from the article:

Under Article 221, §2 of the Belgian Data Protection Act of 30 July 2018, public bodies are exempt from GDPR fines in Belgium.

So Belgian public services have no incentive to comply with the GDPR.

Yikes. The money taken by fines does not disappear. It would normally move from one public pot to another public pot.

(update) less confusing source: https://eurocloud.org/news/article/no-gdpr-fines-for-public-sector-bodies-at-all-no-discrimination-and-no-problem/

It’s also interesting to see the comment on this case.

you are viewing a single comment's thread
view the rest of the comments
[–] Corporal_Punishment@feddit.uk 1 points 4 days ago (1 children)

Just really picking up on the last part.

GDPR is taken incredibly seriously here. But human error is the leading cause of breaches and in a situation you have teams that are grossly understaffed then mistakes will happen. A fine wouldn't deter it.

The only real solution is to hire more staff and share the workload. But there isnt any money so 🤷

[–] freedomPusher@sopuli.xyz 1 points 4 days ago* (last edited 4 days ago)

The DPA is not limited to fines. A DPA can give advice, issue warnings, and orders. A DPA is unlikely to use a heavy-handed but simultaneously ineffective or inappropriate tool for enforcement. The DPA also has discretion in the amount of the fine. The law at hand w.r.t this thread disempowers the DPA from fines -- which would be increasingly important for repeat offenders.

I think it’s far-fetched to suggest that a DPA would ruin or sink a school. But it would be sensible for the penalty limit to be lower for public data controllers if that concern is realistic. There could also be an imposed leniency on 1st time offences.