TMT 2024

Last Updated February 22, 2024


Law and Practice


DLA Piper UK LLP has a global intellectual property and technology (IPT) group consisting of 60+ offices, around 150 partners and 530+ fee earners in more than 20 countries, constituting the world’s largest IPT team. With over 120 lawyers based in the firm’s office in Brussels and its working hub in Antwerp, DLA Piper in Belgium combines the firm’s global reach with local know-how. More specifically, the IPT team is part of a global, fully integrated group of IPT teams that operate in the markets of greatest importance to the firm’s multinational clients. The Belgian team continuously develops innovative processes and methodologies to improve the delivery of legal services to its clients, as well as the internal organisation of its clients. The whole IPT team is fully dedicated to advising on IT, media and telecommunications matters, acting for both customers (larger users of IT) and large IT vendors, which gives it invaluable insight at both sides of the negotiation table, translating into better, more commercial and more pragmatic advice for its clients.


The metaverse is a term describing a hypothetical, future, enhanced, digital environment where users will be able to move smoothly between several spheres (social, work, leisure, shopping, etc) in one single digital environment. The metaverse could also be seen as the integration of the digital and physical worlds.

In practical terms, the metaverse is an advanced version of the internet that can be accessed through VR headsets, augmented reality appliances and more common devices such as mobile phones and personal computers or laptops. So far, the metaverse is mainly a commercial venture and competition is increasing between major technology companies, all of which are developing their own metaverse offerings.

A term often mentioned alongside the metaverse due to its correlation is “Web3”. The latter has to be seen as the concept of a new, decentralised internet constructed on blockchains or distributed ledgers collectively managed by participants. Although the metaverse and Web3 are different concepts, Web3 technologies can enhance the metaverse experience.

Laws and Regulations

No specific laws for the metaverse have been introduced in Belgium. Accordingly, all general laws and principles that apply to the “real world” by default also apply to the metaverse.

In many situations, the legal framework can be seamlessly applied to the digital context, but there may be situations where existing laws are not always adapted to the reality of the metaverse.

For example, general contract law will apply to the transactions concerning non-fungible tokens (NFTs), intellectual property protects works can be generated and enforced in the metaverse, and companies active in the metaverse will have to comply with data protection and consumer laws. Furthermore, all criminal law provisions will also apply to offences committed in the metaverse.

According to established case law relating to online disputes, Belgian law will apply to websites which envisage a public in the Belgian territory.

Key Legal Challenges

A select number of key legal challenges are outlined below.

Intellectual property rights

The enforcement of intellectual property rights in the metaverse may lead to practical difficulties and challenges, just as it has been in the past for Web 1.0 and Web 2.0 disputes. Therefore, it will be important for businesses to actively monitor the metaverse for possible infringements.

One of the questions that will arise is which jurisdiction will be competent to examine infringement claims that might take place in the metaverse, as the metaverse does not belong to a concrete jurisdiction and as it may be difficult to identify the real identity of the infringer.

Data protection and cybersecurity

Lots of personal data will be processed in the metaverse. This will range from traditional types of personal data to the tracking of movements and activities in the metaverse. Given the cross-border character of the metaverse, many different data protection laws may need to be taken into account when processing personal data.

Book XII of the Belgian Code on Economic Law is dedicated to regulating the digital economy. This includes the Belgian implementation of the Directive on electronic commerce.

New Belgian laws, impacting Book XII, are however to be expected, given the entry into force of the EU Digital Markets Act (DMA) (Regulation 2022/1925) and the EU Digital Services Act (DSA) (Regulation 2022/2065), respectively on 1 November and 16 November 2022.

The DSA establishes a new standard for the accountability of online platforms regarding illegal and harmful content, which is to be transposed in national law. In addition, it includes provisions – which are already operational – related to the transparency obligations of online platforms and the identification of very large online platforms (VLOPs) and very large online search engines (VLOSEs).

Essential for the transposition of this regime into Belgian law is the implementation of three key measures. Firstly, the draft federal law must be introduced to enact the DSA, assigning duties to the Belgian Institute for Postal Services and Telecommunications (BIPT/IBPT) – acting as both the federal competent authority and the Digital Services Co-ordinator – regarding the oversight of DSA-provisions falling under federal jurisdiction. Concurrently, decrees at the level of the federated entities are necessary to appoint their respective competent authorities responsible for supervising provisions within their jurisdictional purview. Additionally, fostering collaboration between the federal government and communities is imperative. This collaboration would involve establishing a comprehensive agreement delineating various aspects such as the designation of the BIPT as the DSC, clarification of roles for competent supervisory authorities and the DSC, formulation of frameworks for co-operation and information exchange among competent authorities concerning the DSA, and arrangements for Belgium’s representation within the broader European digital services sphere.

The DMA, in turn, targets online platforms which qualify as “gatekeepers” and therefore create a bottleneck in the digital economy, and is applicable as from 2 May 2023.

The designation of the first organisations as “gatekeepers” by the European Commission happened in September 2023. Regulating these platforms will enhance competition and create a fairer business environment for businesses who depend on gatekeepers.

Laws and Regulations

As there are no contracting laws specifically tailored to cloud and edge computing contracts in Belgium, general contract law applies to such contracts (eg, consumer laws, and specific laws for certain kinds of contracts). Contractual arrangements thus need to be heavily relied on in order to cover issues not dealt with under traditional contract law, or dealt with in a way that is not readily applicable to cloud and edge computing. In addition to contract law, a number of other laws and regulations also apply to specific issues or aspects of cloud solutions.

The Directive of 2016 on Security of Network and Information Systems (the “NIS-1 Directive”) (Directive 2016/1148) mainly aims to strengthen critical infrastructure in the EU, but also contains provisions regarding cloud computing. Providers of critical infrastructure have to comply with the (national implementation of the) security requirements of the NIS-1 Directive – ie, the requirement to adopt appropriate security measures.

This NIS-1 Directive was transposed into Belgian law through the Belgian NIS Act of 7 April 2019 (the “NIS Act”), and its executing Royal Decree of 12 July 2019. On 16 December 2020, the European legislator presented a new cybersecurity strategy, following which in 2022 a new Directive on measures for high common level of cybersecurity across the Union (the “NIS-2 Directive") (Directive 2022/2555), and a new Directive on the resilience of critical entities have been adopted. Time-wise, the Belgian government has until 17 October 2024 to transpose both directives into national legislation and to adopt and publish all measures necessary for compliance.

The Belgian authorities, specifically the Centre for Cybersecurity Belgium (CCB), are keen on expediting the publication of the Belgian law for the transposition of the NIS-2 Directive, aiming to provide clarity to relevant entities well before that deadline. The Belgian Council of Ministers has already prepared a proposal for an implementing act and accompanying implementation decree, which are still to go through the entire legislation formation process.

Regulations in Specific Industries

To date, there are few sector-specific rules in Belgium in relation to cloud services, as several sectors have rules in relation to outsourcing in general (eg, in the banking and insurance sector).

In 2019, for instance, the National Bank of Belgium (NBB) issued a circular on outsourcing arrangements (the “Circular”) that applies to a wide number of financial institutions. With the Circular, the NBB has fully integrated the European Bank Authority Guidelines on outsourcing arrangements of 25 February 2019 (the “EBA Guidelines”) (EBA Guidelines 2019/02) into its supervisory practices.

In order to be compliant, financial institutions wishing to outsource part of their activities must, among other things, ensure that the outsourcing contract provides for a range of obligations and must submit a file to the regulator in certain circumstances. Similar but more strict obligations exist for (re)insurance companies.

As of 16 January 2023, the first major EU-wide legislation treating digital resilience entered into force, being the Digital Operations Resilience Act for the Financial sector (DORA) (Regulation 2022/2554). Its purpose is to establish uniform standards for ICT risk mitigation across all EU financial entities, more particular establishing a framework for ICT risk management, incident reporting, operational resilience testing and third-party ICT risk monitoring.

DORA goes beyond the scope of the previously mentioned EBA Guidelines (which it will replace), addressing both personnel and material aspects, and isis designed to ensure digital operational resilience throughout the entire financial ecosystem. Consequently, a broader range of financial entities as well as ICT service providers (including cloud service providers) will need to adhere to the DORA conditions.

Furthermore, DORA sets forth requirements that emphasise the establishment of strategies, frameworks, and governing processes essential for achieving digital operational resilience.

Processing of Personal Data

The General Data Protection Regulation (the GDPR) (Regulation 2016/679) is applicable to all processing of personal data. To the extent that the data uploaded by an organisation includes personal data, the GDPR will also be applicable to cloud solutions and will have to be taken into account by both cloud providers and users. Certain obligations and restrictions under the GDPR can be especially problematic with regard to cloud solutions (eg, data transfers to third countries – as mentioned further below). 

For instance, the GDPR prohibits data transfers to third countries without either being able to rely on an adequacy finding issued for the third country by the European Commission (eg, Japan, Switzerland, and New Zealand) or having provided appropriate safeguards (eg, binding corporate rules, standard contractual clauses, an approved code of conduct or certification mechanism). If a cloud provider has data centres in such third countries, this requirement should therefore be taken into account.

According to the GDPR, the transfer of data subject to data protection outside the European Union must not compromise the level of protection guaranteed by the GDPR for natural persons. Data transfers to a third country or international organisation are permissible when the European Commission determines that the third country, specific sectors within that country, or the international organisation ensures an adequate level of protection.

A list of countries with such adequacy decisions is available. On 10 July 2023, the European Commission approved a new adequacy decision for the United States, known as the “EU–US Data Privacy Framework”, in the wake of the Schrems-decisions taken by the CJEU in the past. The new framework aims to facilitate data export to organisations on the “Data Privacy Framework List” without the need for transfer instruments outlined in Article 46 of the GDPR. Data controllers transferring personal data to organisations not on the list must still use necessary transfer instruments, as stipulated in the GDPR, to ensure an appropriate level of protection, such as model contract clauses or binding corporate rules (EDPB recommendations 01/2020).

Additionally, the decision outlines remedies available to individuals whose data is transferred to the United States under the adequacy decision, should they believe the involved organisation in the US is not adhering to the Data Privacy Framework. This adequacy decision follows the invalidation of two previous decisions, Safe Harbour and Privacy Shield, by the Court of Justice of the European Union in the “Schrems I” and “Schrems II” rulings.

For Belgian businesses and organisations involved in cross-border data exchanges with the United States, this framework streamlines the process of transferring personal data without the need for additional safeguards such as Standard Contractual Clauses or Binding Corporate Rules. This simplification can lead to increased efficiency and reduced administrative burdens for Belgian companies engaging in international collaborations, data sharing, or utilising cloud services hosted in the United States.

Additionally, Belgian individuals benefit from enhanced privacy protections when their data is transferred to the United States under the EU–US Data Privacy Framework. They have specific legal remedies available if they believe that a US-based organisation is not complying with the provisions of the Data Privacy Framework, providing an added layer of security and control over their personal information.

Another privacy-related topic can be found in the fact that in cloud computing situations, where cloud service providers come into play, the obligation to notify data breaches to both data subjects and data protection authorities typically requires more extensive involvement of the provider than in the case of merely local IT solutions, given the typically greater reliance on the former.

In cloud computing contracts, other aspects have to be carefully planned, such as the question of return or destruction of personal data, and the question of liability of the provider. In this respect, during the month of July 2023, the working group on Switching Cloud Providers and Porting Data (SWIPO) presented its Converged Code of Conduct for cloud services. Since the Data Act is in force as of January 2024, SWIPO plans to update its third Code of Conduct to address the necessary requirements set forth in the Data Act and help ensure compliance with the anticipated provisions relating to porting and switching between data processing services. Once amended, SWIPO anticipates that the Code will be eligible to be listed in the “Cloud Rule Book” as a Data Act implementation tool.

Laws and Regulations

Artificial intelligence will be governed under an array of laws and regulations.

Legal challenges


As one of the characteristics of AI is that it can take decisions with a degree of autonomy, the question of liability (“Who is responsible when an AI system causes damage or breaches the law?”) quickly emerged. In this respect, the European Parliament adopted a resolution with recommendations to the Commission on a civil liability regime for artificial intelligence on 20 October 2020 in which it stated that there is no need for a complete revision of liability regimes, but that the capacity of self-learning and the potential autonomy of Al-systems requires specific and co-ordinated adjustments to the liability regimes. The European Parliament also emphasised that the new common rules for Al-systems should take the form of a regulation.

On 8 December 2023, the European Parliament and the Council reached a provisional political agreement on the key points of the regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (the “Artificial Intelligence Act”). The draft Artificial Intelligence Act contains a tiering of regulatory requirements depending on the inherent risk associated with the Al system that is being used – namely (i) prohibited Al practices, (ii) high-risk Al systems, and (iii) low-risk Al systems. High-risk Al systems are permitted provided the strict controls set out in the regulation to mitigate the risks are in place. Key regulatory controls on high-risk Al systems include the obligation to maintain a risk management system, complete and up-to-date technical documentation, designed to allow for effective human oversight and to ensure an appropriate level of accuracy, robustness and security. Different obligations will apply depending on the role of a party in the AI system’s supply chain, including requirements applicable to providers as well as to deployers (ie, the users) of the AI system.

The question whether foundation models and/or general purpose AI systems need to be specifically regulated was a major point of discussion in the trilogue negotiations. The Commission’s proposal of April 2021 did not include specific rules for foundation models or general purpose AI systems. However, with the notable market entry of several powerful general purpose AI systems since the initial proposal was published, these discussions became highly relevant. The draft Artificial Intelligence Act now contains dedicated obligations for “general purpose AI models” which are stricter depending on whether such models are considered to present “systemic risk”.

After formal adoption and official publication of the draft Artificial Intelligence Act, this Regulation is expected to enter into force in the first half of 2024, following which it will gradually enter into application. All prohibited systems will need to be phased out within six months. The majority of the other requirements will then become applicable 24 months after the entry into force.

Additionally, the Commission has published a proposal for an Artificial Intelligence Liability Directive (AILD) on 28 September 2022. The proposed Directive aims at improving the functioning of the internal market by laying down rules for certain non-contractual civil liability for damage caused with the involvement of AI. For now, liability questions regarding Al are still governed by the general liability framework. Regarding non-contractual liability, Belgian law sets out three conditions that need to be fulfilled for liability to be attributable to a party: fault, damage and a causal link between the two. The burden of proof lies with the claimant. Where an AI system causes harm, however, it may be difficult to determine with precision which action or inaction led to the breach or damage and whether it was a “fault”.

It remains to be seen whether non-compliance with (some of) the obligations set out in the Artificial Intelligence Act will contribute/lead to the determination that the supplier/user has made a “fault”. The AILD would introduce a rebuttable presumption of causality in the case of fault – ie, the lack of compliance with a duty of care under the AI Act, or any other EU or national law.

Given the current legal uncertainty, organisations working on projects involving AI systems must carefully regulate liability in their contractual arrangements, including matters that have an indirect impact on liability (eg, applicable law and choice of jurisdiction).

Data protection

AI systems process vast quantities of data, including personal data in most cases. In accordance with the requirements of the GDPR, key requirements such as data minimisation and privacy by design have to be taken into account when creating or working with AI systems in Belgium.

Intellectual property

Most relevant in this respect is copyright. The conditions of copyright – namely a “work” that is “original” – have been interpreted by the CJEU and are, to a certain extent, similarly applied throughout the EU. This means that the same issues will be faced by all the countries in the EU – for example, “who will be the author when an AI system makes a work of art?”

The first component of originality, also known as the “objective component”, holds that the work must be the result of an intellectual creation. The second component, known as the “personality requirement” or “subjective component of originality”, holds that a personal touch must be given to the work in order to reach the threshold of originality. From these criteria it can be deduced that human input is a prerequisite for copyright.

As AI systems are not likely to be able to claim copyright protection in the near future, the creator of the AI system (the legal or natural person) should document the process of creation and arrange internal assignment of all IP rights, including copyright, to themselves, following the principle of Belgian property law that “the fruits of a good belong to the owner of the good”.

There is no strict definition of the internet of things (IoT), so for the purpose of this article the collection of devices that have the ability to sense, amass and analyse data, and to communicate through networks will be considered as the IoT.

Data Protection

The first important legal framework that needs to be taken into account is data protection law. Because of the nature and goal of IoT devices (ie, smart mobile applications, smart home units, wearables, home assistants, etc), large amounts of data are being collected and processed, some of which will be considered personal data under the GDPR.

The applicability of this framework has a number of consequences as to how IoT devices should be designed (in particular the overarching principle of privacy by design).


Not all IoT devices and services are organised along the lines of traditional graphical user interfaces, so asking for consent cannot always be worked directly into the functionality. As a result, IoT manufacturers and resellers must think of alternative ways to collect consent, in such a way that it meets the requirements of the GDPR: consent must be freely given, specific, informed and unambiguous.

Data minimisation

The GDPR requires that the personal data used is relevant and limited to what is necessary in relation to the purpose for which it is processed. This is a direct challenge to the data maximalism that is typical of IoT devices and services. One suggested way to keep this balance is “edge computing”, which allows the devices themselves to select the data necessary for processing further down the line.

Data protection impact assessments

In addition to the scenarios provided in the GDPR, the Belgian Data Protection Authority has set out a number of scenarios in which a data protection impact assessment (DPIA) is mandatory, and one of them specifically concerns the deployment of certain kinds of IoT devices – ie, large-scale processing of data generated by devices with sensors sending data over the internet or any another means for the purpose of analysing or predicting individuals’ economic situation, health, preferences or personal interests, reliability or behaviour, localisation or movements.


Cybersecurity is also a major point of attention. Various authorities internationally have expressed concern regarding the security of a lot of IoT devices, as these devices have the potential to enable the misuse of information, unauthorised access or attacks on other systems.

In Belgium, there are no specific minimum-security requirements, but specific sectors have requirements in relation to data breach notifications (eg, telecommunications, critical infrastructure, finance in specific cases) and data protection rules also provide for notification obligations in relation to personal data breaches.

ePrivacy Directive (M2M)

Under the ePrivacy Directive 2002/58/EC (ePD) (Directive 2002/58), a key question is whether machine-to-machine communications (M2M) – eg, the communications between an IoT device and the server of the vendor/service provider – are protected by the ePD’s rule of confidentiality of communications.

This question was not settled based on the wording of the ePD (which refers to “parties” to a communication), or in Belgium based on the wording of the Belgian implementation.

The draft ePrivacy Regulation aims to resolve this by clearly covering IoT services and devices. Current drafts provide for confidentiality of communications, including M2M-interactions, potentially affecting how certain organisations currently use IoT devices.

In 2023, the approval of the ePrivacy Regulation was still not realised, giving rise to uncertainties regarding the future of this proposal.


In the past, many companies developed IoT services or devices with their own independent infrastructure. With the increasing prevalence of IoT devices and services, the issue of interoperability – ie, ensuring seamless communication between devices, networks, and platforms – will naturally come to the forefront. A concrete (and quite literal) example of addressing this need is the introduction of a universal charger for mobile devices, expected to be implemented in 2024. Under these new regulations, consumers will not require a different charger each time they purchase a new device. Instead, they can use a single charger for a variety of small and medium-sized portable electronic devices. This common charger aims to enhance convenience by standardising charging interfaces and fast charging technology, ultimately even leading to a significant reduction in electronic waste.

Within the ongoing efforts to create a European Digital Single Market, the EU has dedicated publications to interoperability architecture for IoT.

While this is not currently a legal requirement, it is highly recommended to consider the question of interoperability with existing services, whether through adopting an open architecture, integrating a third-party architecture (eg, by way of an application programming interface (API)) or making available a software development kit (SDK) for others to use for interoperability.

There are no particular requirements under Belgian law in this respect.

Legal Landscape

European level

In November 2018, the European Parliament adopted a directive concerning audiovisual media services (the “AVMS Directive”) (Directive 2018/1808). and a directive on copyright and related rights in the Digital Single Market (the “DSM Directive”) (Directive 2019/790) in April 2019.

National level

The AVMS Directive has been implemented by the Belgian legislature at four different levels, in four different ways. In Belgium, community-level governments (Flemish, French and German-speaking) are in charge of the regulation of audio–visual media services in their respective territories, based on the place of establishment of the provider. By way of an exception, the federal government has the power to regulate audio–visual media services established in the capital region, Brussels, unless they need to be considered as belonging to the Flemish or French community because of their activities.

The DSM Directive has been transposed in Belgium by a federal Act, changing the Belgian Code of Economic Law with a wide range of relevant topics.

In conclusion, the Belgian legal framework is composed of two federal acts, a Flemish decree, a French decree and a German decree. These acts are not always consistent and therefore it is necessary to check, in practice, which requirements apply depending on the establishment of the service provider.

Main Requirements for Providing Audio–Visual Media Services

Requirements common to linear and non-linear providers

The following requirements are to be considered common to linear and non-linear providers.

  • Prior Declaration and Registration to the Belgian Institute for Postal Services and Telecommunications (BIPT/IBPT). This notification is subject to the payment of a fixed fee. In addition, an annual fee is charged by BIPT. More information on the amount of the fees can be found in the Royal Decree of 7 March 2007 or the BIPT website.
  • For transparency reasons, some information identifying the media provider (the name, the address, the telephone number, etc) should be made available.
  • Audio–visual media services shall be continuously and gradually made increasingly accessible to persons with a visual or hearing disability.
  • There are requirements for audio–visual commercial communications, sponsoring and product placement.
  • There is a prohibition against making available services which incite violence, hatred or terrorism.
  • There is a prohibition against making available services likely to seriously impair the physical, mental or moral development of minors.
  • Online content-sharing service providers must obtain authorisation from right-holders for the public access to copyrighted works uploaded by users. They are also obligated to ensure appropriate remuneration for authors and performers.

Linear providers (eg, TV and broadcasters)

Under Flemish radio and TV broadcasting rules, national, regional, network and local radio broadcasting is subject to prior authorisation (by the Flemish government). For other forms of broadcasting, no authorisation is required, but a notification process applies.

Under the French community decree, radio and regional TV broadcasting is also subject to prior authorisation. Other audio-visual media services in the French community must notify the regulator (Conseil Superieur de l’Audiovisuel – CSA) before they start their activity.

Non-linear providers (eg, on-demand providers)

Promotion of EU works

At least 30% of the catalogues of on-demand audio–visual media service providers must be European works and such works must be given prominence. In addition to this, there are small nuances according to the decrees. In the French decree a gradual increase to reach 40% is encouraged. The Flemish decree also provides a precision in that, of the 30% of European works, a “significant proportion” must be Dutch-speaking. Finally, providers shall, on an annual basis, provide a report on the achievement of the objectives.

Netflix tax

There is a financial contribution obligation (known as the Netflix tax) according to which the media service provider must contribute financially to the production of European works. The French and Dutch Decree provide for a similar mechanism providing for an option between (i) co-producing or pre-purchasing French/Dutch works or (ii) payment to a Dutch/French local fund. However, the federal act does not contain such an obligation. Nor does the German-speaking community, at least for audio–visual media services providers established in the same community or the same member state. External providers, on the other hand, may be subject to this financial contribution obligation.

Video-Sharing Platforms

The scope of the AVMS Directive includes video-sharing platforms, whereby this concept is defined as an economic service whose main purpose, severable section or essential functionality must be to provide programmes, user-generated videos or both, to the general public. The relevant rules are to be found in Article 28b of the AVMS Directive and transposed into the federal act and the respective decrees of the communities.

It should be noted that due to the lack of editorial responsibility of these platforms, it is said that a “light” regime applies to video sharing platforms. Therefore, they are not subject to all the rules in the same way as “true” audio–visual media services, ie, services with editorial control.

They must however take appropriate measures:

  • to protect minors from harmful content which may impair physical, mental or moral development – eg, through age verification systems, reporting and flagging functionalities and parental control systems;
  • to protect the general public from content inciting violence or hatred against a group or member of a group;
  • to protect the general public from content that constitutes a public provocation to commit terrorist offences, child pornography, racism or xenophobia – eg, through adopting appropriate terms and conditions and reporting and flagging functionalities; and
  • to comply with the commercial communication rules (eg, identification principle, sponsorship, and product placement).

The Belgian telecommunication rules, mainly found in the Belgian Act on Electronic Communications, are heavily influenced by EU rules. This has become even more the case since the adoption of the European Electronic Communications Code (the EECC) (Directive 2018/1972), and will be even more so once the EU adopts the long-awaited ePrivacy Regulation. Regarding the latter, however, it remains to be seen if, when and which form it would adopted.

The EECC applies to electronic communications services (ECS) and electronic communication networks (ECN). An electronic communications service is defined as a service, normally provided for remuneration, via electronic communications networks, which encompasses – with the exception of services providing, or exercising editorial control over, content transmitted using electronic communications networks and services – the following types of services:

  • “internet access service” as defined in point (2) of the second paragraph of Article 2 of the Open Internet Regulation (Regulation 2015/2120);
  • interpersonal communications service; and
  • services consisting wholly or mainly in the conveyance of signals such as transmission services used for the provision of machine-to-machine services and for broadcasting.

An “interpersonal communication service” is defined as “a service normally provided for remuneration that enables direct interpersonal and interactive exchange of information via electronic communications networks between a finite number of persons, whereby the persons initiating or participating in the communication determine its recipient(s) and does not include services which enable interpersonal and interactive communication merely as a minor ancillary feature that is intrinsically linked to another service”. As a result of this definition, online services which are functionally equivalent to traditional voice telephony, text messages (SMS) and electronic conveyance services such as voice-over IP, messaging services and web-based email services may also fall under the scope of the EECC. The Belgian draft law transposing the EECC contains identical definitions.

Providers of ECN and ECS are, generally, allowed to carry out their activities in Belgium. Depending on the ECN/ECS that they offer they will have to comply with certain obligations. An example is the notification to the Belgian regulator (BIPT/IBPT) before starting to provide any public ECN/publicly available ECS on the Belgian territory.

Qualification of Contract

Technology agreement is a broad term that can encompass (and combine) several kinds of technology services, such as licensing, maintenance, outsourcing, cloud computing services or even developing of software. When concluding or reviewing a technology agreement, it is important to qualify it appropriately to specify the applicable legal framework. In particular, it is important to check whether the agreement fits within the framework of one (or several) of the legally defined contracts under Belgian law.

The Belgian Civil Code (BCC) names several kinds of agreements, such as construction agreements or commercial agency agreements, and provides both mandatory rules (ie, those from which one cannot deviate by contract) and implied rules (ie, rules that apply when the agreement does not cover that specific issue) that may apply to these kinds of agreements. If an agreement does not fit into the framework of any of the legally regulated contracts, parties enjoy a broad contractual freedom, but must ensure that they regulate all the important aspects in detail to avoid any legal gaps.


An important part of any technology agreement is the set of service levels applicable to the contract, namely the commitment in practice by the supplier or service provider – eg, to a certain percentage of delivery, accuracy, availability, etc, or to responding within a specific number of days or hours to a request or issues. Service level agreements (SLAs) typically apply to the contractual annexes on service levels.

Nature of obligations

The description of these service levels is crucial for their legal classification under Belgian law, which makes a distinction between obligations to attain a specific result (obligation de résultat/resultaatsverbintenis) and “obligations of means” (obligation de moyens/middelenverbintenis), the latter often translated into English as a “(commercially) reasonable effort” obligation.

In the case of a result obligation, the simple failure to reach the result will be viewed as a “fault” (ie, non-performance) that can trigger liability; for obligations of means, however, a higher threshold applies and the party claiming liability must be able to demonstrate that the defaulting party did not do all that was (commercially) reasonable.

SLAs: not just an IT matter

In many companies in Belgium and abroad, SLAs are often drawn up by IT teams without properly taking the actual terms and conditions of the agreement into account. One must ensure that an SLA has been checked or drawn up in consultation with the legal department to avoid legal misunderstandings.

Service levels are presumed to be result obligations, unless stated otherwise in the agreement, but service providers prefer to transform them into obligations of means – for example, by including expressions such as “to the best of its ability” or “strive” in the SLA. In that case, the service provider can only be held liable when non-compliance and fault can be proven by the customer. The customer, on the other hand, will aim for more certainty by using terms such as “ensures” or “result” in the SLA; in which case, the service provider can be held liable if the results and milestones set out in the SLA have not been achieved (except where this is attributable to the customer or to force majeure).


Contracting parties may limit or exclude their liability in an IT services agreement. This can be done by the incorporation of a liability clause or through the wording of the obligations, the inclusion of assumptions and a broad definition of force majeure.

Under Belgian law, it is allowed and generally accepted to exclude a party’s liability for specific losses, on the condition that such exclusions:

  • do not (fully) relieve a party from its liability for fraud, its wilful default (“opzet”/“dol”), its gross negligence or that of its employees or, except in cases of force majeure, for the non-execution of the essential obligations that are the subject of the agreement;
  • do not apply to a party’s liability for death or personal injury caused by negligence;
  • do not lead to a “manifest imbalance” between the rights and obligations of the parties; and/or
  • do not unduly exclude or limit the legal rights of one party in the event of a non-performance or improper performance by the other party of any of its contractual obligations.

As a result, liability clauses typically include caveats in this respect. Should there be none, the entire agreement, or at least the liability clause, could be held void, according to the principle that if any of the terms of a contract prove to be inapplicable or contrary to a mandatory provision of the law, the validity of the entire contract must be examined. The risk of such a discussion can be mitigated by including a “severability” clause, stipulating that if any (part of a) provision is or becomes illegal, invalid or unenforceable, this shall not affect or impair the legality of any other (part of a) provision of the IT services agreement.

Intellectual Property

Intellectual property (IP) plays an important role in IT services agreements. IT services often go hand in hand with the use of pre-existing IP of the supplier, pre-existing IP of the customer and third-party IP. Sometimes an IT services agreement involves the creation of something new which might also be protected by IP.

Contrary to what is often believed, there are various options to divide the IP on a new creation between the parties, ranging from full ownership for the supplier to full ownership for the customer. In an IT outsourcing agreement, the pre-existing IP typically remains with each party, with a form of cross-licensing (each party grants a licence to the other for the use of its own pre-existing IP).

In the case of a software as a service (SaaS) agreement, all IP rights on the SaaS solution are reserved for the SaaS provider, but this party typically grants the customer a non-exclusive, non-transferable, worldwide, limited right to use and access the SaaS solution for internal business purposes.

Step-In Right

A step-in right is a discretionary right for a customer to partially or fully take over services or appoint a third party to deliver services instead of the supplier. The foundations for step-in are in the Civil Code, which case law is interpreted as permitting step-in without prior court intervention, subject to certain cumulative requirements (ie, urgency, a prior determination that there is a contractual breach, a prior notice to remedy the breach, immediate involvement of the third party after expiry of the notice period, and good faith).

The step-in principle is not mandatory law and parties may contractually exclude step-in or alter its conditions by adding scenarios in which step-in is possible (for instance, if the supplier causes material interruption or disruption of services or exceeds service credit levels during a certain period.

B2B Relationships

The Belgian B2B Act regulates several aspects of B2B relationships. In essence, it prohibits:

  • the abuse of economic dependence;
  • misleading and aggressive market practices between companies; and
  • unfair terms (including abusive clauses) in B2B relationships.

In the context of IT services agreements, the most relevant part pertains to unfair terms. The Act foresees a black list (presumed to be unlawful without possibility of rebuttal) and a grey list (presumed to be unlawful until proven otherwise).

The black list targets terms which:

  • provide for an irrevocable commitment on the part of the other party, while the execution of the contract is subject to a condition, the realisation of which is entirely dependent on the will of the other contracting party;
  • give the company the unilateral right to interpret any term of the contract;
  • in the event of a dispute, have the other party waive any right of recourse against the undertaking; or
  • irrefutably establish the knowledge or acceptance of the other party by means of stipulations of which it had no actual knowledge prior to the conclusion of the contract.

The grey list targets, among others, terms which:

  • give the company the right to unilaterally modify the price, characteristics or terms of the contract without a valid reason;
  • unduly exclude or limit the legal rights of one party in the event of total or shared non-performance or improper performance by the other company of any of its contractual obligations;
  • relieve the company from its liability for wilful intent, its gross negligence or that of its employees or, except in cases of force majeure, for the non-execution of the essential obligations that are the subject of the agreement; or
  • in the event of non-performance or delay in performance of the other party’s obligations, determine an amount of compensation which is clearly disproportionate to the prejudice which may be suffered.

New Civil Code

From 1 January 2023, the new Belgian Civil Code applies, introducing a number of modifications that will impact the conclusion of technology agreements. Amongst other things, the new Civil Code foresees:

  • updated rules on pre-contractual liability;
  • a codification of the battle of form doctrine;
  • the legal recognition of the hardship doctrine;
  • the introduction of a right to unilaterally terminate a contract out of court;
  • the introduction of the concept of anticipatory breach; and
  • the introduction of the price reduction as a sanction.

Types of Electronic Signature

Under Belgian law, the electronic execution of contracts can be done using three types of electronic signature, which follows from the eIDAS Regulation (Regulation 910/2014/EU), as incorporated in Book XII of the Belgian Code of Economic Law.

Normal electronic signatures

A (normal) electronic signature is defined broadly as data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign. Examples include a name below an email, a PIN, a password, a scanned signature, symmetric and public key cryptography authentication methods and biometric authentication methods.

A (normal) electronic signature may not be denied legal effectiveness and admissibility as evidence in legal proceedings solely on the grounds that it is in electronic form and not based upon a qualified certificate. This type of electronic signature, however, does not (automatically) receive the same legal effect as a handwritten signature.

Advanced electronic signatures

An advanced electronic signature is defined as an electronic signature which meets the following requirements:

  • (i) it is uniquely linked to the signatory;
  • (ii) it is capable of identifying the signatory;
  • (iii) it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under their sole control; and
  • (iv) it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

In practice, mainly asymmetric public key cryptography (PKI) systems meet the requirements of this definition. It must, however, be emphasised that the legislation does not confer specific legal effectiveness to this type of electronic signature that would be different from (normal) electronic signatures. The main difference between a (normal) electronic signature and an advanced electronic signature is that the latter generally is considered to be more trustworthy, and that consequently more evidential weight is attached to it.

Qualified electronic signatures

A qualified electronic signature is an advanced electronic signature (i–iv) that is (v) created by a qualified electronic signature creation device, and (vi) based on a qualified certificate for electronic signatures. A certificate is an attestation linking electronic signature validation data to a natural person and confirming at least the name or pseudonym of that person. The certificate must contain certain mandatory statements and must have been issued by a qualified certification service provider.

A typical example of a qualified electronic signature is the one placed with a Belgian eID card. A qualified electronic signature is automatically assimilated to and legally presumed to be equivalent to a handwritten signature.

Functional Equivalence and Proving the Existence of an Agreement

In Belgium, the principle of consensualism applies to the validity of contracts. Mutual consensus, even verbally, of both parties is thus sufficient to conclude a valid agreement. In deviation from this principle, the Belgian legislature at times imposes certain formal requirements (such as a signature) for the valid conclusion of a contract. In this regard, the principle of “functional equivalence for formal requirements” applies. This means that any legal or regulatory formal requirement for the valid conclusion of contracts by electronic means is fulfilled if the functional qualities of this requirement are safeguarded (Article XII.15 of the Belgian Code of Economic Law). Thus, if some “writing” or a “signature” would be required for the valid conclusion of a contract or an electronic contract, an electronic signature (regardless the type) will suffice.

In certain circumstances, Belgian law, however, deviates from this principle of “functional equivalence for formal requirements”. For example, within employment law, only a handwritten signature or the equivalent qualified electronic signature can be used. The same applies for a tender in the context of public procurement law.

Furthermore, it is relevant to emphasise that there is a difference between concluding a valid agreement (as described above) and being able to enforce that agreement by proving its existence and contents, which is subject to specific requirements.

For example in a B2B environment, the Belgian law of evidence (incorporated in Book 8 of the new Civil Code), specifies that evidence between and against businesses relies on a free system of evidence. Consequently, the evidence of the existence of a contract in a B2B context may be given by electronically signed contracts. In this regard, courts will grant legal effect to electronically signed contracts as soon as two legal conditions are met. Firstly, as to the document itself, the writing must consist of “a set of alphabetical characters or of any other comprehensible signs affixed to a medium which allows access to it for a period of time appropriate to the purpose for which the information may be used and protects its integrity, whatever the medium and the means of transmission”. Secondly, the signature must consist of “a sign or a sequence of signs by which a person identifies himself and which indicates his intention”.

Digital Identity Schemes

While the eIDAS Regulation was ground-breaking at the time, the Regulation also included important gaps and is generally considered not to have been fully exploited in its potential.

Following a review, the European Commission drafted a proposal regarding the framework for a European Digital Identity, which would amend the EU eIDAS Regulation. This framework would introduce the “digital wallet”, which may be provided by public authorities or by private entities recognised by a member state, and which will link a citizen’s national digital identity to other personal attributes (eg, driving licence or bank account). This new framework is expected to provide a major increase of legal security and opportunities for the use of public and private online services within the EU – including in relation to electronic signatures. However, it remains to be seen how much of the proposal will have been amended once it reaches its final form as the draft was rather ambitious.

DLA Piper

Rue aux Laines 70

+32 2 500 15 00

+32 2 500 16 00
Author Business Card

Trends and Developments


EDSON. is an innovative and independent firm with head offices in Brussels. EDSON supports businesses, entrepreneurs and governmental organisations in all areas of Belgian business law. The team also handles challenging and complex EU law matters. EDSON has a focus on helping clients with their hard data, markets, technology, and innovation (DMTI) problems. EDSON is very active in the telecommunications, media and technology industries and assists online ticketing platforms, streaming platforms, video game publishers and developers, print publishers, cartoon producers, offline/online gaming and betting operators, as well as companies and executives in the electronic communications business. Recent representations include litigation for Streamz (leading streaming platform) before the Constitutional Court regarding a newly implemented remuneration right, ECJ litigation for Fifpro (the global union of professional football players), EU-level state aid clearing of a national tax shelter scheme, and negotiation of digital twin-related agreements in various jurisdictions.


Governmental structure

As was the case prior to 2024, Belgium is governed by a centre-left and generally pro-business coalition on the national level.

Like Germany, Belgium is a federal state. Belgium has a hybrid federated level and is composed of:

  • three Communities (Flemish, French and German) that have wide powers over media and cultural matters; and
  • three Regions (Flemish, Brussels and Walloon) that have wide powers over economic matters.

This leads to regional differences in policy, regulation and enforcement practice.

Brussels, the capital of Belgium, is also home to the EU Commission, the EU Parliament, the EU institutions and NATO. This international openness is reflected in the government’s pro-EU stance and the court system’s consistent observance of EU legislation.

Belgium: a stronghold for media and technology

Belgium will remain a location of choice for technology, media and telecommunications and should feature in an investor’s top three list for investments in Europe. Belgium is renowned for its vibrant cultural scene with a deep-rooted tradition of comics (eg, the Smurfs, Tintin), art movies, indie video games, music (eg, Stromae, Angèle) and festivals (eg, Tomorrowland). In the field of technology, Belgium hosts many discrete but highly successful B2B tech companies (eg, Collibra, Odoo), as well as world-leading university faculties in IT, engineering and video game design. The Rijndael algorithm was developed at Leuven University and was identified by the US National Institute of Standards and Technology (NIST) in 2021 as the new Advanced Encryption Standard. With regard to video games, Larian Studios stands out as a key player, having created the very much acclaimed and almost unanimously voted game of the year for 2023, Baldur’s Gate 3.

Wages, taxation and government support

Wages in Belgium in the tech sector are average compared to top tech jurisdictions in North America or Northern Europe. Tax pressure is relatively high, and an automatic wage indexation system has brought about considerable wage increases in 2023. However, in return Belgian companies and the workforce do enjoy robust infrastructure, as well as top-of-the-line education and healthcare systems at very low cost. Also, an increasing number of young tech professionals work as self-employed consultants.

As will be set out in this chapter, Belgium has generous incentive schemes for the creative and technology industries, although some of these have recently been subject to controversy.

A haven for B2B SMEs

Together with the Netherlands and Luxembourg, Belgium is a stable haven for businesses that want to serve international markets in the EU and beyond. It is a politically and economically stable and logistically well-connected hub. What makes Belgium stand out is its high density of universities and research centres, making it a haven for spin-offs and tech- and entertainment-focused SMEs. Tech companies are typically more B2B-oriented, and therefore less well known among the public at large.

No capital gains tax

The absence of capital gains tax for private individuals in Belgium is noteworthy. Entrepreneurs that sell their shares in the framework of a full or partial exit are taxed 0% on the proceeds. This has helped a generation of young serial entrepreneurs to found or scale a business, exit and immediately reinvest in the next venture. There is also a visible trend of entrepreneurs relocating to Belgium for this reason.

Stimulating growth with the Innovation Income Deduction

Belgium fosters an innovative environment coupled with a compelling fiscal incentive for businesses through the so-called Innovation Income Deduction. This allows companies to deduct up to 85% of their net innovation income (ie, income derived from intellectual property (IP)) from the taxable base, resulting in a corporate taxation as low as 3.75%. This trend supports a forward-thinking strategy by boosting Belgium’s competitiveness in the global innovation area with IP-rich companies.

New Opportunities in Government-Backed Digitalisation and E-Authentication Markets

Belgium has historically been a forerunner in e-government and e-authentication. The EU regulatory framework (eg, eIDAS) has been swiftly and correctly implemented. The government-backed and partly privately owned “itsme” remote authentication app now allows Belgian citizens to authenticate and pay online, file tax declarations, obtain pension calculations, lodge court documents and access notarial documents in a digital vault – all from their smartphone.

Concerns have arisen around the dominance of “itsme”. In 2024 a continued push for alternative technologies is expected. Some are currently under development - both in the private sector and within government. Legal activity is expected to proliferate in this area around matters of compliance, competition and state aid.

In 2024, a rise is forecast in automated negotiation and termination solutions that build on the existing e-authentication infrastructure. A notable trend is the strategic acquisition and collaboration of advanced authentication firms by identity platforms. This emphasises the need to focus on enhancing security through advanced multi-factor authentication systems, as demonstrated with the acquisition of “nextAuth” by itsme”. The need for growing safe e-identification techniques is continuous, especially in government programmes, showcasing that it is important to have strong cybersecurity plans in the digital sphere.

Movement in a Mature VHCN Market, Accelerated 5G Network Roll-Out for Enterprises and Cities, and Increased Competition in the Retail E-Communications Market

Historically, Belgium has a strong score on very high-capacity networks (VHCNs) with very high-speed digital subscriber lines (VDSL) and coax cable being available virtually everywhere. Arguably precisely because of this pre-existing infrastructure, fibre initiatives have started late. As a result, the fibre-to-the-home (FTTH) roll-out is among the lowest in Europe, with incumbent operators now making efforts to catch up. A VHCN-map (see here) can be consulted on the regulator’s website. 5G roll-out in Belgium is steadily increasing – even in Brussels, which used to be a historic pain point.

A significant change in Belgium’s telecommunications landscape is anticipated in 2024 with the arrival of DIGI Belgium, the nation’s fourth mobile operator. A joint venture company, DIGI Belgium is the fruit of a collaboration between the Belgian local network player Citymesh and the Romanian operator DIGI. This new player will use the incumbent Proximus network to provide SIM cards and subscription services, while also developing its own network. DIGI Belgium is set to acquire 400 mobile sites from Proximus as part of the ongoing network consolidation. After the bankruptcy of EDPNet at the end of 2022, another factor to be reckoned with is the acquisition of EDPNet by Citymesh.

Legal activity, including court action, can be expected both on the wholesale and on the retail front as a result of these developments. This will range from regulatory and market practices claims between competitors to discussion over non-compete clauses and trade secrets. An illustration of this trend is the EUR1 million fine imposed by the Belgian Institute for Postal Services and Communications (BIPT) on Telenet because of non-compliance with the Easy Switch procedures. This penalty may serve as an indicator of more stringent regulatory enforcement.

Hardware is Hot


The Belgian telecommunications regulator is very insistent on strict respect of the EU regulatory framework regarding terminal equipment and devices. As a result, and despite some small clarifications and improvements in the Commission’s Blue Guide and legal initiatives being underway on the right to repair, continued complications can be expected in 2024 for the refurbished industry. Although the Belgian regulator is vocal on the EU level and pushes for an adapted set of rules, it remains rigid in the day-to-day application of current rules. Continued seizures and inspections are expected at the wholesale and retail level.

Local networks, repeaters and terminal equipment

In the same vein and in the wake of the “All Communication” court litigation back in 2020, litigation in the area of local network repeaters is poised to continue, as businesses (eg, retailers) attempt to achieve indoor coverage, meeting opposition from the Belgian regulator and from incumbent operators.

Developments in Personal Data Protection

Internal DPA organisation

Having lost two key senior members in 2022, the Belgian Data Protection Authority (DPA) now has a full director committee. The last two out of five directors of the DPA started their mandate in July 2023.

DPA enforcement highlights

On the enforcement side, an increase in activity is expected, and businesses are recommended to carefully revise and audit their data flows and processes.

In 2022, the DPA published several decisions regarding the main Belgian media websites’ use of cookies. Most cases ended up being settled. In 2023, the DPA reaffirmed that cookies would remain one of its main priorities: it published a checklist on the correct use of cookies and made several new settlements with Belgian media websites concerning their use of cookies. The DPA is also expected to enforce compliance with regard to cookies in 2024. Companies should therefore review their cookies policy, with the help of specialised experts.

In 2023, the DPA imposed a number of “smaller” fines on companies or individuals that were found to be in violation of the General Data Protection Regulation (GDPR), not amounting to more than EUR40,000. However, in early 2024 the DPA imposed a EUR174,640 fine on an agency that collected and brokered data on a large scale, by providing “data quality” services, without legitimate purpose, and by retaining this data over a period of 15 years without informing the data subjects accordingly. The DPA is expected to continue investigating data brokers in 2024.

In 2023, the DPA wished to support and emphasise the role of the data protection officer (DPO) as its “ally” when investigating companies. This emphasis on the role of the DPO will most certainly continue for 2024.

In February 2022, the DPA fined IAB Europe EUR250,000 for its Transparency and Consent Framework (TCF), which was held to be GDPR non-compliant. This decision has broad impact, considering the widespread use of the TCF to facilitate the management of users’ preferences for online personalised advertising. IAB Europe appealed the decision before the Brussels Market Court, which consequently referred preliminary questions to the European Court of Justice. The hearing of the case (C-604/22) took place in September 2023. The judgment is expected in H1 of 2024. 

Judicial review

In May 2023, the DPA prohibited the transfer of tax data of Belgian Accidental Americans to the USA as per the international Foreign Account Tax Compliance Act (FATCA) agreement, considering that the FATCA did not respect several GDPR principles (namely the purpose limitation, and the principles of proportionality and data minimisation) and that it did not contain appropriate safeguards for data transfers outside the EU.

The Brussels Market Court (which has jurisdiction over the review of DPA decisions) annulled the DPA’s decision on 20 December 2023, on the grounds that the decision of the DPA (inter alia) lacked the necessary justification. The DPA will have to issue a new decision on the FATCA’s compliance with the GDPR. The DPA may revise its opinion due to the adoption, in 2023, of the adequacy decision for the EU-US Data Privacy Framework by the European Commission and its judicial review by the European Court of Justice.

Developments in (Government) Data Access

Access to government data

The revised Data Governance Act entered into force in September 2023, and will have consequences for data access in 2024 and beyond, in particular regarding geospatial and location data, health data and environment data. The updated Public Sector Information (PSI) Directive, together with the Digital Markets Act, created a push for data access from governments and gatekeepers, which will persist in 2024.

Public access to documents

As regards media access to documents, Belgian newspapers continue to participate in multinational investigative journalism initiatives. There have been a number of favourable EU Ombudsman decisions supporting investigative access to document requests, with the Ombudsman taking a courageously strong stance against the EU Commission. This trend is expected to continue in 2024.

Gig Platforms Under Less Pressure – Law and Behold for Non-compliant Subcontractors

Employed or self-employed?

As opposed to neighbouring countries, Belgium did not see the re-classification of gig workers from independent contractors to employees. In 2021 and 2022, the Brussels Labour Court of First Instance held that both Uber and Deliveroo workers were self-employed. In 2024, legislative initiatives are anticipated to improve the situation of gig workers and to provide clear criteria on their self-employed or employed status. These criteria would, at first sight, allow a number of gig platforms to continue their current mode of operations.

Compliance by subcontractors

While the gig economy is largely left alone by the Belgian court system, there has been a sharp crackdown by government inspection services on subcontractors in the telecommunications space (working on FTTH). In 2024, prime contractors or subcontractors should ensure that, further down the contracting chain, labour and safety regulations are complied with as they may in some circumstances be held liable for downstream violations of the law.

Beware of Fair and Appropriate Remuneration

Implementation of Article 18 DSM Directive

Over the summer of 2022, the Belgian legislature adopted an Act implementing the DSM Directive. The Act lays down an inalienable right to a fair and appropriate remuneration in favour of authors and performing artists that license or transfer their rights in an “exploitation agreement”. The Act further allows for an audit right and a judicial review of contractual remuneration clauses.

Unanswered questions

The media and technology industries have many unanswered questions on the exact scope of these provisions. Businesses are still assessing the impact of these provisions on their contracts, and how to comply with audit requests. Audit requests and claims for judicial review of remuneration clauses are expected in 2024.

Streaming and Online Content-Sharing Platforms Need to Pay a Remuneration Right

Constitutional Court litigation ongoing

Although Articles 17 and 18 of the DSM Directive do not foresee this, the above-mentioned implementing act also sets up a remuneration right in favour of authors and performing artists that have contributed to audio-visual works (which in Belgium is generally understood to comprise music, film and video games). The remuneration right is to be paid by streaming service providers (SSPs) and online content-sharing service providers (OCSSPs). Belgium’s leading streaming platform Streamz, together with international players such as Google, Meta, Spotify and Sony Music, have applied for the annulment of this remuneration right with Belgium’s Constitutional Court. Collecting societies have also joined the procedure, as has the video games industry, represented by several of its associations. A decision is expected in the course of 2024.

Silence before the storm

The aforementioned court case will be followed with interest by observers both in Belgium and abroad, as court cases are also pending in other EU jurisdictions. For now, Belgium’s collecting societies seem to have adopted a waiting pattern until the Constitutional Court sheds light on the validity of the new remuneration right.

Cloud and Schrems II – the Story Continues

Risky data export business

Since Schrems II, there was no substantial change for European businesses up until halfway through 2023, when the European Commission issued a new adequacy decision for the EU-US. Data Privacy Framework. The European Union recognises that the level of protection offered by the United States for personal data transferred from the EU to the USA is proportionate to European standards. Through this adequacy decision, new binding safeguards were introduced, announcing concerns raised by the European Court of Justice including limitations on access to EU data by US intelligence services and the establishment of the Data Protection Review Court available to EU individuals. Ensuring a thorough framework for transatlantic data flow, EU individuals obtain recourse procedures for mishandling of their data, and US businesses can join the framework through numerous privacy obligation commitments.   

Schrems III?

The question of how durable the adequacy decision will be is bound to be settled by the CJEU in the last months of 2024 or in early 2025. The EU-US Data Privacy Framework is expected to be under attack owing to enduring concerns over widespread surveillance practices by the US government, and the credibility of the Data Protection Review Court in processing complaints.

Tax Shelters, Attractive Remuneration Schemes for the Creative Industry, Uncertainty for the Software Industry

Tax shelters remain attractive

The Belgian audio-visual tax shelter scheme, famed for having boosted local film production, has now been extended to the production of video games, and EDSON is proud to have assisted the video games industry in this effort. The “cultural test” criterion has been implemented in a pragmatic way, and key governmental players at both the federal and federated level collaborate well in making the tax shelter a success.

Belgium also maintains an attractive tax shelter scheme for start-ups, with personal income tax reductions of 30%–45% for capital investments in start-ups or crowdfunding platforms.

In addition, regional organisations such as Wallimage and VAF continue to provide interesting funding schemes to the video games industry.

Copyright remuneration scheme for the creative industry

The highly attractive Belgian copyright remuneration scheme remains in place for “artistic and literary” authors such as novelists, screenwriters and composers. They will continue to be able to pay out a substantial part of their remuneration as a copyright royalty, officially taxed at 15% and (thanks to deductibles) effectively taxed at approximately 7.5%–12%.

Designers and other creatives in the video games industry will still be eligible for this tax scheme. The same scheme should also remain available to coders and software developers contributing to video games – despite the legal reform discussed below.

Uncertainty for the software industry

Tax legislation was adopted at the end of 2022 with the intention of excluding “non-artistic and non-literary” authors such as architects, lawyers and software developers. According to government sources, they will no longer be entitled to benefit from the above copyright remuneration scheme. However, the last word has not been said on this matter. There is a pending annulment procedure before the Constitutional Court, introduced by a number of software companies. The decision of the Court is expected to be issued in 2024. In the meantime, the tax administration has issued rulings declining software developers and engineers the benefit of the copyright remuneration scheme, on the (highly questionable) basis that software is not an artistic and literary work within the meaning of Belgian copyright law.


In the area of e-fulfilment, there has been a surge of Belgian and foreign businesses outsourcing their Western-European logistics operations to Belgium-based fulfilment partners (for instance, BME), especially after the experience during COVID-19 showed that large marketplaces such as Amazon favour their own products’ logistics over third-party products.

In 2024, in the e-fulfilment arena, increased attention is also expected to be directed at the liability aspects around storing and shipping products that are regulated differently between EU member states. Increased attention is also expected regarding the validity and enforceability of fuel surcharges and price indexations.

New Rules Underway for Gaming Sponsoring

The year 2023 witnessed significant developments in the realm of advertising for games of chance, spanning both licensed and unlicensed domains. The government issued a controversial Royal Decree on 27 February 2023, introducing stringent conditions for the promotion of licensed games of chance, particularly in the online sphere. This regulatory development has sparked debates within the gambling industry, as stakeholders grapple with the implications of these measures.

In addition, the European Court of Justice delivered a noteworthy judgment on 2 March 2023, addressing the compatibility of the prohibition on advertising in Belgium for gaming establishments located in other member states with the freedom to provide services. Annulment proceedings are currently pending against the Royal Decree of 27 February 2023, and against Article 61 of the Belgian Gaming Act of 7 May 1999, which serves as a legal basis for the Royal Decree. In addition, a law proposal is currently awaiting the vote of the Belgian Parliament that will introduce a general prohibition on advertising for games of chance in the Gaming Act, with limited exceptions to that prohibition to be adopted by the Belgian government.

Sports and Entertainment Existing Rules Under Fire

The end of 2023 was marked by important litigation in the field of sports, with three decisions from the CJEU regarding the discretionary power of sports federations in preventing alternative competitions and implementing decisions against EU law, among others.

The recent judgments are expected to enhance alternative sports competition in sports events, potentially allowing for new organisers in the scene. National courts may have more autonomy in resolving disputes related to EU competition law in the sports context, affecting the choice of dispute resolution mechanisms and diminishing the authority of the Court of Arbitration for Sport.

Further important litigation is underway that may profoundly affect the sports and entertainment industries.

The Court of Appeal of Mons, Belgium has referred questions for a preliminary ruling to the European Court of Justice regarding the validity of FIFA’s transfer system rules. The CJEU’s ruling may impact on the football market, not only in Belgium but in the entire EU. The hearing took place in early 2024, and the judgment is expected to be delivered in the second half of 2024. The authors’ firm represents the French and International Football Players Associations in this litigation.

Finally, Belgium has a very rigid market for resale of tickets for events (concerts, matches, etc). Any resale that is done on a structural basis and/or for a profit is prohibited. The Belgian rules on ticket resale affect the entire ecosystem, ranging from platforms to businesses offering event-related package trips. Various challenges of the Belgian legislation are being addressed. The Court of Appeal of Antwerp already ruled Belgian law to be inapplicable owing to its lack of TRIS-notification before its adoption in 2013. Another case concerning the resale of event tickets is currently pending before the Court of Appeal of Antwerp. The case is to be heard in June 2024.

In addition, in November 2023, the Belgian Parliament adopted several new provisions to the rigid legislation on the resale of tickets for events, granting additional powers to the authorities to make public the details of companies infringing on the ticket resale legislation, and to bargain with said companies by accepting promises to stop their violations or to adopt specific measures. It remains to be seen whether this piece of legislation will be challenged before the Constitutional Court.


Lakensestraat 88
rue de Laeken
1000 Brussels

+32 478 36 82 36
Author Business Card

Law and Practice


DLA Piper UK LLP has a global intellectual property and technology (IPT) group consisting of 60+ offices, around 150 partners and 530+ fee earners in more than 20 countries, constituting the world’s largest IPT team. With over 120 lawyers based in the firm’s office in Brussels and its working hub in Antwerp, DLA Piper in Belgium combines the firm’s global reach with local know-how. More specifically, the IPT team is part of a global, fully integrated group of IPT teams that operate in the markets of greatest importance to the firm’s multinational clients. The Belgian team continuously develops innovative processes and methodologies to improve the delivery of legal services to its clients, as well as the internal organisation of its clients. The whole IPT team is fully dedicated to advising on IT, media and telecommunications matters, acting for both customers (larger users of IT) and large IT vendors, which gives it invaluable insight at both sides of the negotiation table, translating into better, more commercial and more pragmatic advice for its clients.

Trends and Developments


EDSON. is an innovative and independent firm with head offices in Brussels. EDSON supports businesses, entrepreneurs and governmental organisations in all areas of Belgian business law. The team also handles challenging and complex EU law matters. EDSON has a focus on helping clients with their hard data, markets, technology, and innovation (DMTI) problems. EDSON is very active in the telecommunications, media and technology industries and assists online ticketing platforms, streaming platforms, video game publishers and developers, print publishers, cartoon producers, offline/online gaming and betting operators, as well as companies and executives in the electronic communications business. Recent representations include litigation for Streamz (leading streaming platform) before the Constitutional Court regarding a newly implemented remuneration right, ECJ litigation for Fifpro (the global union of professional football players), EU-level state aid clearing of a national tax shelter scheme, and negotiation of digital twin-related agreements in various jurisdictions.

Compare law and practice by selecting locations and topic(s)


Select Topic(s)

loading ...

Please select at least one chapter and one topic to use the compare functionality.