Belgium: Belgian Data Protection Authority dismissed sixteen complaints across five proceedings initiated by NOYB

On 26 June 2025, the Litigation Chamber of the Belgian Data Protection Authority (APD) dismissed 16 complaints across five cases filed by NOYB, an Austrian privacy advocacy group, on procedural grounds under the General Data Protection Regulation (GDPR). The APD clarified that Belgian law permits associations to lodge complaints only as representatives of identifiable data subjects, not in their own name. The APD noted that NOYB’s complaints involved automated identification of alleged violations, pre-defined organisational projects, and instructed mandates, which the Market Court previously ruled constituted an abuse of rights in a 19 March 2025 decision. While reaffirming the role of privacy organisations in enforcing GDPR compliance, the APD highlighted that the current legal framework prohibits artificially constructed complaints. The APD expressed support for legislative amendments to expand associations’ standing to file complaints autonomously. The dismissed cases (Decisions 106–110/2025) align with prior rulings (22/2024 and 112/2024).