AI Legislative Guide |
|
Belgium |
|
|
(Europe)
Firm
Liedekerke
Contributors
Sarah van den Brande |
|
| Has specific legislation, final regulations or other formal regulatory guidance addressing the use of AI in your jurisdiction been implemented (vs reliance on existing legislation around IP, cyber, data privacy, etc.)? | Yes. |
| Please provide a short summary of the legislation/regulations/guidance and explain how legislators aim to strike the balance between innovation and regulation. | No legislation has been implemented. With respect to regulatory guidance, the Belgian Data Protection Authority issued a brochure on the interplay between artificial intelligence and Regulation 2016/679 ("GDPR") (“Artificial Intelligence Systems and the GDPR - A Data Protection Perspective”, December 2024, available at https://www.autoriteprotectiondonnees.be/citoyen/themes/intelligence-artificielle-). The aim of the brochure is to clarify the GDPR requirements applicable to AI systems that process personal data, providing stakeholders involved in the development, implementation, and internal governance of AI technologies with guidance and practical insights. Key points include an examination of data protection principles, outlining the core GDPR requirements applicable to AI systems (e.g. lawfulness, fairness, transparency, purpose limitation, data minimization) and the protection of data subjects' rights. The brochure also emphasizes the importance of security, highlighting the need to implement robust technical and organizational measures to protect personal data processed by AI technologies. In addition, it highlights the critical role of human oversight in both the development and operation of AI systems, particularly those that are considered to be high-risk. |
| Which agency regulates the use of AI in your jurisdiction? | There is currently no agency or authority in charge of AI matters in Belgium. In their Joint Opinion 5/2021 of 18 June 2021, the European Data Protection Board ("EDPB") and the European Data Protection Supervisor ("EDPS") consider that data protection authorities should be designated as national supervisory authorities pursuant to Article 59 of the Proposal for an EU AI Act (Article 70 of the current draft). Consequently, it is possible that the Belgian Data Protection Authority (https://www.autoriteprotectiondonnees.be/professionnel) would be designated as the competent authority for the purpose of the EU AI Act. However, to the best of our knowledge, no official information (confirmation or otherwise) has been issued in this regard. This will therefore need to be confirmed in the future. |
AI Legislative Guide
Yes.
No legislation has been implemented.
With respect to regulatory guidance, the Belgian Data Protection Authority issued a brochure on the interplay between artificial intelligence and Regulation 2016/679 ("GDPR") (“Artificial Intelligence Systems and the GDPR - A Data Protection Perspective”, December 2024, available at https://www.autoriteprotectiondonnees.be/citoyen/themes/intelligence-artificielle-).
The aim of the brochure is to clarify the GDPR requirements applicable to AI systems that process personal data, providing stakeholders involved in the development, implementation, and internal governance of AI technologies with guidance and practical insights.
Key points include an examination of data protection principles, outlining the core GDPR requirements applicable to AI systems (e.g. lawfulness, fairness, transparency, purpose limitation, data minimization) and the protection of data subjects' rights. The brochure also emphasizes the importance of security, highlighting the need to implement robust technical and organizational measures to protect personal data processed by AI technologies. In addition, it highlights the critical role of human oversight in both the development and operation of AI systems, particularly those that are considered to be high-risk.
There is currently no agency or authority in charge of AI matters in Belgium.
In their Joint Opinion 5/2021 of 18 June 2021, the European Data Protection Board ("EDPB") and the European Data Protection Supervisor ("EDPS") consider that data protection authorities should be designated as national supervisory authorities pursuant to Article 59 of the Proposal for an EU AI Act (Article 70 of the current draft).
Consequently, it is possible that the Belgian Data Protection Authority (https://www.autoriteprotectiondonnees.be/professionnel) would be designated as the competent authority for the purpose of the EU AI Act. However, to the best of our knowledge, no official information (confirmation or otherwise) has been issued in this regard. This will therefore need to be confirmed in the future.