(Source: Court of Justice of the EU)
Under certain conditions, a national supervisory authority may exercise its power to bring any
alleged infringement of the GDPR before a court of a Member State, even though that authority is
not the lead supervisory authority with regard to that processing.
On 11 September 2015, the President of the Belgian Privacy Commission (‘the Privacy
Commission’) brought an action before the Nederlandstalige rechtbank van eerste aanleg Brussel
(Dutch-language Court of First Instance, Brussels, Belgium), seeking an injunction against
Facebook Ireland, Facebook Inc. and Facebook Belgium, aiming to put an end to alleged
infringements of data protection laws by Facebook. Those infringements consisted, inter alia, of the
collection and use of information on the browsing behaviour of Belgian internet users, whether or
not they were Facebook account holders, by means of various technologies, such as cookies,
social plug-ins or pixels.
Full Press Release – 103/2021 : 15 June 2021 – Judgment of the Court of Justice in Case C-645/19