Morrison Foerster is an international law firm with lawyers practicing throughout the United States, Asia, and Europe. Click to discover more.

mofo_share_image.jpg

Morrison Foerster

common-default.jpeg

Terms / Notices

Cookies

Privacy Policy

Reporting Hotline

Attorney Advertising

Alumni

  Linkedin

MoFo LinkedIN

  Facebook

MoFo Facebook

YouTube

MoFo Youtube

Morrison Foerster - Footer

Dodging the One-Stop Shop

You have not solved the recaptcha challenge yet or session expired, try again.

Email Disclaimer

Disclaimer

Unsolicited e-mails and information sent to Morrison Foerster will not be considered confidential, may be disclosed to others pursuant to our <a href="https://www.mofo.com/about/privacy-policy.html">Privacy Policy</a>, may not receive a response, and do not create an attorney-client relationship with Morrison Foerster. If you are not already a client of Morrison Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

Feedback

mofo-logo-2022.svg

People

Capabilities

Resources

About

Community

Offices

Careers

Stay Connected

In an article for IAPP “Dodging the One-Stop-Shop”, MoFo’s Lokke Moerel, senior of counsel, and Alex van der Wolk, partner and co-chair of Morrison & Foerster’s Privacy + Data Security practice, discuss the reluctance of the Belgian Data Protection Authority (DPA) to apply the one-stop-shop enforcement mechanism under the EU General Data Protection Regulation (GDPR).

<h3>Sorry, we weren’t able to find the terms you entered.</h3>Please try a different term or keyword.

People

Capabilities

Resources

Not Found Cards

We are Morrison Foerster — a global firm of exceptional credentials. Our clients include some of the largest financial institutions, investment banks, and Fortune 100, technology, and life sciences companies. Our lawyers are committed to achieving innovative and business-minded results for our clients, while preserving the differences that make us stronger.Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Prior results do not guarantee a similar outcome.

About Morrison Foerster

people-default-header-desktop.jpg

people-default-header-mobile.jpg

Default Meta Data

In an article for IAPP, “Dodging the One-Stop Shop,” MoFo’s Lokke Moerel and Alex van der Wolk discuss the reluctance of some EU data protection authorities (DPAs) to apply the one-stop-shop enforcement mechanism under the EU General Data Protection Regulation (GDPR), whereby DPAs are seeking to enforce within their borders despite not being a “lead DPA” on a particular case.While it used the one-stop-shop enforcement mechanism in its decision against IAB Europe, the Belgian DPA has shown a reluctance on several occasions to do so in cases where it does not qualify as the lead DPA. Lokke and Alex discuss a recent decision—labelled by the Belgian DPA as a “decision of principle”—where it declared the one-stop-shop mechanism not applicable: “This decision by the Belgian DPA to circumvent the one-stop-shop is noteworthy as the complaint concerned a ‘cross-border processing’ in the EU and it acknowledged the U.S. search engine provider’s ‘main establishment’ in Ireland. It declared itself competent based on GDPR Article 55(1), which grants a DPA the right to exercise its powers within the territory of its own member state. The Belgian DPA finds the Brussels Court of Appeal is blocking its way by striking down the decision in its entirety due to a lack of adequate motivation.”Read the <a target="_blank" href="https://iapp.org/news/a/dodging-the-one-stop-shop/">IAPP article</a>.

Dodging the One-Stop Shop

Sign Up

<div class="videoWrapper"><iframe class="sticky-video" title="Meet Lokke Moerel, Privacy and Data Security Senior Of Counsel" src="https://www.youtube-nocookie.com/embed/uk873cH6OuE?rel=0" frameborder="0" allow="autoplay; encrypted-media" allowfullscreen="1" title="iframe"></iframe></div>Among the world’s best-known privacy and cybersecurity advisers, Lokke is regularly called upon by some of the most sophisticated multinational organizations to confront their global privacy and ethical challenges. Lokke routinely offers guidance to clients when implementing new technologies and digital business models and assists them with their global cybersecurity incident response and regulatory investigations.An authority on artificial intelligence (AI), big data, and the Internet of things, Lokke has a proven track record helping clients shape complex AI projects that combine global data assets of multinational companies in the healthcare, financial services, technology, and recruitment sectors, with the intricate technologies of tech giants to create next generation AI solutions.Lokke is also a professor of global ICT law at Tilburg University and co-academic director of two Tilburg University professional learning programs, “Big Data: AI & Law” (teaching Algorithmic Accountability) and “Advanced Cyber Security and Governance”. Lokke is a member of the Dutch Cyber Security Council (the independent advisory body of the Dutch cabinet on cybersecurity), a member of the Strategic Advisory Board of the Netherlands AI Coalition and the Dutch Corporate Governance Code Monitoring Committee, and a non-executive board member of several nonprofit organizations.Lokke has practiced law in the Netherlands, London, and Berlin, and is now resident in MoFo’s Amsterdam office. She is a member of MoFo’s Responsible Tech Committee and the Environmental, Social, and Governance (ESG) Steering Committee. Lokke is MoFo’s lead counsel on Binding Corporate Rules (BCR) and has unsurpassed experience advising multinational companies on obtaining their BCR approvals throughout the EU, having authored the leading textbook on BCR published by Oxford University.Lokke is an IAPP Emeritus Fellow and has received many international awards, including the International Law Office Client Choice Award as best Internet & Technology Lawyer 2019 and 2021 and recognition by Global Data Review’s 2022 Women in Data Award for being on the cutting edge of legislation, regulation, and technology around the world.

Lokke Moerel

Senior Of Counsel

<div class="videoWrapper">Alex van der Wolk, managing partner of the firm’s Amsterdam office and chair of Morrison Foerster’s European Data, Cyber + Privacy practice, employs his nearly 20 years of experience to advise global companies on their most complex data strategies and compliance programs governing all aspects of information management. Alex’s clients benefit from his practical approach and global perspective, saying: “he quickly gets to the heart of the issue and provides solid, pragmatic advice based on the experience he has gained,” “in addition to having very strong legal knowledge, he has a commercial understanding and provides great insight in global matters,” and  “Alex is a true privacy expert with the ability to offer practical guidance on complex problems” (Chambers EU).</div>Alex helps clients develop privacy and data strategies at the forefront of their digital and data-driven endeavors, especially those involving new technologies, such as artificial intelligence and the metaverse. He has particular experience assisting clients with structuring their approach to data in specialized areas, such as health-tech, Agtech, and Adtech. Alex is an experienced litigator, representing clients in privacy litigation in Europe, including successfully representing clients in the first class action cases in the Netherlands and the UK. Additionally, Alex is often called upon to head crisis management teams for clients facing investigations by data protection authorities or responding to cybersecurity incidents. He counsels clients on their incident and cyber preparedness and has done significant work advising clients on EU cyber and data regulatory frameworks, such as NIS2, DORA, the Cyber Resilience Act, and the EU Data Act.Notably, Alex was one of the first practitioners in Europe to help companies set up Binding Corporate Rules (BCRs), and since that time has used this deep knowledge to develop a longstanding and unparalleled track record in obtaining regulatory approval for BCRs, both in the EU and in the UK.Alex is a frequent speaker at high-profile international conferences, including IAPP and South by Southwest (SXSW), and is a guest lecturer at the Tilburg Institute for Law, Technology, and Society. He is a Dutch-qualified lawyer and a member of the Amsterdam and Brussels Bars. He speaks fluent English and Dutch.