On 15 January 2026, the Belgian High Court delivered a judgment in proceedings initiated by the Belgian Supervisory Authority, in which it challenged the scope of judicial review exercised by the Market Court over its enforcement decisions. The authority was unsuccessful on both grounds of appeal.

By way of background, the Supervisory Authority had adopted an enforcement decision imposing an administrative fine on the Belgian railways. The company appealed that decision before the Market Court, which reduced the fine to a symbolic amount of 1 EUR.

First, the High Court rejected the Supervisory Authority’s argument that the Market Court may only annul a fine and remit the case to the authority for reconsideration. The High Court instead held that the Market Court has full jurisdiction to review Authority’s decisions and may revise the fines, including by reducing the amount where it finds it to be disproportionate.

Second, the Supervisory Authority contended that the imposition of a symbolic 1 EUR fine was incompatible with the GDPR, on the ground that such a fine could not be regarded as effective, proportionate, and dissuasive within the meaning of Article 83(1) GDPR. The High Court again disagreed, holding that, in appropriate circumstances, a fine of 1 EUR may satisfy those requirements.

The High Court found that there was no need to refer a preliminary question to the Court of Justice of the European Union.

From a practical perspective, this judgment is significant for GDPR enforcement in Belgium because it confirms that appeals before the Market Court can involve a genuine assessment of the proportionality of administrative fines. The Supervisory Authority will have to anticipate that its sanctions may be fully reviewed and, where appropriate, adjusted.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Kristof Van Quathem Kristof Van Quathem

Kristof Van Quathem advises clients on information technology matters and policy, with a focus on data protection, cybercrime and various EU data-related initiatives, such as the Data Act, the AI Act and EHDS.

Kristof has been specializing in this area for over twenty…

Kristof Van Quathem advises clients on information technology matters and policy, with a focus on data protection, cybercrime and various EU data-related initiatives, such as the Data Act, the AI Act and EHDS.

Kristof has been specializing in this area for over twenty years and developed particular experience in the life science and information technology sectors. He counsels clients on government affairs strategies concerning EU lawmaking and their compliance with applicable regulatory frameworks, and has represented clients in non-contentious and contentious matters before data protection authorities, national courts and the Court of the Justice of the EU.

Kristof is admitted to practice in Belgium.

Read more about Kristof Van QuathemEmail
Show more Show less
Virginie de France

Virginie de France is an associate in the Data Privacy and Cybersecurity Practice Group. She advises clients on the full range of EU technology, data protection, and digital regulatory matters. Virginie supports clients with data protection compliance projects, assisting with investigations led by…

Virginie de France is an associate in the Data Privacy and Cybersecurity Practice Group. She advises clients on the full range of EU technology, data protection, and digital regulatory matters. Virginie supports clients with data protection compliance projects, assisting with investigations led by national authorities, and acting in litigation. She also has substantial experience helping organizations meet European and national cybersecurity obligations.

Read more about Virginie de FranceEmail
Show more Show less