IT, Privacy & Cybersecurity

Our team advises and litigates in the IT legal field on a daily basis, in such matters as transactions for cloud services (SaaS, PaaS, IaaS), the implementation of ERP systems, privacy matters or custom software development. The team has extensive experience in resolving IT-related disputes, whether by mediation or arbitration, or before the public courts.

When it comes to suppliers, we advise IT companies ranging from software developers to cloud service providers, and from hardware suppliers to managed service providers. Our clients on the buyer side operate in a variety of sectors, and are strongly represented in the care/healthcare sector, research & education, and the public sector.

The members of our team have postdoctoral qualifications in the field of privacy, and/or are certified in accordance with CISM (Certified Information Security Manager), CIPP/E (Certified Information Privacy Professional/Europe), CIPM (Certified Information Privacy Manager) and CIPT (Certified Information Privacy Technologist). They assist organisations in privacy compliance processes to ensure timely compliance with privacy legislation and regulations, advise organisations on cooperation and data-sharing, and assist organisations in the event of a data breach.

Managing a data breach is complex and requires specialised knowledge. For example, the scope of the data breach must be established as quickly as possible, statutory reporting obligations must be met in a timely manner, the effects of the incident on contractual agreements with third parties must be identified, and an investigation must be carried out to determine whether and how any damage can be recovered from third parties.

The greatest risk entrepreneurs face currently is that posed by cyber threats. De Clercq is an expert in the broader field of IT law, and has particular expertise in the area of cybersecurity legislation and regulations.

It goes without saying that we’re also happy to help you get ahead in this increasingly important area. Our team is on standby 24/7 for entrepreneurs who have been affected by a cyber attack or other major cyber incident, and will guide them throughout the whole process of managing the incident. Doing this requires both speed and expertise. Our team has a large network of forensic cybersecurity specialists and other consultants who can be called in if necessary.

Lead counsel for cloud services transactions (SaaS, PaaS, IaaS)
Lead counsel for a range of companies and international organisations in relation to multi-million euro transactions, for parties such as Google Cloud, Oracle Cloud, Amazon Web Services, IBM Cloud, Pega Cloud and Microsoft Azure.

Lead counsel in licensing disputes
Lead counsel for a range of companies and international organisations in relation to disputes about licensing terms and conditions and unilateral modification of license metrics, including in matters involving IBM Passport Advantage and Pega Cloud.

Lead counsel for transactions in agile software development
Lead counsel for a range of companies and institutions (on both the buyer and supplier sides) relating to transactions for services in the agile software development area.

Lead counsel in outsourcing en migration processes
Lead counsel for organisations such as a renowned healthcare institution, in the migration of their healthcare and other applications to Microsoft Azure and the outsourcing of the managed services infrastructure.

Lead counsel in compliance processes
Lead counsel in compliance processes for bodies such as fintech companies, airlines and medical SaaS suppliers, in relation to fintech laws and regulations, privacy and security laws and regulations and the Medical Devices Regulation (MDR).

DPIAs and DTIAs
Performing a Data Protection Impact Assessment (DPIA) or Data Transfer Impact Assessment (DTIA) for a variety of IT suppliers and healthcare providers, including with respect to camera surveillance, commissioning healthcare applications, or using American cloud services providers.

Lead counsel in ransomware and CEO fraud
Lead counsel for organisations such as a SaaS supplier, technology company and multiple knowledge institutions and semi-governmental organisations in the wake of a major cyber incident, such as a ransomware attack, CEO fraud, or theft of trade secrets.

Lead counsel in substantive proceedings relating to an agile project
Lead counsel for an IT services provider in a court case relating to a failed agile software development project, which resulted in the plaintiff’s claim of over a million euros being dismissed.

Lead counsel in an international mediation concerning ERP implementation
Lead counsel for a leading European retailer in international mediation proceedings concerning a failed ERP implementation, resulting in damages from both the software supplier and the implementation partner.

Lead counsel in landmark IT arbitration case
Lead counsel for a Dutch government organisation in a historical arbitration case concerning a failed IT project. It resulted in the recovery of tens of millions of euros from the IT supplier for the benefit of the Dutch taxpayer.

Lead counsel in preliminary procurement law proceedings relating to IT
Lead counsel for various IT suppliers and contracting authorities in preliminary procurement law proceedings relating to the intended awarding of a contract for the supply of hardware, software or other IT services.

Lead counsel in IT procurement
Strategic recommendations to a variety of contracting authorities and tendering parties on the drafting of tender documents for IT services or submitting a tender. Most recent examples include the purchase of Microsoft licenses or the tender for the European Commission’s European Digital Identity Wallet (contract value of €26 million).