The Belgian Data Protection Authority (BDPA) has told the Belgian tax authority that it cannot lawfully share data with the US under the US-Belgium Intergovernmental Agreement.
In a statement on 24 May 2023, the BDPA said sharing data violates General Data Protection Regulation (GDPR) principles.
This comes several years after a group of Belgian accidental Americans has appealed to the country’s council of state to stop Belgium from complying with the US Foreign Account Tax Compliance Act (Fatca).
The legislation sets out that Americans living overseas, and their foreign financial institutions, are bound to report their personal information to the Internal Revenue Service (IRS) for tax purposes.
But those affected, including the Association of Accidental Americans (AAA), believe the practice to be illegal as they claim it breaches the EU General Data Protection Regulation (GDPR) since they cannot consent to the transfer of their information.
Fabien Lehagre, president of French AAA, said: “It is important that these violations of fundamental rights of European citizens are stopped as they are particularly damaging to accidental Americans, who did not choose to be US citizens. The basic problem is that EU Member states breach their own laws in order to comply with US law.
“We are so happy that finally the Belgian data protection authority is amongst the first authorities, if not the first that has the courage to halt these violations, which is the only logical outcome from a legal perspective. And this just one day before the fifth anniversary of the application of the GDPR.”
The European Data Protection Board called on member states in April 2021 to assess and amend international agreements involving international transfers of personal data.