Our team

The qualification of the to-follow clause in the Dutch co-insurance market

The qualification of the to-follow clause in the Dutch co-insurance market 525 400 Ekelmans Advocaten
Blog eendjes afbeelding (500 x 400 px) (52)
Leestijd: 4 minuten
Lesedauer: 4 Minuten
Reading time: 4 minutes

The Dutch insurance market has a long tradition of co-insurance, where a risk is spread among multiple insurers, each providing coverage for their own percentage. A specific aspect of co-insurance is that it often involves the use of a to-follow clause. This clause binds following insurers to the decisions of the lead insurer; e.g. on the question of whether or not a policy provides coverage. If a leader decides that a policy provides coverage, the following insurers contribute, each for their own percentage in the risk. A to-follow clause thus prevents potential coverage gaps for an insured resulting from different coverage decisions by participating insurers.

To what extent is a following insurer bound by the decisions of a lead insurer

In Dutch case law, the question arises as to what threshold should be used to assess whether a following insurer is bound by a decision of the leading insurer. Such a question often arises from disagreements between a leading insurer and one or more following insurers or between the insured and the following insurer(s).

The extent to which a following insurer is bound by the decisions of a lead insurer used to be subject to the standard of the ‘reasonably acting insurer’. However, in a court ruling dated May 4th 2022, the Amsterdam court ruled that a following insurer is bound by the decision of a leading insurer unless this is unacceptable according to the standards of ‘reasonableness and fairness’, which is a higher threshold.

The case at issue dealt with an alleged error of judgment in claim handling.

A following insurer was sued by the insured’s broker. The broker had paid damages to the insured for the amount of the following insurer’s share. The latter was held, under the to follow clause, to pay damages because the lead insurer had decided to provide coverage. However, the following insurer refused to reimburse that amount to the broker, arguing to the effect that it was not bound by the lead insurer’s coverage decision. The following insurer substantiated its position by pointing to a number of unusually large claims the insured had suffered in 2017. The insured, broker, lead insurer and surveyor must have responded unacceptably inadequately to these damages, the following insurer said. For instance, the following insurer argued that there had to have been insufficient investigation of the damages and, therefore, the lead insurer should not have granted coverage, or at least not without asking further questions. The following insurer claimed to have suffered damages as a result because, based on a to follow clause, it was obliged to follow the lead insurer in its decision to pay damages.

The court ruled that the “reasonable insurer” standard did not apply. The question was whether or not it would be unacceptable by the standards of reasonableness and fairness to bind the following insurer to the leading insurer’s coverage decision. The court thus opted for a stricter threshold than had previously been applied in case law. The reason for this is that if a leader makes an (assessment) error in claim handling and therefore wrongly proceeds to pay damages, testing against the ‘reasonably acting insurer’ standard would negate the benefits of the to-follow clause if a following insurer was allowed to evade payment in such a case. For the insured it would mean that he would have to deal with all insurers that carry his risk individually, each of whom could make their own coverage decision. For the insurers themselves, it would also mean that the efficiency advantage of the to follow clause would disappear, as each following insurer could (and therefore, in fact, should) assess the decision of the lead insurer for correctness.

As mentioned, the ‘unacceptable by standards of reasonableness and fairness’ standard is a higher threshold than that of the ‘reasonably acting insurer’. Therefore, based on this ruling, a leading insurer seems to have more freedom in assessing a claim than before. The mere fact that a leading insurer makes an error of assessment with regard to coverage is, in the court’s view, insufficient to rule that it is unacceptable by the standards of reasonableness and fairness to deem the following insurer liable to pay. That this standard provides a high threshold also follows from the examples given by the court. An example of a situation in which it is unacceptable by the standards of reasonableness and fairness to deem that a following insurer is bound by a decision of the lead insurer is, according to the court, if the insured and lead insurer were to collude fraudulently with the aim of inducing the other insurers to pay damages, or if the decision of the lead insurer was made by bribing an employee of that insurer.


Jessica Roos is specialized in insurance and liability law. She holds a doctorate in insurance law, specifically in the field of coinsurance. Thanks to her previous work experience in the insurance industry, Jessica has an in-depth understanding of the processes that her clients face.

Ekelmans Lawyers strengthens team with Taraneh Riyazi as partner Cassation & Expert Litigation

Ekelmans Lawyers strengthens team with Taraneh Riyazi as partner Cassation & Expert Litigation 525 400 Ekelmans Advocaten
Blog afbeelding (500 x 400 px) (32)
Leestijd: 2 minuten
Lesedauer: 2 Minuten
Reading time: 2 minutes

We are very pleased to announce the arrival of Taraneh Riyazi. She started as a partner at Ekelmans Advocaten on 1 January 2024. She has more than 20 years of experience as a lawyer and is skilled in cassation as well as insurance and liability law. We welcome Taraneh back, as she previously served as senior lawyer in Cassation and Insurance & Liability at our firm.

As a cassation lawyer, Taraneh specialises in conducting civil law proceedings before the Supreme Court and handles cases across the full range of civil law. She also focuses on insurance and liability law.

Thanks to her experience as a lawyer at a major Dutch insurer, she knows the insurance sector from the inside. She advises and litigates in various insurance cases, including fire damage and insurance fraud.

Taraneh is well known for her expertise and entrepreneurial attitude. Clients value her advises on litigation and cassation opportunities. She also publishes regularly in legal journals and is co-author of the Compendium of Insurance Law. Besides her work as a lawyer, Taraneh is a lecturer at various training institutes and a deputy judge at the Amsterdam Court of Appeal.

“Taraneh was previously with our firm where she had already specialised in cassation. She now returns with a wealth of experience in insurance and liability law. This experience combined with her entrepreneurial and goal-oriented attitude make Taraneh a valuable asset to our firm,” says David de Knijff, partner Cassation & Expert Litigation at Ekelmans Advocaten.

Want to read more?

For more information on Taraneh Riyazi, check out her profile on our website.

Thanks to her experience as a lawyer at a major Dutch insurer, she knows the insurance sector from the inside.

NIS2 directive – Network and Information Security Directive 2

NIS2 directive – Network and Information Security Directive 2 525 400 Ekelmans Advocaten
Blog afbeelding (500 x 400 px) (22)
Leestijd: 4 minuten
Lesedauer: 4 Minuten
Reading time: 4 minutes

The NIS2 directive will soon come into force in the Netherlands. It is the successor to NIS Directive and focuses on risks that threaten network and information systems, such as cyber security risks. Organisations covered by the NIS2 directive will have to comply with the duty of care and notification obligations from then on. In this blog, lawyer Anne-Mieke Dumoulin-Siemens discusses what the directive entails, what it means for your organisation and what preparations your organisation can already make.

Cyber security deserves attention

Companies are facing increasing digitalisation and cyber incidents. At EU level, cybersecurity challenges are being addressed with a range of new regulations. For instance, the NIS 2 Directive has been in force for some time. The Network and Information Security Directive 2 (NIS2) aims to improve the cyber security and digital resilience of organisations in EU member states. The NIS2 Directive contains minimum requirements and must be implemented in Dutch legislation by 17 October 2024 at the latest. From that date, sectors designated in the directive must comply with the obligations in the NIS2 directive as they will then be laid down in Dutch legislation.

NIS2 directive has wide scope of application

NIS2 directive applies to a wide range of sectors, such as healthcare, transport and energy providers. Supermarkets, water management companies and digital providers should also prepare for the obligations in the NIS2 directive. The NIS2 directive includes sectors of high criticality and other critical sectors. There are 11 sectors of high criticality: energy, transport, banking, financial market infrastructure, healthcare, drinking water, waste water, digital infrastructure, ICT services management, public administration and space. In addition, the NIS2 directive has seven other critical sectors: postal and courier services, waste management, chemical industry, food industry, manufacturing industry, digital providers, research. Organisations that fall under any of these sectors must implement risk management measures and comply with cybersecurity reporting requirements.

How do you know if your organisation is covered by the NIS2 directive?

The organisation must belong to one of the sectors of high criticality or other critical sectors. In addition, the size of the organisation is important and whether the organisation plays a key role in society. If it turns out that the NIS 2 directive applies, you need to consider whether your organisation is an ‘essential’ or ‘important’ organisation. The Dutch government has prepared an online self-assessment NIS 2 Self-assessment NL (regelhulpenvoorbedrijven.nl). you may wish to use this self-assessment to determine whether the NIS 2 directive applies to your organisation.

What measures are we talking about?

In short, organisations should take appropriate technical, operational and organisational measures to improve their organisation’s cyber security and digital resilience. Organisations should identify cyber risks and adjust the security level of their network and information systems accordingly. For instance, large companies exposed to high risks should take more measures than a small business where the likelihood of an incident with high social and economic impact is small. Cyber security measures should include incident handling, back-up management, supply chain security, cyber hygiene, staff training, access policies and policies to measure the effectiveness of these measures.

What other obligations does the NIS 2 Directive impose?


The NIS 2 directive leaves the responsibility for cyber measures to the directors. The governing bodies of essential and important organisations must approve the security measures taken and oversee their implementation. Directors can be held personally liable for breaches of security obligations. Directors must undergo training to acquire sufficient knowledge to identify cyber risks and assess their consequences.

Reporting obligations/reporting obligation

Essential and important organisations must report without delay any incident that has a significant impact on the provision of its services. This could include incidents that cause or may cause serious operational disruption of services or financial losses to the organisation concerned. Consideration could also be given to incidents that cause or may cause significant material or financial damage to other (legal) persons. An initial notification must be made to the competent authorities within 24 hours, followed by an update no later than 48 hours after the initial notification. Note that reporting is also required if an incident may have significant consequences.

What preparations can organisations make in advance?

The Dutch government is in the process of transposing the NIS2 directive into Dutch law. A bill has not yet been published. At the moment, it is only clear which minimum requirements will have to be met, as these are apparent from the NIS2 directive.

Pending embedding in national legislation, the following steps could be taken:

  • Use the self-assessment NIS 2 Self-assessment NL (regelhulpenvoorbedrijven.nl) to determine whether your organisation falls under the scope of the NIS2 directive.
  • Map to which extent the board meets its governance obligations.
  • Establish the quality of existing technical, operational and organisational security measures, including monitoring mechanisms.
  • Determine whether the organisation can comply with reporting requirements and notification obligations.

Questions or advice on the NIS2 Directive and implementation?

If you need further clarification on the governance obligations or if you have questions on the reporting obligations and notification requirements, please contact Anne-Mieke Dumoulin-Siemens.

Cyber security

Your organisation has a great deal of confidential data. That is not just personal data — increasing amounts of company information are now available electronically as well. All this data is extremely valuable; if it ended up in the wrong hands, this could lead to serious commercial and reputational damage. The lawyers at our Privacy Desk will gladly examine the impact of cyber security on your business operations with you.


A new (temporary) regime for turboliquidation

A new (temporary) regime for turboliquidation 525 400 Ekelmans Advocaten
MicrosoftTeams-image (21)
Leestijd: 4 minuten
Lesedauer: 4 Minuten
Reading time: 4 minutes

Turboliquidation, the process of swiftly winding up a legal entity, only exists in the Netherlands. Directors in countries such as Germany or England do not have this option. Turboliquidation is a coveted tool among ‘Dutch’ directors: as many as 36.456 turboliquidations took place in 2022. However, the landscape is about to change as the (prima facie restrictive) Temporary Turboliquidation Transparency Act is set to come into effect on 15 November 2023.

The quick and easy liquidation of a legal entity will soon be (partially) curtailed. On 14 March 2023, the Dutch Senate approved the Temporary Turboliquidation Transparency Act in response to concerns about fraud in turboliquidations during the corona pandemic. The aim of the law is to provide more transparency to creditors who are currently left in uncertainty following a turboliquidation. The law will be in effect for two years, with the option of a two-year extension, starting from 15 November 2023. With these impending changes, the question arises: Will turboliquidation continue to be an attractive option for the directors of Dutch BV or NV?

Turboliquidation, the process of swiftly winding up a legal entity, only exists in the Netherlands. Directors in countries such as Germany or England do not have this option.

How does turboliquidation currently work?

The current requirements for the turboliquidation of a company are simple. First and foremost, the company must find itself in a situation where it possesses no assets whatsoever—this means no inventory, cash, and outstanding receivables. To achieve this, directors initiate the process of “emptying” the company before proceeding with the turboliquidation. Subsequently, shareholders can pass a resolution of dissolution to officially terminate the company. Normally, in a standard liquidation, the liquidation phase then begins. However, in the case of turboliquidation, this phase is bypassed since the company has already been fully depleted of its assets. Consequently, the company ceases to exist immediately.

What changes for company directors and turboliquidating?

The fundamental requirements for turboliquidating a company remain unchanged. However, the director will now have to undertake additional actions. A mere report of the turboliquidation to the Chamber of Commerce will no longer suffice. Once the new law takes effect, directors must also submit supplementary documents and inform creditors accordingly.

These additional documents include:

  • A balance sheet and a statement of income and expenditure for the year in which the legal entity was dissolved, along with the previous financial year if, at the time of dissolution, annual accounts for that year have not yet been made public.
  • A description of the cause for the lack of benefits.
  • A detailed account of how the company’s income has been monetized and the proceeds distributed.
  • An explanation of the reasons why creditors remained wholly or partially unpaid.

Furthermore, the board is required to file financial statements for any previous financial years if they have not already been submitted. Additionally, the board must duly inform creditors about the filing of these documents with the Chamber of Commerce and inform them that the legal entity has been wound up.
The underlying objective of these obligations is to ensure prompt notification to creditors regarding the liquidation. Failure to fulfill these obligations could result in serious consequences for the board. In such instances, it would be considered an economic offense, subject to penalties that may include up to six months’ imprisonment, community service, or a fine of up to €22,500.

What is creditors are disadvantaged?

In the event that it comes to light that directors have caused harm to one or more creditors during the liquidation process, the court reserves the authority to impose an administration ban on those directors for a period of up to five years. The circumstances warranting such a ban include:

  • Failure of the directors to file the requisite documents with the Chamber of Commerce and neglecting to notify creditors of the ongoing liquidation.
  • Intentional actions taken by the directors prior to the turboliquidation that resulted in prejudice to one or more creditors.
  • Personal culpability of the directors for previous bankruptcy or turboliquidation occurrences, having been involved in such situations twice before.

The turboliquidation remains a useful tool despite the new requirements

The turboliquidation remains a valuable tool despite the introduction of new requirements. While the new law introduces additional obligations, turboliquidation still offers a convenient means to wind up or restructure legal entities. Shareholders should not be deterred by these new requirements, as the legislation primarily targets fraudulent activities and not those shareholders seeking a legitimate and efficient liquidation process.


If your company has a Dutch branch and you are considering restructuring or dissolution, turboliquidation could still be a viable option for you. Should you require more information on turboliquidation or have any other questions related to corporate law, I invite you to reach out for a no-obligation consultation.


Pim Lieffering is a corporate lawyer. He deals with all aspects of corporate law, from drafting and litigating on commercial contracts to advising on mergers and acquisitions. When Pim is asked a question, he always looks at the bigger picture. Because he looks just that little bit further, he regularly surprises his clients with creative solutions.

‘Duplicate Claim Detector (DCD)’ launched by Innovation Platform Verbond van Verzekeraars

‘Duplicate Claim Detector (DCD)’ launched by Innovation Platform Verbond van Verzekeraars 722 550 Ekelmans Advocaten
Blog afbeelding (500 x 400 px) (6)
Leestijd: 2 minuten
Lesedauer: 2 Minuten
Reading time: 2 minutes

Astrid van Noort was present as a speaker at the launch of the ‘Duplicate Claim Detector (DCD)’ by the Innovation Platform of Verbond van Verzekeraars.

Ekelmans Advocaten advised Verbond van Verzekeraars in the development of this Duplicate Claim Detector on a secure and responsible method of data exchange between insurers within the framework of the AVG.

With the Duplicate Claim Detector, an important tool has been developed that helps insurers prevent the payment of duplicate claims and identify potential fraud. Thereby, insurer integrity and risk management are significantly promoted.

Confidential data in good hands

Your organisation processes personal data on a large scale. You need that personal data for your core processes but you also wish to comply with all the rules and protect privacy. These two goals are not always easy to reconcile. Our lawyers can help you here.

When developing new products or services, creative solutions may sometimes be required in order to remain compliant with privacy legislation. The Ekelmans Advocaten Privacy Desk helps you use personal data optimally for commercial purposes while still guaranteeing the privacy of your customers.


Astrid van Noort is partner Insurance & Liability and strategic AVG expert for major insurers. She devises practical, workable and commercially attractive solutions to complex problems. She also specialises in personal injury, income and sickness absence insurance and health insurance.

In memoriam Adriaan de Buck

In memoriam Adriaan de Buck 2560 1804 Ekelmans Advocaten
Adriaan nieuwsbericht2

Our beloved partner and colleague Adriaan de Buck passed away on 21 December 2022. Last August he retired from his Corporate Law practice at Ekelmans Advocaten due to his illness.

Our beloved partner and colleague Adriaan de Buck passed away on 21 December 2022. Last August he retired from his Corporate Law practice at Ekelmans Advocaten due to his illness.

Adriaan was a natural unifier and optimist.
Clients and international partners speak highly of Adriaan commending him for his expertise, commitment and personal approach.
For his expert and entrepreneurial work as a lawyer and partner of our firm, we are grateful to Adriaan.

Working with Adriaan was a pleasure: he had a warm sense of humor and was a great sportsman in so many regards. From 2019, he combined his law practice with the chairmanship of his club, HBS, where he also played football.

Over a year ago, he became ill. Last summer, the whole firm bid him farewell as one of the partners of Ekelmans Advocaten. At that farewell, Adriaan recalled the many memorable times he spent with us in the long time he was part of the firm.

We cherish our fond memories of Adriaan and admire his strength and resilience in battling his  illness. Of special note is Adriaan’s unflagging interest for others, right up to the last moment.

We miss Adriaan and extend our deepest condolences to Margot, Jolein, Bram and Jip.

Netherlands UBO register temporarily closed to public, registration requirement still applies

Netherlands UBO register temporarily closed to public, registration requirement still applies 2560 1920 Ekelmans Advocaten
UBO Letter Initial Logo Design Vector Illustration
Leestijd: 2 minuten
Lesedauer: 2 Minuten
Reading time: 2 minutes

It is not acceptable that random members of the public can request (financial) information about a UBO. This has been ruled by the European Court of Justice. The Netherlands UBO register has therefore been temporarily closed to the public. What does this ruling mean and what are its implications for the UBO register?

Anti-Money Laundering and Terrorist Financing Directive

The UBO register and the obligation to register is based on the European fourth and fifth anti-money laundering directives. This directive aims to combat financial-economic crime. This could include corruption, money laundering, tax evasion, fraud and terrorist financing.

Companies have to register their ultimate beneficial owners in this UBO register. Some of the information (name, month and year of birth, nationality, state of residence, nature and extent of economic interest in the company) was, until recently, accessible to everyone. Anyone could request an extract from the UBO register for a small fee.

European Court ruling on the public nature of the UBO register

In its ruling of 22 November 2022, the European Court of Justice (ECJ) invalidated part of the European rules on the UBO register. According to the Court, public access to information on a UBO constitutes a serious interference with the fundamental rights to respect for private life and protection of personal data. It is not acceptable that random members of the public can obtain (financial) information about a UBO without having an interest related to the purpose of the directive. That is, prevention of money laundering and terrorist financing. UBOs are also particularly at risk because once provided, the data from the UBO register can be freely stored and distributed. The provision in the anti-money laundering directive that information on a UBO must be accessible to every member of the public in all cases is invalid, the Court ruled.

Consequences for the Netherlands UBO register

In the Netherlands, at the request of the Minister of Finance, the Chamber of Commerce has temporarily closed the UBO register to the public. This means that temporarily no information from the UBO register can be requested. The Court’s ruling has no impact on the obligation to register ultimate beneficial owners in the UBO register. UBO’s must register, if they have not already done so.


Ekelmans Advocaten appoints Daan Spoormans as partner

Ekelmans Advocaten appoints Daan Spoormans as partner 2085 2441 Ekelmans Advocaten
Daan Spoormans partner
Leestijd: < 1 minuut
Lesedauer: < 1 Minute
Reading time: < 1 minute

Daan Spoormans has been appointed partner at Ekelmans Advocaten as per 1 January 2022. Daan specialises in corporate law and contract law. He assists companies and insurers in complex disputes about commercial contracts. Daan also assists directors who have been accused of incorrect management.

Daan has been working at Ekelmans Advocaten since 2008. In recent years, he has built up a flourishing international practice. Due in part to his bilingual background (Dutch and German), Daan also has many clients from German-speaking countries.

Partner Corporate/German Desk Robert Kütemann: “Daan’s partnership really strengthens our corporate practice. Daan has a strong legal and strategic insight. For many years, he has made an important contribution to the corporate team, which is highly valued by clients.
Since Daan’s clients include both companies and insurers, his appointment fits in perfectly with our positioning as an Insurance & Corporate firm. We are very pleased to appoint Daan as a partner.”


Chambers: an introduction to the Dutch Insurance Market

Chambers: an introduction to the Dutch Insurance Market 2560 1707 Ekelmans Advocaten
Concept of car insurance. Blue car under red umbrella with text Insurance
Leestijd: 2 minuten
Lesedauer: 2 Minuten
Reading time: 2 minutes

For Chambers and Partners, Jan Ekelmans and Frank Schaaf, partners at Ekelmans & Meijer, wrote and overview of the Dutch insurance market. The article gives an introduction to the current economic, legal and political trends affecting the Insurance Market in the Netherlands. Chambers and Partners is an independent research company operating across 200 jurisdictions delivering detailed rankings and insight into the world’s leading lawyers.

The Dutch insurance market is the 4th largest EU insurance market. At the basis of the insurance market lie the contractual obligations in insurance contracts. Dutch insurance law limits the freedom to determine the validity and contents of insurance agreements in ways generally similar to those in other European countries. The contractual obligations are influenced by international practice and insurance is offered by insurers who often maintain an international presence.

Specifically healthcare insurance is different. Legislation contains detailed provisions on the allowed content of healthcare insurance agreements. Dutch residents are legally obliged to maintain healthcare insurance.

Many of the largest Dutch law firms specialize in limited areas of insurance only. Most Dutch law firms with a broader in-depth activity on the insurance market are smaller or mid-sized firms. Generally, firms active in the insurance market concentrate on the Dutch insurance market.

You can read the full article here.



VoetbalTV and the GDPR: even commercial interests can be legitimate

VoetbalTV and the GDPR: even commercial interests can be legitimate 2560 1707 Ekelmans Advocaten
Leestijd: 4 minuten
Lesedauer: 4 Minuten
Reading time: 4 minutes

The Dutch supervisory authority (Dutch DPA) has long taken the position that a purely commercial interest cannot be a legitimate interest as referred to in Article 6(1)(f) of the GDPR. On that basis the Dutch DPA imposed a € 575,000 fine on VoetbalTV in 2020. A Dutch lower administrative court disapproved of the strict interpretation of legitimate interests by the Dutch DPA and annulled the fine.

The Dutch DPA has investigated the privacy of players and spectators filmed by VoetbalTV. VoetbalTV is an online platform that broadcasts amateur football. Users were able to watch highlights, share those highlights or use the clips as preparation for their matches. In September 2020 VoetbalTV was declared bankrupt. The Dutch DPA concluded that VoetbalTV should not have broadcast the film footage of the footballers, because there is no lawful basis for the recording and distribution of this footage. The Dutch DPA imposed a fine of € 575,000 on VoetbalTV for unlawful processing of personal data. VoetbalTV did not agree with the fine and initiated court proceedings against the Dutch DPA. A Dutch lower administrative court gave judgment on 23 November 2020.

VoetbalTV believes it has a legitimate commercial interest in distributing the images The court ruled that a purely commercial interest can be a legitimate interest for processing personal data (Art. 6 (1) f AVG) and thus for making recordings and distributing the images. This follows from European case law.

Dutch DPA: a commercial interest can never amount to a legitimate interest

In determining what constitutes a legitimate interest, the Dutch DPA applies a strict view: an interest is only legitimate if it is named as a “legal interest” in law or unwritten law. This interest must be of a more or less urgent and specific nature arising from a rule or principle of law. If this is not the case then there is no legitimate interest that has to be taken into account in the balancing test. Purely commercial interests and profit maximization lack a legal character. Therefore, according to the Dutch DPA, those interests can never amount to a legitimate interest. This restrictive interpretation is also found in the guidance note the Dutch DPA has published on how legitimate interests under the GDPR should be interpreted. Dutch legal practitioners have been critical of the guidance note from the Dutch DPA.

According to Voetbal TV, the level playing field is much broader: any interest can be legitimate as long as it is not contradictory to statutory law.

The European Perspective

The ‘Fashion ID’ judgment from the Court of Justice of the European Union (CJEU) (ECLI:EU:C:2019:629) shows that the legitimate interest is entirely flexible and open-ended in nature. Fashion ID collected and shared personal data in order to benefit from the commercial advantage consisting in increased publicity for its goods. This too can amount to a legitimate interest. Indeed, recital 47 to the GDPR stipulates that direct marketing can be a legitimate interest. By excluding purely commercial interests, commercial enterprises never get around to the balancing test for which the ‘legitimate interest’ basis was created. Both the right to respect for one’s private life and the freedom of enterprise are European fundamental rights. Fundamental rights must be taken into a balancing test for which the ‘legitimate interest’ basis was created. The one fundamental right never prevails over the other by definition. Any interest can be legitimate. The European Data Protection Board (EDPB) also defined legitimate interests in a more inclusive manner.

This interpretation allows for more interests being legitimate than the Dutch DPA’s interpretation, as many factual, economic, and idealistic interests are not designated in the law. The court rules that it is – in principle – up to controllers (i.e., VoetbalTV) to determine their legitimate interests. The controller must act accordingly.

Judge overturns Dutch DPA GDPR fine

In the Voetbal TV case, the court adopts the broad interpretation of “legitimate interest” used by the CJEU in the Fashion ID case: is the processor not pursuing an interest that is contrary to the law ?

The court disapproved the strict interpretation of legitimate interests by the Dutch DPA. According to the court, excluding certain interests in advance is contrary to European law.

Moreover VoetbalTV indicates that it has interests that go beyond commercial purposes. Distributing the images is also informative and makes the sport available to a wider audience.

Based on the purposes stated by VoetbalTV and the explanation that the processing is necessary and proportionate, the Dutch DPA must still assess whether VoetbalTV has a legitimate interest in recording and broadcasting the film footage of footballers.

What are the consequences of this judgment?

The Dutch DPA will have to revise its guidance note on how legitimate interests under the GDPR should be interpreted. The VoetbalTV judgment enables organisations to process personal data on the basis of commercial interests since these are legitimate interests in the meaning of article 6(1)(f) GDPR. In that case, it is not necessary to ask all data subjects involved if they are willing to consent to the data processing. This is good news for (commercial) organisations. However, it is important to note they must have a well-founded explanation for the (intended) data processing.

The period for submitting an appeal with the Court of Appeal has now expired. It is not known to us whether an appeal has been submitted, but we do not consider that there is a very high risk of the Court of Appeal adopting a different course. Interesting from an EU perspective is that on September 2, 2020, the European Data Protection Board (EDPB) published draft guidelines on the targeting of social media users on its website. The EDPB maintains the position that commercial interests can also amount to a legitimate interest. It will be interesting to see how the Dutch DPA’s legitimate interest interpretation in the Netherlands and on EU level is impacted at this stage.

Our Privacy Desk will of course keep you updated regarding ongoing developments.


We use cookies to make sure that our website functions smoothly. If you continue to use the website, we assume that you consent to the cookies.