As a partner in our international Data Protection and Data Regulation practices, Berend advises on global and domestic data compliance projects, technology contracts, enforcement, and the legal aspects around online innovation and advanced technologies.
I have over 15 years' of experience working together with technology-driven companies, payment companies, and other data-rich clients with compliance matters, high-stakes enforcement and navigating their business through complex legal and regulatory landscapes. This includes dealing with supervisory authorities across Europe and beyond, leading complex investigations, coordinating global data breach and incident responses and managing Binding Corporate Rules applications.
I find a genuine satisfaction in combining my knowledge of IT and new technologies with my legal expertise and regulatory experience to deliver what clients need, and draw on my in-house experience to provide clients with pragmatic and hands-on advice. Clients appreciate my ability to translate complex legal issues into solutions that are appreciated by their colleagues and customers.
I advise companies on many of the new EU data regulations that are part of the EU's digital strategy and that will significantly impact companies doing business in Europe, including:
• Data Act (DA) and associated vertical legislation such as the Financial Data Access Regulation (FIDA);
• Artificial Intelligence Act (AI Act);
• Digital Service Act (DSA);
• Network Information Security Directive 2 (NIS2) and the Cyber Resilience Act (CRA);
• Data Governance Act (DGA);
• Data protection aspects of Payment Service Directive 2 (PSD2) and the Payment Services Regulation (PSR);
• E-Privacy Regulation.
Beyond Europe, I have a strong interest in, and knowledge of, the data protection and broader legal & technology developments in other parts of the world, specifically in Asia. I have previously worked in Singapore and Jakarta and frequently visit the region.
I am a co-editor of the Journal for Internet Law (Tijdschrift voor Internetrecht), and am actively involved in both the Dutch Association for Information Technology and Law, and the Association for Privacy Law. I am a published author, having co-written books on the law and computer games and on the liability of intermediaries. I often speak and write on topics including data protection, the aforementioned EU data laws, deceptive design ('dark patterns') and open banking.