Nikolai de Koning

Photo of Nikolai de Koning

Nikolai de Koning is a financial services lawyer (advocaat) based in Amsterdam. Nikolai is experienced in financial services and banking law, as well as in data privacy (protection). He is experienced in advising on regulatory and compliance aspects relevant to financial institutions, such as insurance companies, investment firms, clearing institutions and central counterparties. Nikolai also advises on Dutch licence and notification requirements and he assists companies in their licence or notification processes with the Dutch financial regulators. He also specialises in privacy issues arising out of online products, data protection and e-commerce.

Subscribe to all posts by Nikolai de Koning

Dutch DPA: Employers May Not Process Employee Health Data From Wearables

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “AP”) announced on March 8, 2016, that two companies agreed to stop processing employees’ personal health data after the AP initiated an investigation into the employers’ practices. The two companies provided their employees with wearable devices (or “wearables”), which allowed the companies to track their employees’ physical … Continue reading

Dutch Data Protection Authority publishes consultation version of guidelines on breach notice law

On the heels of the enactment of the Dutch breach notice law, the Dutch Data Protection Authority (CBP) published a consultation document with draft guidelines on the breach notice obligation of data controllers in the Netherlands. Under the law, data controllers are required to provide notice of data breaches to the CBP and, under certain circumstances, to … Continue reading

Breach notice law in the Netherlands takes effect on 1 January 2016

Today the Royal Decree setting the date of entry into force of the Bill on Notification of data leaks was published. The law will take effect on 1 January 2016 and introduces an obligation on data controllers in the Netherlands to notify the Dutch Data Protection Authority (College Bescherming Persoonsgegevens) and affected individuals and significantly increases … Continue reading

Breach notice becomes law in the Netherlands; 11 things to know

On 26 May 2015, the Dutch Senate passed the Bill on Notification of data leaks. The law imposes an obligation on “data controllers” (the persons or entitis that determine the purpose of and means for processing personal data) in the Netherlands to notify the Dutch Data Protection Authority (CBP) and affected individuals. The law may require … Continue reading

Cybersecurity incident notification bill introduced in the Netherlands

On January 22, 2015, the Netherlands proposed legislation introducing breach notification requirements for critical infrastructure industries, including utilities (electricity, gas and drinking water), telecom, financial services, government (surface-water management bodies) and transport (main ports Rotterdam and Schiphol airport). The proposed law would require notification in the event of a breach of security or loss of … Continue reading