Photograph of Maarten Stassen

Education

  • Universitat Pompeu Fabra, Barcelona, Spain
  • Catholic University of Leuven, J.D., cum laude

Admissions

  • Brussels

Languages

  • English
  • Dutch (Fluent)
  • French (Fluent)
  • Spanish (Fluent)
  • Catalan (Fluent)
Maarten Stassen, Senior Counsel Brussels
mstassen@crowell.com
Phone: +32.2.214.2837
7, Rue Joseph Stevens
Brussels, B - 1000
Belgium

Maarten Stassen is a senior counsel in the Brussels office of Crowell & Moring, where he is a member of the firm's Privacy & Cybersecurity Group. His practice focuses on privacy and data protection, including the General Data Protection Regulation (GDPR) and cross-border data transfers solutions, as well as on the legal and operational aspects of the digital ecosystem, including Internet of Things (IoT), MedTech, and upcoming technologies such as Distributed Ledger Technology (e.g. Blockchain).

Before joining Crowell & Moring, Maarten was a director in Deloitte’s Cyber practice, as well as the Faculty Leader of the European Privacy Academy. He has been focusing on privacy and data protection law for many years, first as a lawyer in both Spain and Belgium, and later as European Privacy Officer of an international health insurance company.

Characterized by his entrepreneurial spirit and drive to provide client-specific, business-focused, practical and pragmatic advice, Maarten has extensive experience advising a wide range of private organizations and public sector entities on national and international privacy and data-protection-related matters. Clients include household names in the automotive, MedTech, transportation, financial services, life sciences, and retail sectors.

Maarten has both a Belgian and a Spanish law degree. His international experience helps to provide a different point of view for his clients. Maarten is fluent in Dutch, English, French, Spanish, and Catalan.

A former member of the European Advisory Board of the International Association of Privacy Professionals (IAPP), Maarten is a frequently asked speaker at privacy and data protection events. In October 2017, Maarten was named Vice-Chair of the American Bar Association (ABA) Privacy and Computer Crime Committee (Science & Technology Law Section). He also teaches at the Data Protection Institute.

Representative Matters

  • Advised several national and international companies on how to prepare in a practical, pragmatic, and legally compliant manner for the General Data Protection Regulation (GDPR). Clients include European and Asian car manufacturers, a major international player in the beverage industry, as well as several leaders in the MedTech and retail industry. 
  • Advised several international companies, including leaders in the travel and leisure industry, on international data transfer mechanisms such as Binding Corporate Rules and standard contractual clauses, which included the review, drafting, and submission of the corresponding legal documents. 
  • Lead a team that carried out Binding Corporate Rules on-site audits on a worldwide scale and advised as a subject matter expert on the different legal and operational aspects of such a program. 
  • Advised a U.S.-based international leader in the food industry on the implementation of a global privacy program. 
  • Advised a global fashion company on the implementation of a global privacy program.
  • Advised several international players in the financial services industry on compliance with privacy and data protection matters.
  • Advised several start-ups on building their business case in a privacy and data protection-compliant manner. 
  • Advised on the privacy and data protection-related aspects of upcoming technologies such as Blockchain. 
  • With his experience in the new European data protection framework, lead several GDPR readiness assessment projects at companies of different sizes and industries, allowing organizations to take informed and risk-based decisions and guiding them through the change process towards practical and pragmatic compliance with the new GDPR requirements.
  • Apart from teaching frequently on the subject and chairing and facilitating half-day IAPP workshops on Data Protection Impact Assessments (DPIAs), Maarten has the practical experience of carrying out DPIAs for several clients. The focus of the assessments is to limit the likelihood of any data breach or privacy-intrusive operation and to implement the “Privacy by Design” concept in a business-focused, effective, and legally compliant manner. 
  • As the Faculty Leader, speaker, and facilitator at the European Privacy Academy, Maarten has been teaching for several years on various privacy-related topics, including Privacy by Design, Privacy Impact Assessments, breach notification, privacy vs. security, HR-related topics, etc. 
  • As European Privacy Officer of a major international health insurance company, Maarten was in charge of implementing its global privacy program in the European divisions.


Affiliations

Admitted to practice: Belgium

Other Affiliations

  • IAPP - Certified Information Privacy Professional/Europe (CIPP/E)
  • IAPP - Certified Information Privacy Manager (CIPM)


Speeches & Presentations

  • "Privacy Impact Assessments, The Full Picture," IAPP Europe Data Protection Congress 2017, Brussels, Belgium (November 7, 2017). Chair and Speaker: Maarten Stassen
  • "Data Protection Officer Course," Data Protection Institute (DPI), Antwerp, Belgium (November 6, 2017). Presenter: Maarten Stassen.
  • "The GDPR Deadline is Near. Issues and Priorities Towards Compliance," Crowell & Moring Seminar, Brussels, Belgium (October 26, 2017). Speakers: Emmanuel Plasschaert, Frederik Van Remoortel, and Maarten Stassen.
  • "Privacy Impact Assessments, The Full Picture," IAPP Global Privacy Summit 2017, Washington, D.C. (April 2017). Chair and Speaker: Maarten Stassen.
  • "Privacy Impact Assessment & Privacy by Design," CPDP Congress 2017, Brussels (January 25, 2017). Speaker: Maarten Stassen.
  • "GDPR: Identifying Key Challenges from a Practitioners Perspective," LSEC Leaders in Security, Brussels (December 19, 2016). Advisory Panel Member: Maarten Stassen.
  • "Customer Data: Their Rights, Your Obligations," European Customer Experience Conference, Athens, Greece (November 23, 2016). Speaker: Maarten Stassen.
  • "GDPR, Main Changes & Challenges," VOKA, Belgium (October 20, 2016). Speaker: Maarten Stassen.
  • "EU General Data Protection Regulation, the Impact on Japanese Companies and the Reaction To Be Taken," Seminar, Japanese Desk Deloitte, Belgium (June 9, 2016). Speaker: Maarten Stassen.
  • "Corporate Compliance, Privacy Update," Euronext, Brussels (April 26, 2016). Speaker: Maarten Stassen.
  • Half-Day Workshop, IAPP Europe Data Protection Congress, Brussels (2016). Chair and Speaker: Maarten Stassen.
  • "Privacy for Start-Ups," Deloitte Innovation Centre Academy, Leuven, Belgium (April 27, 2015). Speaker: Maarten Stassen.
  • "Privacy in Practice, Privacy Impact Assessments & Multidimensional Data Mapping," ETNO, Data Protection, Trust & Security Working Group, Brussels (April 24, 2015). Speaker: Maarten Stassen.
  • "Privacy Impact Assessments: The Full Picture," IAPP Europe Data Protection Intensive 2015, London, UK (2015). Chair and Speaker: Maarten Stassen.
  • "Staying Ahead of the Wave: From Cyber Security to Cyber Resilience," CPDP Congress, Brussels (2015). Chair and Speaker: Maarten Stassen.
  • "Building a Global Privacy Programme," IAPP Europe Data Protection Congress, Brussels (2014). Speaker: Maarten Stassen.
  • "How To Build a Global Privacy Programme," IAPP Europe Data Protection Intensive, London, UK (2014). Speaker: Maarten Stassen.
  • "Building a Global Privacy Programme," IAPP Europe Data Protection Congress, Brussels (2013). Speaker: Maarten Stassen.
  • "How To Build a Global Privacy Programme," IAPP Europe Data Protection Intensive, London, UK (2013). Speaker: Maarten Stassen.
  • "Internal Staff Awareness as a Key Link in the Secure Data Chain," E.N.G.'s 7th Senior Executive Summit, Strategic Data Protection & Compliance, Amsterdam (October 3, 2012). Speaker: Maarten Stassen.
  • "La LOPD y la Diligencia del Empresario," Expansión Speaker: Maarten Stassen.
  • "Cross-Border Mergers: A Practical Introduction," Brussels and Barcelona Bar Associations, Barcelona, Spain Speaker: Maarten Stassen.
  • "El Nuevo Reglamento de Protección de Datos: Un Año de Experiencia," Gómez-Acebo & Pombo, Barcelona, Spain Speaker: Maarten Stassen.
  • "La Aplicación del Nuevo Reglamento de la LOPD," Chamber of Commerce of Belgium and Luxembourg, Barcelona, Spain Speaker: Maarten Stassen.


Publications



In the News



Firm News & Announcements

Oct.03.2017 Leading Privacy and Cybersecurity Lawyer Maarten Stassen Joins Crowell & Moring’s Brussels Office