Privacy and Data Protection


Jan Dhont is a partner in the Brussels office of Wilson Sonsini Goodrich & Rosati, where his practice focuses on privacy and cybersecurity matters. Jan has been counseling on these matters for more than 20 years. He helps corporate clients identify and resolve privacy and cybersecurity compliance issues in the EU and design and implement their General Data Protection Regulation (GDPR) compliance programs. He has particular experience in guiding companies through the preparation and application process for binding corporate rules (BCRs).

Jan works with global and U.S.-based public and private companies in a wide variety of industries, such as pharmaceuticals and chemicals, software and cloud, internet, logistics and postal, retail, insurance, human resources, automotive, payment, and financial services. He also works with clients on responding to data breaches and other cybersecurity incidents, and he has specific experience in representing them before supervisory authorities and in court. Jan is a frequent speaker on topics relating to privacy and is widely known in data privacy and security circles.

Prior to joining the firm, Jan was a partner in the Brussels office of Alston & Bird from 2015 to end of 2018, where he led the European data privacy practice. From 2007 to 2015, he was the co-founder and a partner at Lorenz Law in Brussels, a boutique law firm which inter-alia focused on privacy and data security issues for U.S.-based public and private companies. Previously, Jan was a senior associate in the Brussels office of Crowell & Moring LLP and an associate at Hunton & Williams LLP. He started his legal career as a legal advisor at the Belgian Data Protection Authority and as a research fellow in privacy and data protection law at the Research Center on IT and Law (CRID) of the University of Namur in Belgium. Jan is fluent in Dutch and English.

  • Defended a major U.S. webmail provider in a landmark litigation proceeding before the Belgian Court of Appeal and Supreme Court concerning the release of user account information.
  • Assisted a global automotive parts and energy solutions provider with the development of its global privacy program, including the application and implementation of its BCRs.
  • Provided data breach assistance for a large number of U.S. and European multinationals across a broad variety of jurisdictions.
  • Assisted an important number of corporations with the development and implementation of their GDPR-compliance program, including the worlds' largest payment services provider and the worlds' largest postal and logistics service supplier.
  • Advised national data protection authorities on subcontracting solutions for data processing services, on employee monitoring requirements, and the binding character of BCRs.
  • Advised a U.S. pharmaceutical company on data protection and privacy issues and drafted documents (consents, contracts, and notices, etc.) related to a web-based tool for a parenteral nutrition supplement, as well as developed the necessary privacy documents for its use in the EU and a database for research grants.
  • Advised an S&P 500 pediatric nutrition company on its recruitment and human resources practices and the implementation of its whistleblowing hotline in the EU, including drafting all related documentation (standard operating procedures, policies, and consents).
  • Coordinated a bio-bank project in the EU/EEA for a Fortune 500 pharmaceutical company, including advising the company on pharmacovigilance information management and rolling out the data transfer strategy throughout the EU.
  • Developed template privacy (transfer, processing, and outsourcing) contracts for the privacy program of a Fortune 100 company.
  • Assisted a U.S.-based new technologies company with the drafting of its standard terms of use for the EU of their cloud-based application for remote device monitoring.
  • Audited a Belgian energy supply company for privacy compliance of its information and data processing practices.
  • Supported a U.S. paper company with day-to-day privacy questions as well as data protection issues in FCPA and antitrust audits.
  • Advised and implemented international transfer solutions for a Japanese pharmaceutical company.
  • Audited the data processing practices of a GPS hardware vendor and developed an international data privacy program, including international HR and customer data transfers to China, Taiwan, and the U.S.
  • Assisted with the development and rollout of a global data protection compliance program for one of the largest U.S. recruitment companies, a global leader in HR consulting and outsourcing.
  • LL.M., University of Brussels, 1998
    Magna Cum Laude
  • J.D., University of Leuven, Belgium, 1996
    Magna Cum Laude
  • Member, American Bar Association
  • Member, International Association of Privacy Professionals (IAPP)
  • Member, Society of Corporate Compliance and Ethics (SCCE)
  • Member, Advisory Board, International Privacy+Security Forum
  • Nominated as a "Leading Individual" in Legal500 in EU Regulatory and Privacy and Data Protection over the last nine years
  • "Data Protection Litigation to Become a New Reality in Belgium," Bloomberg BNA Privacy Law Watch, March 5, 2018
  • "National variations Further Fragment GDPR," The National Law Journal, June 20, 2018
  • "A Look into Europe's New Cybersecurity Regimes," Compliance & Ethics Professional, May 2017
  • "The Sinking of the Safe Harbor: Just Another Symbolic Decision?" Corporate Counsel, October 29, 2015
  • "Reasons to Consider Binding Corporate Rules," Compliance & Ethics Professional, August 2015
  • "Understanding Binding Corporate Rules," Compliance & Ethics Professional, July 2015
  • Speaker, Privacy+Security Forum, October 3-5, 2018
  • Speaker, Antitrust Law 2018 ABA Spring Meeting, April 11-13, 2018
  • Speaker, International Privacy+Security Forum 2018, February 26-27, 2018
  • Speaker, Brussels GDPR Compliance Conference, November 7, 2017
  • Speaker, IAPP Europe Data Protection Congress, November 10, 2016
  • Speaker, Privacy+Security Forum 2016, October 24-26, 2016
  • Speaker, GILBA Conference 2016, July 2, 2016
  • Speaker, CPP Forum—The Consequences of the Judgment in Schrems Case, December 18, 2015
  • Speaker, Privacy+Security Forum seminar, October 21-23, 2015
  • Speaker, Global Acquiring Conference, May 6-8, 2015
  • Brussels Bar

Contact Information

Rue Montoyer 47
1000 Brussels, Belgium 
Phone | +32 2 274 57 12

Email | Jan Dhontjdhont@wsgr.com

Areas of Expertise

Print to PDF