David Dumont

Overview

David advises large, multinational clients on various aspects of EU privacy, data protection and cybersecurity law. As a result of his extensive experience in this area, he has developed a strong knowledge of the key privacy, data protection and cybersecurity issues companies are facing.

David assists clients on all aspects of the EU General Data Protection Regulation (GDPR). In addition to managing comprehensive data protection compliance projects such as GDPR readiness projects, David advises clients on cutting-edge privacy and data protection law questions, such as on those related to the use of employee monitoring technologies, innovative customer analytics, AI applications and medical devices. He has also helped numerous clients implement mechanisms to legitimize international data flows, such as EU Standard Contractual Clauses and Binding Corporate Rules.

On the cybersecurity front, David helps clients prepare for and respond to various types of system and information security incidents. In addition, he has extensive experience assisting clients on their compliance journey with the full spectrum of new digital laws in the EU, including NIS2, DORA, the Data Act, the AI Act and the Cyber Resilience Act.

Clients value David’s practical approach in an area that is generally considered highly theoretical.

Experience

Advised numerous multinational clients on compliance with EU data protection law requirements, including drafting and reviewing pan-European privacy policies and notices.
Assisted clients with the development and implementation of various international data transfer mechanisms, including EU Standard Contractual Clauses and Binding Corporate Rules.
Represented clients in negotiations of data processing agreements, such as cloud services agreements.
Advised clients on data protection issues related to the use of new technologies, the launch of new products/services/websites/applications and the roll out of databases.
Successfully represented clients in interactions with the Belgian Data Protection Authority.
Managed various data protection compliance projects, including GDPR readiness projects.
Assisted clients in handling data breach incidents.
Advised clients on the implementation of employee monitoring tools and technologies, such as data loss prevention programs and CCTV systems.

Accolades

Honors & Recognitions

Recommended for Belgium: EU Regulatory – Privacy and Data Protection in Legal 500 EMEA, 2024-2025

Insights

Legal Updates

6 Minute Read
November 27, 2024
Legal Update
The Impact of the EU AI Act on the Development and Use of Medical Devices
6 Minute Read
November 26, 2024
Legal Update
The Impact of the EU AI Act on Human Resources Activities
13 Minute Read
July 18, 2024
Legal Update
Understanding the EU AI Act
1 Minute Read
May 5, 2020
Legal Update
Practical Insights for Addressing Privacy Concerns in the EU Amid the COVID-19 Pandemic
11 Minute Read
April 20, 2020
Legal Update
COVID-19 and Business Continuity in the EU
April 16, 2020
Legal Update
Key Data Protection Considerations Related to COVID-19 in the EU
2 Minute Read
March 20, 2020
Legal Update
Coronavirus/COVID-19: Key Privacy and Security Considerations
1 Minute Read
June 15, 2016
Legal Update
Hunton & Williams’ Privacy Team Publishes Several Chapters in International Comparative Legal Guide to Data Protection
February 25, 2015
Legal Update
Article 29 Working Party Clarifications on the Scope of Health Data Processed via Lifestyle and Well-being Apps

Events & Speaking Engagements

July 18, 2025
Event
Speaker
In-House Counsel’s Role in Cyber Security and Breach Response: Not just for IT and InfoSec, International Data Law Forum
March 2, 2023
Event
Speaker
From Safe Harbor to Privacy Shield to the Trans-Atlantic Data Privacy Framework: The Saga Continues, Hunton Andrews Kurth Webinar
March 2, 2021
Event
Speaker
Lessons Learned from Key GDPR Enforcement Cases, ACC Europe
March 2, 2021
Event
Speaker
Lessons Learned from Key GDPR Enforcement Cases, Association of Corporate Counsels (ACC) Europe Webinar
November 23, 2020
Event
Speaker
New SCCs and EDPB Recommendations: Key Strategies for Cross-Border Data Flows after Schrems II
November 10, 2020
Event
Speaker
Brexit and Adequacy–Separating Fact from Fiction
September 22, 2020
Event
Speaker
Post Schrems II: Virtual Meeting on Data Transfers and Next Steps
July 23, 2020
Event
Speaker
Schrems II: The Practical Implications for Businesses
June 23, 2020
Event
Speaker
Addressing Key GDPR Issues During COVID-19
May 20, 2020
Event
Speaker
Key GDPR Issues in the COVID-19 Pandemic, Practising Law Institute Briefing
April 20, 2020
Event
Speaker
Webinar on Business Continuity and COVID-19 from a GDPR Perspective
February 20, 2020
Event
Moderator
Data Breach Management, Legal 500 GC Summit Belgium 2020, Brussels
October 15, 2019
Event
Speaker
Addressing GDPR Challenges: An Interactive Session on Handling Data Breaches
May 17, 2019
Event
Speaker
London Breakfast Briefing - Data Breach: Prepare Your Business and Test Your Readiness, London
May 16, 2019
Event
Speaker
The Updated ePrivacy Regulation: What to Expect and How to Prepare, The European Information Security Summit 2019, Amsterdam
October 18, 2017
Event
Speaker
Workshop “How can SROs ensure their own compliance with the GDPR?", European Advertising Standard Alliance, Brussels
October 13, 2017
Event
Speaker
Data Breach Workshop, 16th Annual Data Protection Compliance Conference, London
June 20, 2017
Event
Speaker
Data Breaches: Is the GDPR the Solution Companies Need?, Getting the Deal Through event on GDPR, London

Publications

2025
Publication
Co-author
Belgium Data Retention, OneTrust DataGuidance
June 3, 2025
Publication
Author
Flexible but robust cybersecurity compliance programs are essential to comply with new EU digital laws, Finance Derivative
May 27, 2025
Publication
Co-author
Records Retention: Overview (Belgium), Thomson Reuters Practical Law
April 25, 2025
Publication
Co-author
Data Protection & Privacy ‒ Belgium, Lexology
March 2025
Publication
Co-author
The Impact of the European Union’s Artificial Intelligence Act on the Development and Use of Medical Devices, The Global Regulatory Developments Journal
March 2025
Publication
Co-author
The Impact of the European Union’s Artificial Intelligence Act on Human Resources Activities, The Global Regulatory Developments Journal
February 4, 2025
Publication
Co-author
International: Navigating cross-border data transfers: Implications of the OECD Declaration, OneTrust DataGuidance
February 2025
Publication
The EU AI Act: Guide for In-House Lawyers
September 4, 2024
Publication
Co-author
AI Act: Next Steps for Businesses, EE Times Europe
August 29, 2024
Publication
Co-author
The NIS2 Directive: How far does it reach?, Help Net Security
7 Minute Read
August 21, 2024
Publication
Co-author
GDPR, AI and Cybersecurity Considerations in M&A Transactions, Global Banking and Finance Review
April 2024
Publication
Co-author
UK/EU Privacy & Cybersecurity: Current Legislative Trends
2024
Publication
Co-author
Belgium Data Retention, OneTrust DataGuidance
November 30, 2022
Publication
Author
Comprehensive EU Cyber Security Law in the Pipeline, CPO Magazine
October 5, 2022
Publication
Co-author
Data Protection & Privacy 2023, Belgium, Getting the Deal Through
October 5, 2022
Publication
Co-author
Data Protection & Privacy 2023, EU Overview, Getting the Deal Through
September 2022
Publication
Co-author
EU Deep dive into Q&As regarding the ‘local laws and government access’ section of the new SCCs, OneTrust DataGuidance
March 30, 2022
Publication
Co-author
Use of artificial intelligence in e-commerce fraud detection and prevention: GDPR risks, Thomson Reuters Regulatory Intelligence
January 27, 2022
Publication
Co-author
Key GDPR Compliance Issues to Watch in the Artificial Intelligence Space, Infosecurity Magazine
August 25, 2021
Publication
Co-author
European Commission’s International Data Transfer Standard Contractual Clauses: What Businesses Need to Know, Practical Law
August 18, 2021
Publication
Co-author
Data Protection & Privacy 2022, EU Overview, Getting the Deal Through
August 18, 2021
Publication
Co-author
Data Protection & Privacy 2022, Belgium, Getting the Deal Through
August 2, 2021
Publication
Co-author
Key Takeaways From the European Commission's Article 28 Standard Contractual Clauses, Thomson Reuters Practical Law Data Privacy Advisor
June 18, 2021
Publication
Co-author
EU: Commission releases long-awaited SCCs for international data transfers, OneTrust DataGuidance
June 8, 2021
Publication
Co-author
What’s New in the EU’s Updated Standard Contractual Clauses?, Infosecurity Magazine
January 2021
Publication
Co-author
A Guide for Binding Corporate Rules, Bloomberg Law
January 2021
Publication
Co-author
Schrems II Update and Data Transfer Assessment, Bloomberg Law
November 4, 2020
Publication
Co-author
Data Protection & Privacy 2021, Belgium, Getting the Deal Through
November 2020
Publication
Co-author
EU: New draft SCCs from the Commission, OneTrust DataGuidance
August 2020
Publication
Co-author
Lessons Learned from Key GDPR Enforcement Cases, Bloomberg Law
July 15, 2020
Publication
Co-author
COVID-19 and GDPR: Organizational Considerations for Business Continuity of Privacy Compliance Programs, CPO Magazine
Summer 2020
Publication
Co-author
COVID-19 and GDPR, HRO Today
May 29, 2020
Publication
Co-author
To test, or not to test? Key data protection considerations for reopening workplaces in the EU, Thomson Reuters
April 24, 2020
Publication
Co-author
COVID-19 and Business Continuity in the EU, National Law Review
January 27, 2020
Publication
Co-author
Records Retention: Belgium, Thomson Reuters Practical Law Data Privacy Advisor
October 1, 2019
Publication
Co-author
Data Protection & Privacy 2020, Belgium, Getting the Deal Through
April 5, 2019
Publication
Co-author
Data Protection & Privacy 2019, Belgium, Getting the Deal Through
March 28, 2019
Publication
Author
Advocate General finds cookie consent must be active and separate, LexisNexis
2014, 2015, 2016, 2017 and 2018
Publication
Co-author
Data Protection & Privacy, Belgium, Getting the Deal Through
May 2017
Publication
Co-author
Chapter 4: Belgium, The International Comparative Legal Guide to: Data Protection 2017, 4th Edition
April 2016
Publication
Co-author
Belgium, The International Comparative Legal Guide to: Data Protection 2016, 3rd Edition
May 2015
Publication
Co-author
Chapter 4, Belgium, The International Comparative Legal Guide to Data Protection 2015, 2nd Edition
2014
Publication
Co-author
Privacy en evenementen: Wat te doen met die berg aan persoonsgegevens?, Handboek manifestaties en evenementen, Part V, Chapter 3, Politeia
2014
Publication
Co-author
De Elektronische Handtekening, Wet en Duiding, Part V: Bank en Zekerheden – series Economisch Recht, Larcier
2012
Publication
Co-author
Belgium – Time to Comply with the Amended Telecom Act, The Privacy Advisor, International Association of Privacy Professionals, Volume 12, Number 10
2012
Publication
Co-author
Privacy, E-Commerce, and Data Security – International Legal Developments Year in Review: 2011, The International Lawyer, Volume 46, Number 1

News

2 Minute Read
March 27, 2025
News
Legal 500 Recognizes Hunton Among Top Firms in EMEA 2025 Guide
February 28, 2025
Media Mention
Featured
Understanding the AI Act and its compliance challenges, Help Net Security
2 Minute Read
February 13, 2025
News
Hunton Publishes AI Act Guide To Help Businesses Navigate EU’s Landmark Regulation
February 3, 2025
Media Mention
Quoted
EDPB Shift Forces AI Firms to Embed Procurement, Risk Management in GDPR Considerations, Compliance Week
January 14, 2025
Media Mention
Quoted
The EU Cyber Solidarity Act Is Coming: Here’s What it Means, ISMS.com
November 20, 2024
Media Mention
Quoted
Global Approach to AI Governance is a ‘Big, Fragmented Mess’, Banking Risk & Regulation
November 8, 2024
Media Mention
Quoted
How Can Generative AI Help my Business?, ITPro
June 24, 2024
Media Mention
Quoted
How is AI transforming the insurtech sector?, Information Age
2 Minute Read
March 29, 2024
News
Legal 500 Names Hunton Andrews Kurth Among Top Firms in EMEA 2024 Guide
March 14, 2024
Media Mention
Quoted, EE Times Europe Editor’s Note, EE Times Europe
March 14, 2024
Media Mention
Quoted, What does the EU’s landmark AI Act mean for UK tech firms?, UKTN
February 27, 2024
Media Mention
Quoted, GDPR costs are forcing firms to rethink data strategies, ITPro
December 13, 2023
Media Mention
Quoted, Data privacy in 2023: 10 moments that shaped the year, OneTrust DataGuidance
December 11, 2023
Media Mention
Quoted, EU AI Act: The wording of the act is finalized, Computer Weekly
December 5, 2023
Media Mention
Quoted, EU AI Act risks collapse if consensus not reached, experts warn, ITPro.
July 17, 2023
Media Mention
Quoted, New EU-US Data Transfer Deal Underway After European Commission Adequacy Decision, CPO Magazine
July 14, 2023
Media Mention
Quoted, New deal on EU-US data flows sparks privacy fears and business uncertainty, The Next Web
July 13, 2023
Media Mention
Quoted, Cyber Insights – International Data Flows, Politico PRO Cyber Insights Europe
May 26, 2023
Media Mention
Quoted, What the draft EU AI Act means for regulation, Information Age
May 24, 2023
Media Mention
Quoted, GDPR turns Five: Has it positively changed the landscape of Data Protection?, Business Leader
April 26, 2023
Media Mention
Quoted, Is ChatGPT the privacy problem? Or is GDPR?, Compliance Week
February 1, 2023
Media Mention
Quoted, Europe To Tackle Cyber in New Law, AFCEA
December 15, 2022
Media Mention
Quoted, International: Commission's draft decision for EU-US DPF - the road to adequacy, OneTrust DataGuidance
October 2022
Media Mention
Quoted, International: Breakdown of US Executive Order implementing the EU-US DPF, OneTrust DataGuidance
September 23, 2022
Media Mention
Quoted, Smart Speakers, Games and More: EU Takes a Stab at Comprehensive Cybersecurity Legislation, Legaltech News
June 21, 2021
Media Mention
Quoted, EU: EDPB publishes final recommendations on supplementary measures – Reaction and analysis, OneTrust DataGuidance
February 17, 2021
Media Mention
Quoted, Irish data regulator under fire over dated software, The Financial Times
November 2020
Media Mention
Quoted, EU: Reactions to new draft SCCs, OneTrust DataGuidance
3 Minute Read
August 4, 2020
News
Hunton Andrews Kurth Focuses on Schrems II and the Practical Implications for Businesses
July 29, 2020
Media Mention
Quoted, EU regulators harden approach to data transfer to US, Mbs News
July 29, 2020
Media Mention
Quoted, GDPR Two Years On: Compliance Lessons Learned, Data Breach Today
July 27, 2020
Media Mention
Quoted, Privacy Shield Revocation Greatly Complicates International Data Transfers; Is a Grace Period in the Works?, CPO Magazine
July 24, 2020
Media Mention
Quoted, ECJ ruling causes data transfer headache for CIOs, National Technology
July 24, 2020
Media Mention
Quoted, EU Regulators Take Tough Data-Transfer Approach After Ruling, Bloomberg Law
July 16, 2020
Media Mention
Quoted, Top EU court ditches transatlantic data transfer deal, Reuters
July 16, 2020
Media Mention
Quoted, US-EU data sharing deal Privacy Shield struck down by European court, Financial Times
March 12, 2020
Media Mention
Quoted, The glue that holds it all together, Global Data Review
1 Minute Read
April 2, 2019
News
Hunton Andrews Kurth Promotes 11 to Partner
July 20, 2015
News
Hunton & Williams’ Privacy Team Publishes Several Chapters in International Comparative Legal Guide to Data Protection

David Dumont

Overview

Experience

Accolades

Honors & Recognitions

Insights

Legal Updates

Events & Speaking Engagements

Publications

News

Education

Admissions

Languages

Blogs

Areas of Focus