Belgium’s Private Investigations Act (PIA) has been in force since 16 December 2024, replacing the 1991 Private Detectives Act with stricter compliance rules and enhanced privacy protections. Employers must immediately comply with new licensing requirements, investigative procedures, and employee privacy safeguards.
Scope and application
Private investigation activities are defined as those:
- Performed by a natural person
- Requested by an employer from the private or public sector
- Involving the collection and processing of information about individuals
- Aiming to protect the employer's interests in disputes
The PIA applies to:
- Internal company investigations
- Corporate group investigations
- External private investigators
Important exclusions
Excluded activities include:
- Professional activities of lawyers, notaries, bailiffs, journalists and auditors
- Cybersecurity-related investigations
- Investigations required by legal obligations (e.g. whistleblowing reports, psychosocial risk complaints)
Key obligations for employers
Licensing requirements
Employers must obtain authorization from the Ministry of the Interior (valid for five years for internal investigation teams) or collaborate with licensed investigators. The HR department is exempt from this licensing requirement but must still comply with other PIA rules.
Compliance measures
Employers must act now to ensure that they:
- Immediate actions:
- Transparency & reporting: Inform subjects of investigations and provide feedback within one month
- Documentation: Licence request, maintain mission statements or investigation registers
- Data protection: Comply with GDPR and PIA privacy requirements
- Notification: Notify criminal authorities when required
- By 16 December 2026:
- Internal written policy: A two-year transition period applies until 16 December 2026 for the explicit inclusion of private investigation authorizations and procedures in internal regulations
Compliance risks
Failure to comply with the PIA can lead to:
- Nullification of unlawfully obtained evidence by a court
- Administrative sanctions, including fines of up to €25,000
- GDPR-related sanctions, including fines of up to €20 million or 4% of annual turnover
- Potential criminal sanctions
Next steps for employers
- Analyse and update internal policies
- Train HR and compliance teams on PIA requirements
- Consult legal experts to ensure full compliance
- Implement necessary documentation and reporting procedures
- Strengthen data protection safeguards
The new PIA marks a significant shift in Belgium's regulatory landscape, requiring employers to adapt their practices to comply with its provisions while respecting employees' privacy rights. For tailored guidance on implementing these changes effectively, our team is available to assist you in navigating this complex legal framework.
Social Media cookies collect information about you sharing information from our website via social media tools, or analytics to understand your browsing between social media tools or our Social Media campaigns and our own websites. We do this to optimise the mix of channels to provide you with our content. Details concerning the tools in use are in our Privacy Notice.