Publication Title

EC Tax Review

Keywords

Belgian Market Court, CJEU, data protection, European Data Protection Board, FATCA, GDPR, intergovernmental agreements, Internal Revenue Service, privacy, taxpayer rights

Document Type

Article

Abstract

A 2025 Belgian Data Protection Authority (DPA) decision and ensuing preliminary questions referred by the Belgian Market Court to the Court of Justice of the European Union (CJEU) highlights the tension between the General Data Protection Regulation (GDPR) and the US Foreign Account Tax Compliance Act (FATCA) structure in Europe. The FATCA structure relies on intergovernmental agreements (FATCA IGAs) between the US and EU Member States. Under these agreements, Member State tax authorities transfer personal data of their citizens and residents to the US Internal Revenue Service (IRS). It may be determined that these transfers violate some or all of the GDPR’s personal data protections. If that occurs, the incentive for Member States to re-negotiate FATCA IGAs include protecting their financial institutions from 30% withholding on US-source income. However, given the gaps between the US legal protections of data processed by the IRS and what is required by the GDPR, the US Congress would need to enact substantive legislation to provide protections substantially equivalent to what is provided by the GDPR. This article analyses three potential bases on which FATCA IGAs could comply with the GDPR and describes the significant legislative intervention each would require of the US Congress.

Download

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.