Home / People / Thomas Dubuisson
Thomas Dubuisson

Thomas Dubuisson


CMS DeBacker
Chaussée de La Hulpe 178
1170 Brussels
Languages French, English, Dutch, Spanish

Thomas specializes in data protection, intellectual property (IP) and related rights, and ICT. Thomas's experience includes both contentious and non-contentious work. After graduating from Law School in 2010 (Catholic University, Louvain-la-Neuve), Thomas obtained a specialized LL.M. degree in both the Netherlands (LL.M, Maastricht University) and the U.S. (LL.M, The George Washington University), which provide him an in-depth understanding of both the civil and common law traditions.

Thomas was called to the Brussels Bar in May 2015. He started his 3-year apprenticeship at a major U.S. law firm in the IP Litigation practice group where he participated in various stages of litigation. He then followed his apprenticeship at two Franco-Belgian law firms within the Media, ICT and data protection practices.

He is a Certified Information Privacy Professional - Europe (CIPP-E) by the IAPP. The IAPP-certified professionals are recognized around the world as members of an elite group of skilled and dedicated data protection professionals. This certification (CIPP/E) attests high level knowledge in data protection topics.
Thomas is also an occasional guest blogger for various IP blogs and contributes monthly to the “International IP Legal Updates Newsletter” of the American Bar Association.

He is fluent in French and English and is proficient in Spanish and Dutch. Thomas joined CMS in May 2018.

more less

Relevant experience

  • September 2012 - March 2013 - European Union Intellectual Property Office (EUIPO) - Trademark Law Division, Alicante, Spain
  • April - August 2013 - European Patent Office (EPO) - Patent Law Directorate, Munich, Germany
  • November 2013 – November 2014 - World Intellectual Property Organization (WIPO) - IP Enforcement Division, Geneva, Switzerland
more less


  • June 2010 - Law Degree - CATHOLIC UNIVERSITY OF LOUVAIN - Louvain-La-Neuve, Belgium
  • June 2011 - LL.M in Intellectual Property Law and Knowledge Management - MAASTRICHT UNIVERSITY - Maastricht,
  • Netherlands
  • May 2012 - LL.M in Intellectual Property Law - GEORGE WASHINGTON UNIVERSITY LAW SCHOOL - Washington DC, United States of America
  • June 2018 - Bar admission (Brussels, Belgium)
more less


  • Member of the International Association of Privacy Professionals (IAPP)
  • Member of the Belgian National Association for the Protection of Industrial Property (ANBPPI / BNVBIE)
  • Member of the International Association for the Protection of Intellectual Property (AIPPI)
  • Member of the Robotics Law Association (ADDR)
more less


more less


Show only
31 October 2019
Leg­al pre­ci­sion in pri­vacy, data se­cur­ity & data pro­tec­tion
17 July 2020
Schrems strikes again: EU-US Pri­vacy Shield in­val­id; Stand­ard Con­trac­tu­al...
A clash between US na­tion­al sur­veil­lance law and EU data pro­tec­tion stand­ards, which lies at the heart of Case C-311/18, Data Pro­tec­tion Com­mis­sion­er v Face­book Ire­land and Max­i­mil­lian Schrems (“Schrems...
EU Cy­ber­se­cur­ity Month: When a simple phish­ing click can severely harm...
25 May 2020
Bel­gian Data Pro­tec­tion Au­thor­ity provides new guid­ance on cook­ies
The Bel­gian Data Pro­tec­tion Au­thor­ity (“BDPA”) has high­lighted pri­vacy in the di­git­al en­vir­on­ment (in­clud­ing cook­ies) as one of its top pri­or­it­ies in the next five years. This is il­lus­trated by the...
Septem­ber 2018 News­let­ter
14 May 2020
Dead­line ap­proach­ing for no­ti­fy­ing CCTV cam­er­as to Bel­gian po­lice
The trans­ition peri­od for no­ti­fy­ing your sur­veil­lance closed-cir­cuit tele­vi­sion cam­er­as (“CCTV cam­er­as”) to the Bel­gian po­lice ends on 25 May 2020. Mean­while, the European Data Pro­tec­tion Board (“EDPB”)...
14 February 2020
Bel­gian DPA pub­lishes new de­tailed guidelines on dir­ect mar­ket­ing
The Bel­gian Data Pro­tec­tion Au­thor­ity (DPA) has just pub­lished its new Re­com­mend­a­tion for the pro­cessing of per­son­al data for dir­ect-mar­ket­ing pur­poses. Avail­able in French and Dutch, this 78-page doc­u­ment...
02 October 2019
Time to up­date your cook­ie con­sent and policy! CJEU says pre-ticked check­boxes...
On 1 Oc­to­ber, the Court of Justice of the EU (“CJEU”) rendered its judg­ment (Case C‑673/17) in a case con­cern­ing cook­ie-based trans­par­ency and con­sent. This rul­ing will sig­ni­fic­antly im­pact the...
31 July 2019
Us­ing so­cial plug-ins on your web­site? You and the so­cial net­work will...
On 29 Ju­ly 2019, the Court of Justice of the EU (“CJEU”) con­firmed that a web­site own­er that has em­bed­ded a third-party so­cial plug-in, such as Face­book’s “Like” but­ton, in­to its web­site may...
31 May 2019
First Bel­gian GDPR sanc­tion: DPA fines may­or EUR 2,000
On 28 May 2019, the Bel­gian Data Pro­tec­tion Au­thor­ity (DPA) an­nounced (avail­able in French and Dutch) the im­pos­i­tion of the first Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) fine in Bel­gi­um. A may­or was...
02 April 2019
EU Ad­voc­ate Gen­er­al gives In­ter­net cook­ie opin­ion that could im­pact data...
Ad­voc­ate Gen­er­al Ma­ciej Szpunar, a seni­or leg­al ad­viser to the EUs Court of Justice (CJEU), de­livered an opin­ion (Case C‑673/17) in a case con­cern­ing the ques­tions: should web­sites ac­tu­ally give users...
17 January 2019
Bel­gi­um's pri­vacy watch­dog pub­lishes guid­ance on the no­tions of con­trol­ler...
Re­cently, the Bel­gian Data Pro­tec­tion Au­thor­ity (“DPA”) pub­lished guid­ance on con­trol­ler and pro­cessor con­cepts (see ori­gin­al doc­u­ments in French and in Dutch), re­fresh­ing the dis­tinc­tion between...