Increasingly, and almost always without social debate, facial recognition systems are being used by states to monitor and track their citizens. Inadequate regulation violates fundamental rights, while technological inaccuracies reinforce discrimination. On Data Protection Day, the International Network of Civil Liberties Organizations (INCLO) published its report summarising international experiences, in cooperation with the HCLU - as the problem also affects Hungary.

Recently, the Hungarian Civil Liberties Union (hereinafter: HCLU) has represented multiple media outlets in GDPR based civil and administrative procedures in which the right to data protection was invoked to repress the freedom of press.

Human rights organizations in nine EU countries, members of the Civil Liberties Union for Europe (Liberties) network, are simultaneously filing freedom of information requests to their national authorities regarding the new contact-tracing, symptom-tracking and quarantine-enforcing applications introduced to control the spread of Covid-19.

Regarding the history of the case it is important to note that in April 2014 the Court of Justice of the European Union (CJEU) declared invalid the Data Retention Directive that unified the time frame of the retention of selective data by Internet and telephone services and determined the accessibility of data by authorities in the member states. According to the decision, the directive had exceeded the limits of proportionality concerning the right to privacy and protection of personal data, as it failed to establish guarantees that counterweigh such limitations. Despite the annulment of the directive, the Hungarian act allowing data retention still remained in force. The Hungarian Civil Liberties Union (HCLU) started litigation against Telenor in order to force the Hungarian Constitutional Court (CC) to repeal the unlawful act.

The institutions of the European Union are completing a reform of Europe’s Data Protection framework. Recognising the huge significance of the reform, the European Commission made an unequivocal promise when it launched the process. As an “absolute red line”, the level of protection of individuals’ data would not fall below existing levels. However, leaks show that this promise is not being kept. Sixty-six NGOs from the European Union, North, Central and South America, Africa, Asia and Australia have joined forces to ask for a confirmation from European Commission President Jean-Claude Juncker that the promise will be respected.

“We write this letter with one simple question – will you take responsibility for ensuring that the Commission's legal and political promise will be kept?”

In April 2014 the Court of Justice of the European Union (CJEU) declared invalid the Data Retention Directive that unified the rules of the retention of selective data by Internet and telephone services and determined the accessibility of data by authorities in the member states. Despite the content of the judgment, the Hungarian act allowing data retention is still in force. In October, 2014 the HCLU started litigation against two major service providers in order to force the Hungarian Constitutional Court (CC) to repeal the unlawful act.