The European Data Protection Board (EDPB) which oversees the application of data protection rules has raised concerns over the Hungarian government’s suspension of GDPR. At the end of March, emergency powers were passed by the Hungarian government due to the lockdown. As part of that plan, the government suspended some of the obligations within GDPR.
EDPB Chair, Andrea Jelinek said,
I am personally very worried at the suspension of several articles of the GDPR by the Hungarian government.
Rights of access and rights of erasure to personal information are among the articles the government has put on hold. Under the GDPR, people have the right to request access to their personal data or request for their data to be deleted. These are no longer viable under the new law. In addition, the obligation for authorities to inform people when their personal data is being collected has also been relaxed. The legislation also allows people to be detained or jailed for spreading false information about the virus.
The suspension of GDPR has raised alarms over what emergency powers mean long term for Hungarians. Approved as part of the response plan to coronavirus, the powers give the ruling party and Prime Minister Viktor Orbán the right to rule by decree without a set time limit.
In Mid-April, the European Parliament issued a statement declaring that the new measures were “incompatible with European values.”
As the current prime minister’s party controls two-thirds of the parliament, it remains to be seen whether the legislation can even be challenged in the future.
Following a plenary session, the EDPB said the following in a statement,
The mere existence of a pandemic or any other emergency situation alone is not a sufficient reason to provide for any kind of restriction on the rights of data subjects. Rather any restriction must clearly contribute to the safeguard of an important objective of general public interest of the EU or of a Member State.
However, it is apparent that across the world some countries are taking advantage of the crisis to restrict data rights and expand surveillance powers. Covid-19 seems to have provided an opportunity for governments to increase surveillance powers and introduce legislation which silences and threatens opposition. Efforts focused on tracking the spread of the virus such as smartphone tracking has also led to a massive collection of personal data.
For example, in the Philippines, President Rodrigo Duterte passed an Anti-Terrorism bill which gives authorities powers to arrest people and conduct widespread surveillance. Whilst Cambodia’s emergency bill has given Prime Minister Hun Sen increased powers such as the ability for unlimited surveillance of telecommunications and complete authority to restrict freedom of movement and assembly.
But the permanent impact of coronavirus on global attitudes towards data protection and privacy remains to be seen.
Kazient Privacy Experts offer bespoke Data Protection, Privacy and GDPR compliance solutions in a language you understand to UK and international organisations, and has received positive media coverage across Europe. Kazient’s GDPR consultants are fully certified to be your outsourced Data Protection Officer or EU Representative. Get in touch to find out how we can help your business by visiting our website www.kazient.co.uk or calling us on 0330 022 9009.