Hungary’s data protection authority is meant to protect citizens from abuse. However, European courts and institutions have raised questions about its independence when secrecy, surveillance, and political power intersect: is the watchdog truly independent, or just independent on paper?
Hungary’s National Authority for Data Protection and Freedom of Information (NAIH) serves as a key democratic safeguard, overseeing personal-data protection and supervising privacy compliance. Its structure appears solid, presenting itself as autonomous, with its president serving a nine-year term to shield it from short-term political pressure.
In Brussels and Strasbourg, doubts persist despite the authority’s formal status. The concern is not the existence of a data watchdog but its trustworthiness when state interests are involved.
An authority born under an independence cloud
The issues trace back to the early 2010s reshaping of Hungary’s data-protection system. In 2014, the Court of Justice of the European Union ruled that Hungary infringed EU law by prematurely ending the mandate of its previous data protection supervisor, challenging the independence required by European law.
The message from Luxembourg was clear: a government that can end a watchdog’s mandate prematurely does not have genuine independence. That ruling continues to cast a shadow over Hungary’s oversight framework.
The authority’s appointment model also invites scrutiny. The NAIH president is appointed by the President of the Republic on the Prime Minister’s proposal for a renewable nine-year term. Although this does not automatically indicate political control, it raises questions in a country where institutions have faced criticism over their executive power distance.
The Pegasus scandal changed everything
The Pegasus spyware affair escalated suspicion into a European credibility crisis. This involved allegations of intrusive surveillance against journalists, lawyers, and others linked to critical reporting or opposition. A European Parliament analysis summarized claims of potential surveillance targets in Hungary.
NAIH’s handling of the matter fueled mistrust in Brussels, prompting MEPs to ask the European Commission whether the Hungarian authority was “sufficiently independent”. Once the investigating authority’s credibility is questioned, the issue extends beyond data protection to democratic legitimacy.
The European Parliament’s response was sharper. It concluded that spyware abuses in Hungary were part of a broader pattern affecting media freedom and accountability. Although the criticism targeted the broader system, oversight in Hungary failed to reassure Europe.
Strasbourg has also exposed weaknesses in surveillance safeguards
Criticism comes not only from politics but also from the European human-rights system.
In Hüttl v. Hungary, the European Court of Human Rights examined Hungarian secret surveillance safeguards, revealing insufficient protection of fundamental rights.
This critique intensified in Klaudia Csikós v. Hungary in November 2024, where
Leave a Reply