1. LAPSI 2nd Public Conference New Hungarian Data Protection and Freedom of Information Authority Tamás Kovács HUNAGI

2. Overview Latest PSI regulatory developments The new Authority The issue of independence Conclusions

3. Latest PSI regulatory developments Existing legislation: Re-use not treated as a specific legislative issue Access for re-use by means of FOI regulations Free of charge (only costs of copying) But: official registries regulated differently Requirements of the Directive not reflected Infringement procedure initiated last autumn

4. Latest PSI regulatory developments New data protection and FOI act Entered into force 1 January, 2012 Quite similar to previous legislation from PSI perspective Re-use not covered separately New institution: National Data Protection and Freedom of Information Authority Replaces the earlier Data Protection Ombudsman and Ombudsmans Office

5. Latest PSI regulatory developments New PSI re-use legislation proposed Separate act on re-use of PSI Official registries also covered Principles, requirements of the Directive reflected Remedies in the competence of the new Authority Status: discussions ongoing Planned adoption: spring 2012

6. National Data Protection and Freedom of Information Authority Replaces the earlier ombudsman Status: Autonomous regulatory organ Headed by a President Financial, personnel etc. independence safeguarded Budget controlled by Parliament directly President appointed by the President of Hungary on proposal of prime minister Strict incompatibility rules

7. National Data Protection and Freedom of Information Authority Competence Investigation procedure may be initiated by anyone, free of charge similar to procedure of earlier ombudsman if data processor fails to comply with the requests after the investigation: the Authority may issue a public report / initiate an authority procedure / turn to court Public report to draw public attention to the issue Authority procedure in case of greater exposure (e.g. wide scope of persons)

8. National Data Protection and Freedom of Information Authority Competence (cont.) Court procedure initiated by the Authority Confidentiality review procedure Registry of data processing Data protection audit

9. National Data Protection and Freedom of Information Authority Issue of independence Background: concerns regarding the new Constitution and related cardinal acts Infringement procedures initiated last week Issues: Current ombudsmans appointment ended prematurely (political background), no interim measures Possibility of dismissal by prime minister and president on arbitrary grounds Although no direct influence, the mere risk of indirect influence constitutes a breach of EU law

10. National Data Protection and Freedom of Information Authority System of remedies re: PSI re-use: Initiation of investigation by Authority Court review Planned competence of Authority Remedy against in merit decisions of public body Procedure according to the rules of investigation Extensive rights to examine the case (entry to premises etc.) At the end: call on public body to remedy the situation If not observed: may lead to ex officio authority procedure / court procedure No practical experience yet

11. Conclusions Adequate PSI re-use legislation: hopes for a change provide effective legal framework for re-use change public bodies attitude Authority: Independence should be safeguarded No experience regarding PSI re-use yet Make public bodies more aware of EU best practices State-driven projects needed to facilitate re-use