The Hungarian National Authority for Data Protection and Freedom of Information (NAIH) has published its official report for 2024, which highlights the fact that digital data protection is more important than ever.
Record-High Case Numbers and Substantial Fines
In 2024, the authority registered a total of 13,054 new cases. Combined with the 2,568 ongoing cases from previous years, NAIH handled 18,190 cases in total—well above the workload of 2023.
The crackdown on data protection violations was also significant: the NAIH imposed data protection fines totaling HUF 355 million (approx. €910,000), highlighting the growing importance of data protection compliance.
Surveillance Systems Under Scrutiny
A major focus this year was the use of surveillance camera systems, for examplein banks, workplaces, and hospitality settings.
One Hungarian bank, for example, was fined HUF 60 million for unlawful use of surveillance cameras in its branches. Following the decision, the bank updated its data protection notices and replaced its previous pictograms.
In another case, a security company came under fire for disproportionate surveillance of employees not in line with the purposes of data processing, including monitoring workstations and computer screens. A hospitality company was also fined for installing cameras in employee rest areas—an outright violation of privacy regulations.
These cases demonstrate how crucial it is to ensure that surveillance systems comply with data protection laws—including well-drafted privacy notices, visible warning signs, internal policies, and legitimate interest assessments. The viewpoint of each camera must also be considered carefully to ensure the surveillance is proportionate with regard to the purpose of monitoring (e.g., property protection, safety, trade secret protection).
AI and the Future of Data Protection
A remarkable development in 2024 was NAIH’s increasing focus on artificial intelligence (AI) and its implications for data processing. The authority has even established an internal AI lab to enhance its expertise and oversight.
This initiative aims to prepare for the practical application of the new EU Artificial Intelligence Act (AI Act) alongside the General Data Protection Regulation (GDPR). More focus will likely be put on AI systems handling personal data as well as relevant privacy documentation, internal rules, and impact assessments—ensuring both legal and ethical compliance.
Bottom line:
The 2024 NAIH report clearly shows that data protection isn’t just a legal obligation—it’s a business and societal responsibility. Whether it’s about surveillance cameras or artificial intelligence, the authority is ramping up enforcement efforts to help keep our personal data safe.
Image source: https://unsplash.com/photos/person-holding-smartphone-0VGG7cqTwCo
