GDPR is a game changer in European data protection law. It has brought revolutionary changes, the fundamental and complete transformation of the role of supervisory authorities, their proceedings and relationship with the judiciary. GDPR has radically raised privacyawareness across organisations of any kind and it is a radical breakthrough in data subjects’, data controllers’ and the courts’ beliefs and behaviours with regard to the importance of data protection. Hungarian data protection law has also come a long way, with a number of substantive, procedural and organisational changes. Nevertheless, the tendencies are clearly moving in one direction: due to the brutal growth of the data-based economy and services, the protection of personal data requires strong and effective powers. The development of data protection law in Hungary has already directed the organisational and procedural legal framework to an administrative-type model by establishing a more and more effective toolbox of corrective powers even before the GDPR. As regards the role of administrative justice in this process, the administrative judiciary in Hungary more and more actively claims a decisive role in the interpretation of data protection law. This process is far from over, on the contrary we are at the very beginning. The subject of this paper is to present the changes that have taken place in Hungary over the past 30 years, with special regard to the impact of the unified European data protection regulation. The analysis goes through the significant stages of data protection law and shows how the GDPR has generated developments in the powers of the supervisory authority.

See in detail: