The Hungarian Data Protection Agency Raids Scientology Offices

Source: official announcement of the Authority, Part 1 and Part 2 (Hungarian)

The Hungarian National Authority for Data Protection and Freedom of Information Has Launched an Investigation into the Data Processing Practices of the Scientology Religious Association of Hungary

The investigation procedure of the Hungarian National Authority for Data Protection and Freedom of Information was prompted by complaints filed by various individuals. According to these reports, data subject’s rights were violated by the data processing practices used by the Association. The purpose of the official procedure is to ascertain whether the data processing practices of the religious association are in compliance with Hungarian data protection regulations or not.

Citizen complaints were filed at the Authority, in which the submitters shared their own experiences about the Association with the Authority, and asked for assistance in protecting their personal data.

According to one of the applicants, he was happily accepted into the organization when he originally joined it and they helped him during a difficult period of his life. In the course of that, he shared certain personal information with them, which was only known to his closest friends.

A few years later, the complainant decided to leave the organization and asked the Association to release the files kept on him. His request was denied. Additionally, he expressed his concerns about severing his ties with the organization, i.e. he thought that these very sensitive pieces of information, which were recorded in writing, could be used against him. His fears were strengthened by the fact that malicious use of that data could destroy his livelihood and disrupt his family life. He felt defenseless as his request was denied, and consequently he was too afraid to leave the organization.

According to the regulations concerning the protection of personal data, the data manager shall provide access to the documents and records kept on someone when he/she submits a request for that.  As a general rule, if a person requests the deletion of data recorded with his consent, then it cannot be denied.

As part of the investigation launched by the Authority, an on-site inspection was conducted at the central Budapest offices of the organization, as well as at its mission in Nyíregyháza. In the course of the inspection, the Authority seized electronic data storage devices and paper-based documents. The Authority shall inform the public about the results of its investigation.

Budapest, 10 December 2016

Dr. Attila Péterfalvi