Mónika MERCZ: From the Privacy Act to the GDPR – A Brief Introduction

“Az Infotörvénytől a GDPR-ig” has been published in Hungarian by the Ludovika Egyetemi Kiadó (National University of Public Service) in 2021.

From the Privacy Act to the GDPR is an impressive volume of more than 270 pages and is the first of its kind in Hungary. It is a body of work which contains complex, easily understandable and transparent information regarding the changes in the relevant legislation and how these shifts in regulations affected the daily life and tasks of those working in this particular field of law. The aim of the volume is to present the events of the last decade from a data protection point of view, through the writings of eyewitnesses. Each of the authors of this handbook was a witness to important changes in the sectors they represent. The book sets out to provide an honest overview of an entire decade, focusing on its key steps. The volume is not a textbook with a desire to describe what is to be interpreted, what is right, and what is not right. Rather, it is a series of professional, scholarly studies. The text was written with the intention of avoiding dry and difficult language and concepts. It takes a look at the past, looks to the future, and takes inventory of all factors contributing to today’s regulation. In addition, it illustrates and explains broader concepts of change in the relevant legislation. It has the benefit of showing us different sides of the same issue as well as exploring a wide range of topics that have a connection to the overarching theme of the book.

The book opens with a foreword from former minister of justice and European Commissioner for Education, Culture, Youth and Sport, Tibor Navracsics. Altogether, the handbook has 16 authors. All of them provide a unique outlook on the events of the last decade, as they all come from different careers. Some of the authors are experts on data protection, working for the Hungarian National Authority for Data Protection and Freedom of Information (hereinafter: DPA), while others are attorneys, lecturers at universities, coworkers at firms or even work for the Hungarian Constitutional Court. Because of their diverse background, this body of work comprises many unique viewpoints and approaches, incorporating different personal and professional opinions.

The volume contains four main chapters, each of which is made up of several articles written by different experts of law.

Papers in the first chapter (“Institutional and regulatory changes in Hungary”) focus on the effect of the changes that took place in the last decade on different institutions. Viktor György Árvay reports on his own impressions of the changes that took place while he was working for the Hungarian DPA. His opinion is that reporting incidents involving privacy became a very useful innovation of GDPR. His suggestion is that the legislator should require an increased level of data security on the basis of a more precise set of criteria and a model provided at legislative level. This is necessary so that there is no significant difference in the quality of data protection when it comes to different companies and other processors of data.

Tamás Sulyok, Krisztián Villám and Gergely Deli co-authored a paper on how the events of the last decade shaped the Hungarian Constitutional Court’s practice regarding data protection. Their conclusion is that the need to limit the right to the protection of personal data must be examined in the conceptual framework of purpose and, in the context of proportionality, the implementation of additional data protection principles in a specific situation must be taken into account.

Gábor Dudás reports on the main findings of judicial decisions in data protection. He notes that, since the GDPR entered into force, data protection litigation has slowly become a separate area of law requiring special legal expertise. In addition, a kind of parallel has emerged with competition law decisions. This is also reflected in the fact that the decisions of the Hungarian DPA, like the decisions of the Hungarian Competition Authority, have become more and more market-regulating in their nature.

Papers in the second chapter (“The EU’s perspective on data protection”) describe the shifts in EU thinking about data protection. Péter Nikolicza writes about the one-stop-shop mechanism (a system of cooperation and consistency procedures designed to simplify the administrative process when it comes to data protection). The question the author poses is whether this mechanism is more beneficial to the complainant or to large companies processing data. He concludes that the application of the one-stop-shop is increasingly being pushed into the background, probably due to its complex application.

Katinka Bojnár recounts a rather important decision of the Court of Justice of the European Union and explores how it relates to data protection. As an employee of the Hungarian Authority for Data Protection and Freedom of Information, she was the one responsible for the Weltimmo case (Case C-230/14 of 1 October 2015). She reports not only on how the proceedings took place in this instance, but also how the case affected her personal life.

Lastly, Endre Győző Szabó, editor of this book and vice president of DPA, takes a look at how the regulations of GDPR can be applied from the point of view of the Hungarian DPA. He concludes that GDPR has created a new framework for the protection of personal data. To the question of whether the new model is successful or not, a clear answer cannot yet be given.

Papers in chapter three (“Global fault-lines on the fronts of technology, privacy and competition law”) unveil those events and trends that contribute to the unraveling of data protection rules on a global scale and necessitate answers. Márton Domokos addressed the Cambridge Analytica in a unique, practice-oriented approach. He believes that after the case, a number of positive changes have taken place: the data management information of the organizations has become much more transparent. Since the GDPR entered into force, cross-border data processing has had to be regulated in a cross-border way. However, the world of the Internet still requires new regulations and careful handling.

In the next paper, Dániel Eszteri asks questions and provides possible solutions regarding blockchain and artificial intelligence. His aim with this work is to start a discourse about the legal compliance of these systems in regards to data protection, as worrying developments have already appeared on the market.

András Tóth, vice president of the Hungarian Competition Authority, discusses the ups and downs of data monopolies. The purpose of his paper is to showcase the circumstances and shortcomings of the fight against these anomalies. He concludes that the Digital Services Act can only provide a higher level of protection for users’ data through competition law.

Chapter four (“The world of data protection experts”) contains much more personal accounts of day-to-day work with data protection regulation in different sectors. Balázs Révész and Péter Buzás discuss the work of both the Office of the Data Protection Commissioner and the Hungarian National Authority for Data Protection and Freedom of Information from the point of view of a data protection consulting firm. They believe that while a career in data protection has become more popular in recent years, the competition will motivate experts to improve their professional skills.

Gábor Dudás, appearing for a second time among the authors, discusses how GDPR impacted the work of attorneys. He predicts that a new group of attorneys will emerge, specialising in data protection.

Márton Domokos, in his second contribution to the volume, discusses how he himself experienced the effects of GDPR in his practice. In his opinion, not all data protection circumstances can be met, the real challenge is rather to continuously identify the right priorities.

Péter Báldy and Gábor Pataki reminisce about the education of data protection experts during the last decade. In light of the recent pandemic, they are of the opinion that data protection experts will be more and more needed in our largely online existence.

Closing this chapter, Sára Trócsányi provides a detailed journal about her experience during the Covid-19 pandemic. She mentions several cases where she sees the regulations of GDPR expanding to meet newer and newer expectations arising out of the continued use of the online space.

This body of work undoubtedly fills a niche in the market with its unique viewpoints regarding the happenings of the last decade when it comes to data protection. It is a handbook which is useful not just for experts but for anyone interested in learning more about the topic. While it is easy to understand, it provides the reader with an unmatched experience of gaining new and useful information. As a law student and prospective researcher who is interested in this field of law, I am extremely thankful that a volume like this exists. It presents current events and sheds light on the challenges of the situation in Hungary. The more subjective papers help us see how everydays of experts in this field of law are. With the help of this book, we get a better insight into the problems to be solved, which can inspire entire future research topics. I can wholeheartedly recommend this work to every fellow law student or PhD student who is interested in any aspect of the topics explored, as it is both educational and interesting reading material.

I would suggest that more works like this be written in the future, as this is how those on the outside can get a look into the specifics of the field. I especially appreciated how attorneys, judges and academics were all involved. This had the benefit of making the book diverse in its presentation. It opened the door for many topics to be explored in depth. The handbook is coherent in its overarching theme of exploring how the last decade changed data protection law in its entirety, but I would like to emphasize how it did not feel the need to explore the same exact issue from different sides. Rather, the book allowed all papers to showcase issues relevant to the specific authors, thus allowing the reader to get a little bit of everything from the issues relating to the Constitutional Court to the fight against data monopolies. This has the benefit of catching the attention of a wide audience, including everyone who can relate to even one segment of this handbook.

Overall, I have been convinced, both as a reviewer and reader, that the “From the Privacy Act to the GDPR” will be suitable for the purpose originally conceived by the editor.

Mónika MERCZ is a Hungarian fourth year law student at the University of Miskolc, currently in her last semester of an English Legal Translation Course. Mónika is the Secretary General of European Law Students’ Association (ELSA) Miskolc, a recipient of the National Higher Education Scholarship 2020, and is currently taking part in Aurum Foundation’s Mentoring Program. Having done several publications, her work mainly focuses on environmental law, constitutional law and data protection. She is a member of the Constitutional Discourse’s Editorial Board.

Lilla Nóra KISS: Lex Facebook or Tax Facebook? Options beyond the self-regulation of IT companies

Tech giants might cause headaches… Especially, when we attempt to think simultaneously with the heads of consumers, states and tycoons. This post intends to reveal some dimensions of regulating social media from a legal point of view, or to present the proverbial ‘windmill fight’ against seemingly unapproachable powers.

An unregulated social media environment can lead to interesting debates in many legal dimensions. The reason is that the topic is full of unclear definitions and opaque relationships of different actors. Let’s start by saying that the original purpose and function of social media sites is to connect members of the community and provide them multiple options to keep in touch. The spread of the internet has made it possible to share (and receive) information everywhere and any time. Social media sites became more and more widely spread and offered options for sharing news besides personal information, too. Therefore, the content of the platforms became extended. Thus, the supply has expanded. Human nature (especially our visceral curiosity about the lives of others) has created an ever-widening consumer market for these expanding services. So we can say that demand has also increased. The rapid pace of development and gaining market share has encouraged social media providers to change, provide more, even with an increasing number of specialized platforms. In addition, more and more features have been incorporated into the system, thus improving utilization and – by now,

psychologically proven – strengthening addiction in the daily lives of many people. This effect and the “phenomenon” of social media is well illustrated in the Social Dilemma documentary and in Disconnect.

All these developments have taken place in such a way that each concept has not been clarified or defined, and the (minimum) regulation that seems necessary has not been developed.

The strange situation is that the real concepts of service and consideration and the relationship of the seller the buyer and the product in the world of social media are unclear. I mean that (as Richard Serra put it in a 1973 radio show about television commercials reaching millions) when a product is free, the question arises as to whether we are the product. I believe that Serra’s statement about television advertising is exponentially true in the digital age.

The question shall be asked that if we (consumers, users) are the products, then who the seller is. A social media provider? If the social media sites do not sell, are they just mediate between the products (users) and the real seller(s)? Today, in an increasingly conscious society, it is perhaps no longer news that our personal data (and all the information associated with us) represent economic (monetary) value, it is considered a commodity. (See some thoughts on the surveillance capitalism by Shoshana Zuboff.) It is valuable that buyers unknown to us(ers) can get to know us, including our habits and decision-trends. By knowing us, they have the opportunity to influence us and our decisions via targeted ads, based on our browsing habits and history…

The scientific and social concern behind the analysis is that support the measurement of the behavior, the result could be dangerous as could affect the masses of people even in a cross-border manner. The free (unregulated) use of the know-how of manipulating millions via the internet and applications – such as the social media apps – is more than concerning…

If Artificial Intelligence serves and supports the understanding of the measured behavior of millions, it gives hardly controllable power to those who have control over that information (Big Data). Thus, the result could lead anywhere. As a simple conclusion, we might become a target audience (or – as you like – victims) without even realizing it. The advantages and disadvantages of direct marketing have been exploited by the science for decades. However, with the rise of social media sites, the traditional methods and techniques of direct marketing could make users (consumers) vulnerable with unforeseen efficiency. Especially nowadays, the effect is no longer just an incentive to buy, but even political manipulation. (Sorry, this option for fabricated reality reminds me on the famous movie Wag the Dog from 1997…) And finally, this option of manipulation leads us to the general legal and the constitutional dimensions.

Firstly, it can be seen that we can even get caught up in the clarifications of the concepts. In the context of data profiling, the issues of privacy and related data-protection concerns immediately arise. For example, the data and information we provide may be used (against us). If users of social media sites became aware that their data and profile were of serious property value and the social media sites profit off them, would they provide those personal data (at all)? If they were willing to disclose their personal data and other information knowing the above, would they do so for free? It is clear that the data have real economic potential. Could personal data be considered property? Anyone who knows the consumer (user) can reach him/her, regardless of whether the content is intended (needed) by the user or whether he/she intended to receive e.g. political messages. So, there are those who have an economic interest in learning about personal information or reaching targeted individuals of a specific profile. Thus, in addition to data protection, ownership issues may also arise – in particular with regard to the disposition of the subject matter of the property. While I’m sure that considering “data as a subject of property” opens Pandora’s box in legal thinking, this question cannot be avoided when we are talking about social media regulation(s)… The data protection dimension opens up privacy issues, in which context the right to disconnect that has also become an important aspect since the 2000s. The significance of the right to disconnect has increased especially in the changing work-life environment due to COVID-19.

Clarification of concepts is also important from a consumer-protection point of view. It is necessary to examine the extent to which users could be regarded as consumers. Here, the legal protection to which they are entitled, might be different. The measurability of influence, the protection of minors, and the tightening of the legal and ethical framework of consumer manipulation are particularly important. An essential accessory to both data protection law and consumer protection law is an appropriate level of information provided for the user/consumer. The appropriate level of information includes the liability of leaders to raise the awareness to vital information important to the public that may be understood as a basic need for consumers. The right to be informed shall be treated as minimum requirement of the service providers’.

The constitutional dimension mentioned above is relevant in several respects. On the one hand, users are not only consumers, but mostly citizens of certain states. Democratic states and legitimately elected leaders typically have responsibility for informing citizens in real time about matters of public interest. Here, of course, one can reflect on how information is provided and analyze (and evaluate) certain conceptual elements and levels of matters of public interest, but by abstracting from the questions of detail, perhaps we can examine the “phenomenon” of social media as a whole. By the term phenomenon, I want to express the elusiveness of the social media. Social media used to serve to facilitate getting to know each other and rekindle old relationships. However, by now, social media is playing an active role in providing information by allowing news to be published and shared (disseminated). Public involvement is also important in the active protection of citizens, especially certain vulnerable target groups (e.g., minors).

However, the involvement of the state and politics appeared in a completely different dimension as we might have imagined. Previously, information spread through the press and classical channels of media. By now, politicians and the state institutions became active users of social media. However, the legal framework was not tightened at the same time. In particular, the role of the sites in disseminating information has grown in importance over the last few years (see e.g. Trump’s election as president, migration, the Brexit referendum, the COVID-19 pandemic, and the Trump-Biden “election war”). The fact is that political actors and state representatives have become active users of social media in order to share information. Here, however, the basic legal requirements of liability are lacking. Who is responsible for the shared content? Who needs to verify the verity of the content? Who is responsible for spreading false (fake) news? A free press comes with state guarantees and strict accountability rules in our modern democracies. However, what about social media?

In addition to civil liability, misinformation and even its criminal consequences (e.g. incitement to possible crimes, incitement against the community, hate speech and other hate crimes) are also important regulatory considerations. The other side of the constitutional dimension is freedom of speech and freedom of expression. There are well-established civil law rules for this, determining the limits of freedom of expression (e.g., violations of the right to privacy). There are also criminal law frameworks that primarily address the categories of defamation and hate crimes.

It could be seen that there are substantive public and private law aspects of this topic. Constitutional law, criminal law, civil law, data protection, and consumer protection all allow for a legal assessment of possible regulation of social media.

In procedural terms, however, we face serious shortcomings. On the one hand, the cross-border nature of the phenomenon raises questions of competence: who is entitled to regulate social media and by what means, to what extent, with what personal-territorial-temporal scope and who is entitled to control the effectiveness of regulation, deal with possible abuses and, finally, how could the rules be enforced.

Could a global phenomenon be addressed with local (state or regional) solutions? The European Union is ready to regulate social media. The Member States agreed that the regulation of the social media is necessary. Some, including Hungary and Poland, have a stricter approach to the issue (see concepts of a so-called Lex Facebook). In parallel with the EU, the regulation, accountability, and controllability of social media in the USA is of public and professional interest. Social media (and other online services) have so far operated in slightly different way on the two continents due to the GDPR. For example, imposes significantly stricter rules on the processing of personal data than U.S. federal and state-level solutions. Fragmented legal solutions always raise dilemmas related to efficiency and powers (or the fear of them).

However, the question arises as to whether globally operating platforms can be judged and regulated at a regional level without compromising consumer rights. By the latter, I mean, for example, the consumer protection aspects of geoblocking, which also raise the theoretical question of categorizing citizens in terms of access to content.

From now on, another question to be asked will be whether the regulatory framework can be effective from the top-down or just bottom-up. There are many areas of self-regulation in social media and there are soft legal solutions for other digital companies as well. Recent political events have highlighted that these are not necessarily effective solutions, self-regulation is only a smoothing away of the conflicts that might arise without effective solution. However, forcing a regulation at the state level could be risky and the efficiency could be questioned due to the cross-border nature of the platforms. Are there tools for regulation that could be borrowed from other areas in an inclusive manner?

Could tax sanctions work (e.g. a kind of ‘Tax Facebook’ instead of Lex Facebook?)? In my view, taxation (by states) could be risky without a common European tax scheme for digital companies. This is a rough road that has been impassable for decades because of competence issues of the EU and the Member States. However, EU tax-rules on dotcoms would allow social media providers to be taxed on the part of states (or the EU) and sanctioned through tax instruments if they wish to participate in informing citizens (and citizens) about news of public interest. I raise the issue of sanctions along the lines of spreading dis- or misinformation… Financial instruments could force social media to pay tax on its income from the use of citizens’ data if the platforms want to become an active information- and content-sharing site (and not just a site for connecting people). This could be interpreted as poking Facebook and other social media instead of punching them with strict rules… However, this is difficult to achieve in a fragmented framework with different tax rules and rates in different Member States who do not want to harmonise tax rules due to sovereignty claims. The common tax issue, even if only in the digital field, leads us to constitutional dilemmas. The ​​division and transfer of competences/powers is a sensitive area of EU law. The Gordian knot could be cut through with a cheap Chinese solution: geoblocking on social media. With that we could say: “Mischief Managed”!

The problem there is that both the European and American systems are designed to meet the needs of consumers (in trade and politics, too). Modern politics wants not only to serve citizens in this regard, but also to use social media interfaces for information or even campaigning…

All this requires the development of common minimum standards in the areas indicated above, both in substantive and procedural terms. The regulation and the taxation of the companies are seemingly not the best possible solutions… Maybe new solutions could be borrowed from other fields, in an inclusive manner… Well, the clarification of concepts can be a good starting point in that change!

Lilla Nóra KISS is a counselor on EU legal affairs at the Ministry of Justice. Formerly, she has been a researcher and lecturer at the University of Miskolc (Hungary), Institute of European and International Law for five years, where she taught European Union law.

Lilla obtained her Ph.D. degree in 2019. The topic of the dissertation is the legal issues of the withdrawal of a Member State from the EU.

Her current research interests cover the legal dimensions of Brexit, the interpretation of the European Way of Life, and the Digital Single Market.

Márton SULYOK: “How to tackle IT?”

On the “state-big tech” debate in social media regulation

The title wishes to sum up the literal ‘it-debate’ (the IT-debate, if you will) of the century. Many international events starting up the new year provided inspiration for the below discussion of some of the legal and policy issues in this domain.

Let’s start in Hungary, where an end-of-January session of the so-called Digital Freedom Committee discussed unlawful practices of big IT companies, often also referred to as TAGAFA or the big five and their affiliates. (To accommodate the trend, I will just refer to them as “big tech” from now on.) Then February kicked off with a revelation by a domestic news outlet that by Spring the draft bill of the Hungarian “Lex Facebook” will be rolled out of the Ministry of Justice. (For now, the third wave of COVID-prevention seems to have intervened, but the prospect of such a law is very much intriguing, given the most recent developments in privacy protections regarding primarily the physical space, introduced through constitutional amendment no. 7., and the subsequent adoption of Act No LIII of 2018 on the protection of privacy)

Now, to understand where the debate regarding any state regulation of big tech companies and social media platforms owned and/or operated by them, let’s turn back the hands of time to about five years ago, to the United States. The Cambridge Analytica scandal – also involving Facebook – and its continuing ripple effects, leading up to the election of Donald Trump and the ensuing, and deservingly infamous, Mueller Report on the alleged Russian interference with the presidential elections relit the spark of the ‘Social Dilemma’, this time, in term of state “restraints” on traditionally self- regulating social media platforms and the big IT-companies behind them in the face of the free speech protections provided under the First Amendment.

Almost simultaneously, on the other side of the Atlantic, in cooperation with the European Commission, pioneering public commitments were undertaken by the big tech companies present at that time in the European market as part of a code of conduct to eradicate (broadly speaking) hate speech from their sites, leading up to its fifth evaluation cycle (2020). Every so often it might happen that political speech on these platforms incites hatred or communicate ‘fake news’, therefore it is all the more important that their corporate and state regulation be possible, mutually reinforcing each other in order to avoid further escalation and to impress upon the significance of prevention.

Rule-of-law checks (rather controls) on freedom of expression on social media however cannot fully slip out of the hands of the state and state institutions, because this would e.g. take away the possibility of legal redress against corporate actions or decisions taken or made in this regard. In this regard, renowned Hungarian media law and freedom of speech expert, Professor András Koltay said in an interview given to ICRP Budapest already in 2017 that “Google and Facebook have implemented their own separate “legal systems” that are quicker and more efficient than the legal system of any state; nevertheless, the decisions adopted by them are neither transparent nor subject to any procedural guarantee of the rule of law.”

Corporate and state competences in this sector are concurrent and also overlapping, thus becoming shared as well. The creation of the Facebook Oversight Board (FOB) is a clear example of this concurrence with state authorities. Tamás Pongó argues that functional similarities are apparent between the FOB and national constitutional courts, the ECtHR or even the US Supreme Court. He is definitely right in stating that where a market actor establishes an autonomous ‘quasi court’, a new era begins in the in limiting freedom of speech. The FOB may indeed be very similar in its function to a Supreme Court. Maybe this is why Juncal Montero Regules so cleverly identifies its decisions – in the context of hate speech moderation – as the “Marbury v Madison of platform governance” on Verfassungsblog. In her post, she also pointed out how the FOB failed to take into consideration the “nature and reach” of the posts examined, which – she argues – inform any decision about context. If we take a different approach to the context of these cases, the context of their reception and perception is also important. A recent Ars Technica article demonstrated that in 4 out of 5 cases the FOB ruled against the company’s decision, which might or might not be – as Regules argues in reference to the Board itself – part of “a PR exercise from Facebook”.

Whatever one may think about the eventual success or failure of the FOB, my previous argument that there is a concurrence – better yet competition – between corporate and state bodies to regulate social media still stands. We can see many more examples to this world-wide as well. In recent months and weeks, we had seen news reports regarding how states try and to some extent regulate the workings of social media and their big tech background – just consider the ban on the former US president’s accounts due to his involvement in the events at the Capitol on 6 January.

Poland has again made it into the crosshairs of public opinion when the deputy minister of justice, Sebastian Kaleta published an honest confession in Newsweek online about why he decided to regulate big tech companies. He referred to John Milton’s famous parliamentary speech Aeropagitica, in which the famous orator pleaded for freedom of the press of limitations imposed by the government in mid-17th century England. The Polish politician then addressed the gatekeeping function symbolizing control, which – he argued – is now (on the internet) no longer in the hands of the state but in those of big tech companies, and this is “the stroke that broke the camel’s back” leading to the Polish draft bill of the state regulation of social media. Based on what is currently known about the draft law (announced at the end of January) from secondary sources (available in English), without an actual legislative text to look at, is that it purports to establish a Freedom of Speech Council, of six members elected by the Sejm (with a 3/5 majority) for six-year terms from the fields of law and media. The Council is to be designed as a sort of appeals forum against decisions made by social media platforms and its proceedings and competences would be tailored to Polish national law. In other words, it would serve as a “reverse FOB”, a state equivalent of that body.

Based on all of these examples then the oh-so-often heard questions rings in the ears of everyone: quis custodiet ipsos custodes? Who watches who then? I had this in mind when I referred to the 2016 EU Commission code of conduct above. This EU initiative and its afterlife in terms of regulating the European digital market is not only important in and of itself. It is significant, because it has imprinted on Member State laws and legislative thinking as well. Germany, for example adopted their Act to Improve Enforcement of the Law in Social Networks in 2017 (which then entered into force in 2018), also called NetzDG, regarding which certain early caveats have also been voiced by Stephan Theil on Verfassungsblog.

As one of the gatekeepers of online freedom of speech, the European Court of Human Rights has many times decided in cases involving Hungary as well, evaluating national rules or their absence in this respect. In the Member States of the Council of Europe, also based on some of the above examples, we can see that the state answers to regulate online free speech platforms (especially social medias) and big tech companies behind them are manifold, but this is the situation is other parts of the globe as well. Everyone tries to cope with these new-found challenges as best as they can.

In Turkey, news reports warned that advertising activities of Twitter, Periscope and Instagram have been halted and their platforms affected by bandwidth and access-limitation, seeing as they did not establish or appoint a national contact office under legal obligations binding on them to do so adopted by Turkish legislators last October. Besides the above companies, Facebook only complied with these requirements at the end of January, after a longer period of resistance to do just that.

From Australia, news reports let us know that Google has taken blocking access to its search engine on a nation-wide scale in response to plans of a unique piece of Australian legislation (i.e. the News Media and Digital Platforms Mandatory Bargaining Code) requiring big tech companies to pay royalties for news content displayed on their platforms ‘taken’ from news agencies and services. According to information made public by BBClegislators of the “news code” have referred to Google’s monopoly as justification, the lack of its market competitors and to a government classification of the Google search engine as “near essential utility”. In response to this act, Facebook has banned news feeds in Australia on a nation-wide scale this past week only to lift the ban after a few days in what can be easily interpreted by an astute observer as a “show of force” to reach a deal with the government. Regardless, the law is before the Senate awaiting further debate during the coming weeks. In other news, we can also read that Google has already agreed to pay royalties to Rupert Murdoch’s News Corporation for content, so ‘mandatory bargaining’ already works to some extent. This last example is only tangentially connected to online free speech on social media platforms but – in the intended context of the proposed legislation (possibly to counter the spread of fake news (?) – nonetheless raises important questions regarding access to public interest information in the form of news. Quality, frequency and accessibility of news is what fundamentally shapes public opinion, and as such public opinion that is reflected on social media platforms based on these news.

Based on the above, the tug-of-war between state regulators and corporate giants is very much visible. Both sides want to dominate the online market of opinions. The century’s ‘IT’-debate however cannot be resolved by ‘mutually assured destruction’ in this field. It should much rather be approached by the creation of a fair and equitable balance between corporate self-regulation and state-imposed rules. To use a very chic turn of phrase in constitutional discourse on free speech, none of the two sides can be ‘captive audiences’ of the other, because if this should come to be, only freedom of speech would suffer the consequences.

In a constitutional legal sense, at least based on the practice of the Hungarian Constitutional Court, freedom of speech is not an absolute right, but as the so-called ‘mother-right’ of communication rights it shall only give way to very few rights. “Although the privileged place accorded to the right of freedom of expression does not mean that this right may not be restricted – unlike the right to life or human dignity which are absolutely protected – but it necessarily implies that the right to free expression must only give way to a few rights; that is, the Acts of Parliament restricting this freedom must be strictly construed. The Acts of Parliament restricting the freedom of expression are to be assigned greater weight if they directly serve the realisation or protection of another individual fundamental right, a lesser weight if they protect such rights only indirectly through the mediation of an institution, and the least weight if they merely serve some abstract value as an end in itself.” – argued the Court already in 1994, and these lines have a very familiar ring to them in light of current debates globally, but in Hungary as well.

When we address big tech issues, their cooperation with the respective states is a key factor, ensuring compliance. They shall not only have their users and employees comply with their internal governance norms. States, in turn, shall provide legroom for self-regulation and for CSR to penetrate into the domains of free speech checks, but with certain clear limits. Red lines need to be drawn, serving as gatekeepers of the gatekeeping functions for social media platforms and the big tech companies behind them. Traditional state controls of these forms of expression must not be allowed to be exclusively controlled by corporate interests, functions and forums, certain essential state functions in this realm shall remain, complemented by corporate tools to the extent necessary.

Márton SULYOK, lawyer (PhD in law and political sciences), legal translator. As a graduate of the University of Szeged, he has been working for his alma mater in different academic and management positions since 2007. He is currently a Senior Lecturer in Constitutional Law and Human Rights at the Institute of Public Law of the Faculty of Law and Political Sciences (Szeged), and the head of the Public Law Center at MCC (Mathias Corvinus Collegium) in Budapest. He previously worked for the Ministry of Justice in Budapest and has been an Alternate Member on the Management Board of the Fundamental Rights Agency of the European Union (2015-2020). E-mail: msulyok@mcc.hu