Reference to trade secret outruled as a reason to deny access to voice recordings in Hungary

19.10.2022

The Hungarian data protection authority confirmed in a new case that the controller cannot block access to voice recordings by customers by referring to trade secret rules and highlighted the importance to correctly assessing the information in each case a customer exercises his right to access.

In this case a customer of a bank required the copy of the recording of his conversation with the customer service of the bank. The customer requested access to the copy multiple times, and the bank, after 1,5 months, only offered the recording on the condition that the customer signs an acknowledgement of receipt, which would state that the customer acknowledges having received the copy of the recording (before actually receiving the recording) and would not show the recording to anybody else besides his legal representative.

Upon the complaint of the customer the authority required further information on the handling of the case from the bank, which highlighted that the information on the recording was the bank’s trade secret and that the delay in answering the customer’s request was only due to an internal administrative mistake.

The authority, however, found that the bank did not even inform the customer on prolonging the original 1 month deadline for the answer and did not show any hardship delaying its answer.

The authority further highlighted that the bank could not have required signing an acknowledgement of receipt, since – besides identification of the customer – the controller cannot hinder the exercise of data protection rights. The authority did not agree with the bank about the recording being subject to trade secret rules and the related business interests of the bank. The communication in this case was conducted with the customer service and related to customer management, therefore it did not incorporate any confidential information that could be subject to trade secret rules.

 

Article provided by INPLP member: Kinga Madocsai (SimpLEGAL, Hungary)

 

 

Discover more about the INPLP and the INPLP-Members

Dr. Tobias Höllwarth (Managing Director INPLP)

What is the INPLP?

INPLP is a not-for-profit international network of qualified professionals providing expert counsel on legal and compliance issues relating to data privacy and associated matters. INPLP provides targeted and concise guidance, multi-jurisdictional views and practical information to address the ever-increasing and intensifying field of data protection challenges. INPLP fulfils its mission by sharing know-how, conducting joint research into data processing practices and engaging proactively in international cooperation in both the private and public sectors.