The European Commission โ CJEU Judgment (European Union, 2026)
CJEU judgment โ not a DPA enforcement action
This is a Court of Justice ruling, not an enforcement action by a data protection authority. It is not included in cookie statistics or the Risk Calculator.
The Court of Justice ruled that Hungary's law restricting access to information about gender identities violated EU law. This decision matters because it protects the rights of individuals and ensures that laws comply with broader EU principles. It highlights the importance of balancing child protection with individual rights.
What happened
Hungary adopted a law that restricted access to information about gender identities and mandated public disclosure of certain personal information.
Who was affected
Individuals whose gender identity does not correspond to the sex assigned at birth, as well as those convicted of sexual offenses against children, were affected by this law.
What the authority found
The Court held that Hungary's law was incompatible with EU law, violating multiple provisions including those related to data protection and individual rights.
Why this matters
This ruling sets a precedent for how laws must respect individual rights while aiming to protect vulnerable groups. It serves as a reminder for lawmakers to ensure compliance with EU standards when drafting legislation.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The background In 2021 Hungary adopted "Law LXXIX of 2021 adopting stricter measures against persons convicted of paedophilia and amending certain laws for the protection of children" ("the amending law"). The law introduced a number of rules to restrict the access of minors to content portraying or promoting gender identities that do not correspond to the sex assigned at birth, sex reassignment or homosexuality. The law also introduced new rules for access to public documents, requiring public bodies to allow broad access to information about individuals convicted of sexual offences against children. The alleged purpose of the law was to protect minors. In 2021 the Commission sent a formal letter to Hungary contesting the amending law's compliance with EU law. After some unproductive back-and-forth, the Commission escalated the case to the CJEU, requesting the CJEU to declare the amending law incompatible with EU law. The European Commission filed four pleas, claiming that Hungary violated of a long list of provisions from primary and secondary EU lawThe Commission alleged the violation of Articles 1, 7, 8(2), 11 and 21 CFREU; Article 2 TEU; Article 56 TFEU; Article 3(2) of the Directive on electronic commerce; Articles 16 and 19 of the Services Directive, Article 9(1)(c)(ii) of the AVMS Directive; and Article 10 GDPR.. Only the Commission's fourth plea invokes data protection law- specifically, [https://www.europarl.europa.eu/charter/pdf/text_en.pdf Article 8(2) of the EU Charter of Fundamental Rights (CFREU)] ("Protection of personal data") and Article 10 GDPR ("Processing of personal data relating to criminal convictions and offences"). The fourth plea: Article 10 GDPR The alleged violation of the GDPR relates to the amended law's rules on access to information about individuals convicted of sexual offences against children. The law amended the "Law on the criminal record system" and made documents about sexual offences accessible to a broad audience. Under the
Outcome
CJEU Judgment
A judgment by the Court of Justice of the European Union, typically on a preliminary reference from a national court.
Related Cases (1)
Other cases involving The European Commission in EU
Details
Judgment Date
21 April 2026
Authority
Court of Justice of the European Union
GDPRhub ID
gdprhub-cjeu-9317About this data
Cite as: Cookie Fines. The European Commission - European Union (2026). Retrieved from cookiefines.eu
Last updated: