Challenges of condominium management, especially protection of personal data
(Zoltán Polgár1, Tamás Szádeczky2)
Professional in Data Security and Data Protection Law (1), PhD, docens(2)
National University of Public Service Doctoral School of Public Administration Sciences(1), National University of Public Service
Faculty of Political Sciences and Public Administration
Institute of E-Government(2)
The legal, organizational and IT challenges in the daily practice of the condominium communities are constantly changing. These changes are particularly important in Hungary because one fifth of the population lives in condominiums. Advances of information technology influenced these communities of condominiums and made them a leader for smart cities, but there is still work to be done. This paper analyses the market conditions and legal and economic constraints of condominiums. The focus of this article is legislative regulation, personal data protection and legislative surveillance. Data protection issues were analysed with empirical analysis.
Keyword: condominiums; dwelling; data processing; data protection
1. MARKET ENVIRONMENT
Since 1924, increasingly more dwelling-houses were built in order to meet the demands for condominiums. Within these buildings, some of the premises are suitable for dwelling, while some are not. The whole building consists of different types of condominium units and parts, some of which are not private units. The whole area is the basis for the calculation of the ownership share, and the private ownership share is based on the whole area as well, which determines the later discussed voting rights. Not all condominium units of the building will be private property during the condominium registration, as there are parts of the building that are joint property. “Ownership of the same thing, by specific shares, can be claimed by two or more persons.” . The list of joint areas and private areas is included in the building’s foundation document. The costs of the joint property are paid by the owners of the building. Joint property or jointly used areas occur in houses which operate as a condominium or in housing cooperative form. „A condominium is established when in a building at least two independent units for residential or non-residential purposes or at least one independent unit for residential and one for non-residential purposes defined in the bylaws and technically separated pass into the private ownership of condominium owners, whereas the building sections, building equipment, areas and flats, which are not owned individually, shall pass into the joint ownership of condominium owners.” 
The rules of joint properties are described by the following laws:
- Civil Code (Ptk.)
- Act on condominiums (Tht.)
- Act on housing cooperative (Lszt.)
The mentioned legal background forces the owners to decide during already the establishment, whose decision later determines the handling of data and the decision system. The system of building operation could be changed, thus a condominium could be changed to a housing cooperative and a housing cooperative to a condominium. Buildings, which have six or less condominium units, can decide during the foundation whether they want to operate the building according to Ptk. or Tht.
According to a study by the Hungarian Central Statistical Office  there are 1.3 million condominiums in buildings which consist of four or more flats. The operation of these buildings is the following, according to the Office: 75% condominium, 13% housing cooperative and the remaining 12% cannot be classified. The importance of the topic is also shown in the fact that approx. 40% of the Hungarian population live in residential buildings operated as condominiums.
Structural forms according to laws
|Operation of the building|
|Subtypes||6 or less than 6 units||above 7 units||–|
|Decision-making body||General meeting
Partial General meeting
|Representative||Condominium Board President
Organizational and operational rules (SzMSz)
Court of registration
Source: according to laws, own edition
As the first table shows, the main aspects of building operation are implemented based on a similar set of criteria. Thus, in order to facilitate understanding, hereinafter we will use the term ‘condominium’.
In summary, we can conclude that it is necessary to develop condominiums in order to ensure housing. Due to the high number of condominium communities, it is necessary to formulate recommendations for data protection principles.
2. ORGANIZATIONAL TASKS AND CHALLENGES
There are a number of organizational tasks, one of which is the election of representatives, which evolves into a collective administration because the representatives of the condominiums can decide which tasks to prioritize within the condominium. Representation of the condominium and in most cases also the administration is performed by the elected representative. Their election is performed at the general assembly, which is the main decision-making body . The knowledge and preparedness of the elected persons varies and thus so does the structural form of the representation.
Forms of authorized representation (administration of the community):
- Condominium Board President
- Condominium Board President not receiving remuneration
- Condominium Board President receiving remuneration
Syndicate: The owners could elect a syndicate which members will be some of the owners of the property. The syndicate should be composed by at least one president and two members. The legal status and responsibility of the president of the syndicate is equal with those of the Condominium Board President.
Condominium Board President: A person or an enterprise that is responsible for the administration related to the owners’ community. This position requires qualification . The qualification can be acquired by completing an OKJ (Hungarian educational form: NTR, National Training Register) training course and passing an exam. There are two types of OKJ exams that provide this qualification .
- Condominium Manager
(accredited qualification number: 52 814 01 0000 00 00)
- Property Management
(accredited qualification number: 53 814 01 0001 54 01)
The property management training is based on the condominium manager training and it gives a higher level OKJ training. Nevertheless, pertinent regulations provide exceptions in several cases from acquiring the qualification. Qualification is not necessary in the following cases:
- Syndicate not receiving remuneration
- Condominium Board President (as a natural person) not receiving remuneration
The necessity of the qualification thusly depends on the fact whether or not this counts as business activity.
With appropriate training there could be a higher quality of service provided, which is important because it is a major factor for condominium management. 
The representative activity may be performed by any person or entity, therefore by a natural person, a private enterprise, or a business association. The only requirement is that the appointed person shall have the appropriate qualifications.
Besides the business associations, state-owned enterprises also play a significant role on the market. These enterprises are mainly operating in the legal forms of Public Limited Company or Private Limited Company. The state-owned enterprises usually perform the proprietary representation of state units, but some of the enterprises carry out common/joint representation or condominium management activities as well. Thus we can conclude that the market of authorized common representation is diversified, involves multiple actors, and the qualification is not required in all cases. As Hung Ren Hsieh points out there are similar issues in the Taiwan condominium market. 
In addition to the authorized representatives of the owners’ community the committees should also be mentioned here, which have the right to control and monitor (e.g. Audit Committee and Supervisory Board.) For example, qualification is not required to be a member of the Audit Committee; however, one must be an owner in the building. The Audit Committee may monitor the work of the Condominium Board President, and control the community’s administration of finances. The Committee may give an opinion on documents underlying intended decisions, and can recommend the Condominium Board President’s remuneration.
In summary, the representatives of the owners and the qualification and motivation of the members of the committees are diversified. The decision of the qualified persons could be even modified by the controllers with remuneration; furthermore, the realization of the data protection principles is mainly based on the motivation and professionalism of the officers.
3. REALIZATION OF DATA MANAGEMENT
The administrative work of a condominium’s owner also includes data management . To perform the administration, it is necessary to manage the data of the occupiers (e.g. owners, tenants). The Tht. lays down the general guidelines of data management, but it refers mainly to the SzMSz (Organizational and Operational Rules) to regulate that. The SzMSz of the condominium may contain the list data to be provided by the owners (Tht. 22. §), but it is not obligatory. Among the before mentioned condominium entities (Condominium Board President, Syndicate, Audit Committee), it is mainly the Condominium Board that deals with data management.
Anyone might need access the files during the administration, in practice however, in most cases the members of the Audit Committee or the person responsible for auditing the accounts will check the data besides the Condominium Board President.
To manage personal data is necessary in order to reach the goals of the condominium. For this it is necessary to comply the commitments of the owners and to practice their rights. However, this is a thin line, as handling data which is beyond the aim of the community could constitute a criminal offense. There are other important moments in a condominium regarding data management. After the establishment of the condominium the person who becomes an owner by an agreement expressed by conduct accepts that the elected representatives of the condominium will manage his data. No implied contract is necessary for this. Furthermore, if the General Assembly agrees, the appointed person may get authorization for data management without the consent of the concerned person. In practice it is realized in keeping registry of residents. Usually it is the Condominium Board President who has the registry. Data that has not been announced by a joint proprietor cannot be handled by the Condominium Board President, even if the representative has gotten authorization by the Assembly. Data of the tenant or data regarding the number of people living in one condominium unit can only be asked by the representative, if it is to be used for calculating the cost of utilities. Data regarding the tenants must be announced by the owner. Data could be reported by the tenants as well, but in that case the data management will be not legitimate.
The process to replace the authorized representation is also worth noting. There are no respective provisions of the Tht. that could apply on how the replaced Condominium Board President shall verify that he no longer possesses the data that have been handled by him. There is no such obligation to prove in practice; thusly the data management of the leaving Condominium Board President is not under control.
In summary, nor the form requirement neither the actual content of data management of the Condominium Board President is regulated by Tht., it is different in each condominium. It varies depending on the general expectations of the owners’ community and the efficiency of the controlling persons. According to the laws in force, data protection and data handing rules is expected to be written by such communities, where not data protection specialists are predominating. Controlling the principles of data protection is almost impossible upon the replacement of the Condominium Board President.
4. RECOMMENDATION AND SUMMARY
Our working assumption was that most of the Condominium Board Presidents have internet access and email address. Most of the Condominium Board Presidents don’t have a website and they keep their records on paper. Our conjecture was also supported by a survey performed on a sample of 50 people. Condominium Board Presidents working in Budapest were asked via telephone about data management. All Condominium Board Presidents gave the unanimous answer to our questions was that the data handling and managing directives are not covered by the SzMSz. Only 3 out of 50 Condominium Board President used internet based registers, where the accounting and the data of the owners were not separated.
The rest of the asked 47 Condominium Board Presidents kept records of the accounting and the owners’ data separately in two different registers. The residents’ registry was kept in an Excel file and the accounting data in a software purchased for particularly this purpose. The data was delivered to the owners in their mailbox or via post. The empirical experiences point out that the Condominium Board Presidents answer questions via email even if those refer to the legal relationship of the tenant and the condominium (e.g. the tenant needs to pay the public utility charges). This is causing concern, since in many of the cases the identity and the authorization of the person requesting the data cannot be identified. One can get familiar with a family’s financial status and spending pattern by being granted access to the data possessed by the Condominium Board President.
We have participated in several general assembly meetings, where the experiences confirmed that the Audit Committee, by virtue invested in it, wants to access all the data, even though there are data (e.g. details of demand notes) which should not be accessible for the Committee. These are mainly data that are not allocated to the Committee by the SzMSz. There were cases when the Audit Committee wanted to direct and instruct the Condominium Board President, which resulted in a conflict involving multiple parties.
In summary, we wish to highlight the following topics that are relevant from our point of view:
- Structural form is different in each condominium.
- The most common representation is in the form of a Condominium Board President who is receiving remuneration.
- Most of the Condominium Board Presidents stored the data of the condominium and its owners on their personal computer – without any special precaution (e.g. password).
- Data was managed in some type of spreadsheet application programme.
- None of SzMSz contained any data protection rules in the case of the asked Condominium Board Presidents.
- All of the asked Condominium Board President had internet access and email address.
- The Condominium Board Presidents used mailing list for maintaining contact with the owners.
- In most (8 out of 10) cases during the aforementioned method of contact, the addresses were not in blind carbon copy, thus the email addresses of other owners became exposed.
Conclusion: we shall strive to to spread a modern data protection approach in the case of condominiums’ data management . The use of Privacy by Design principles  could be the basis of this modern approach.
Relationship of principles and condominiums for the sake of data protection
- Proactivity instead of reaction – prevention instead of remedy:
Standardized data protection regulations need to be created either as part of the SzMSz of the condominiums or separately from that. Acknowledging these rules shall be verified by signature.
- Default data protection:
The SzMSz should contain the method of internet or paper based data collection and management. Mailing lists shall be handled by the persons appointed by the general meeting of the condominium.
- Incorporating data protection during planning: Incorporating data protection aspects within the accounting and data register programmes, and preferring such programmes upon electing a Condominium Board President.
- Absolute functionality:
Any additional workload that may occur due to the data protection compliance, shall be remunerated, thusly promoting and win-win situations.
- Protection for the whole lifecycle:
In the case of condominiums, the lifecycle of the data is longer then the time representatives spend in position. It shall be a vital component that the data is the property of the condominium and it is not that of the Condominium Board Presidents or the companies that are dealing with the representation.
- Visibility and transparency:
Data dealing with the condominium’s administration of finances shall be available and understandable for everyone.
- Respecting the residents’ privacy: „Privacy by Design principles clearly requires the controller to keep the most important privacy interests involved using with strict privacy regulations, appropriate signals and user-friendly solutions” 
In summary, we can conclude that the interest of the condominiums’ owners is to either establish the data protection rules of the condominium (TASz) or that it should be a mandatory condition of the SzMSz. The community of the owners of the condominium could thusly help enforcing the regulations of the Act on the Right of Informational Self-Determination and on Freedom of Information. 
In good working communities it is easier to solve the different interoperability problems; these communities provide a good basis for the different types of „smart-“ programmes.
- Hungarian Civil Code (Ptk) 5:73. §
- Hungarian Civil Code (Ptk) 5:85. §
- SÁGHI, G.: Lakásviszonyok az ezredfordulón. (Dwelling status in the millennium) Budapest, KSH, Budapest, 2005.
- Hungarian act CXXXIII of 2003 on Condominiums (Tht.) 27 § (1)
- 52. §; 53. §; 54. §; and 55. §
- 50/2012. (VII. 6.) Govt. decree
- KUO, Yao-Chen (Jui-Sheng Chou).: Enhancement of condominium management based on the effect of quality attributes on satisfaction improvement. Expert Systems with Applications, Volume 39, Issue 5, April 2012, Pages 5418-5425 DOI=http://dx.doi.org/10.1016/j.eswa. (2011.11.04)
- HUNG, Ren Hsieh.: Issues and proposed improvements regarding condominium management in Taiwan. 2009, Habitat International, Volume 33, Issue 1, January 2009, Pages 73–80 DOI=http://dx.doi.org/10.1016/j.habitatint. (2008.05.02)
- 27. §
- 3. §
- BALOGH, Zs. Gy, KISS, A., POLYÁK, G., SZÁDECZKY, T., SZŐKE, G. L.: Technológia a jog szolgálatában (Technology in the service of law), Debrecen, Pro Futuro, 2014/1
- CAVOUKIAN, A.: Privacy by Design. 7 Foundational Principles. Ontario, 2013.
- Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information