Yesterday, Tuesday 14/11, we were present at the Plenary Session of the Greek DPA during which our case concerning the retention of electronic communications metadata and the right of access to them was discussed. Our Secretary, Eleftherios Chelioudakis, who is the Data Subject in this case, participated there.
In simple terms, metadata allows us to establish who spoke to whom, via which devices, when, for how long, and where the users were approximately located during their conversation. Therefore, metadata is not about the content of the communication but about all the other accompanying elements of the communication. All electronic communications providers in Greece are required to keep it for one year from the date of the communication.
The Court of Justice of the European Union ruled in 2014 that the retention of this amount of metadata for everyone, everywhere and always, constitutes a mass surveillance measure that allows for particularly accurate conclusions to be drawn with regard to the privacy of the persons whose data has been retained, and violates the EU Charter of Fundamental Rights, ruling Directive 2006/24, which allowed for this, as invalid.
However, the Greek State has not revised until today, almost 10 years later, the Law 3917/2011 that transposes this Directive into the Greek legal landscape, while as Homo Digitalis revealed in 2019 the relevant legislative committee that was asked to prepare a new draft law, an explanatory memorandum and an impact assessment on this matter ever delivered any work in the 5 years of its existence (2014-2019).
We look forward with great interest to the next stages of the process and have full confidence in the work of the Greek DPA.