25 Greek and international organizations raise concerns to the Prime Minister and the competent Ministers regarding the Draft Law on the Prohibition of Access to Social Media for Children under 15 years old.
Since early April, when the government announced in a press conference its intention to ban minors under the age of 15 from accessing social media platforms, the issue has become the focus of intense public debate. Parents, educators, scientists, youth organizations, and technology experts have all presented arguments concerning the boundaries between protection, control, and digital freedom.
In the early hours of Tuesday, May 12, this discussion took on an official legislative dimension. The Draft Law on the Prohibition of Access to Social Media for Children Under 15 was uploaded to the European Commission’s TRIS platform, initiating the notification and international consultation process.
Just one week later, the reaction became collective. Twenty-five (25)* Greek and international organizations active in mental health, child protection, combating disinformation, digital rights, consumer protection, computer science, human rights, open technologies, and the institutional functioning of the rule of law joined their voices in a joint letter addressed to Prime Minister Kyriakos Mitsotakis and the relevant ministers.
The organizations’ intervention does not merely express general disagreement with the proposed measure. Rather, it presents an extensive and multi-layered 19-page critique addressing issues ranging from privacy and cybersecurity to compatibility with European law, the principles of participatory and evidence-based legislation, and the fundamental rights of children.
The Measure’s Scope Would Affect All Users, Regardless of Age
In their joint letter, the signatories warn that the planned “re-verification of age” would not apply only to minors, but effectively to all internet users in Greece, turning identification and surveillance into prerequisites for access to the digital public sphere. They argue that the mandatory use of age-verification tools and digital wallets could gradually erode online anonymity and fundamentally alter the nature of the internet itself by establishing “digital gateways” for every online service.
Lack of Transparency, Consultation, and Evidence
Particular criticism is also directed at the way the legislative initiative was advanced. The organizations refer to a lack of participatory procedures and the absence of meaningful consultation with scientists, institutions, civil society organizations, and even children themselves. At the same time, they express serious concern that, according to allegations, the recommendation of the competent committee of KESY, which reportedly viewed generalized bans with caution, was neither published nor apparently taken into account before the government’s announcements.
At the core of the criticism lies the proportionality of the measure. While the authors acknowledge the real risks associated with minors’ use of social media, they argue that instead of blanket restrictions, policies should invest in digital literacy, the education of children and parents, and the redesign of platforms themselves to limit addictive and exploitative mechanisms.
Socioeconomic Exclusion
The organizations also express fears that the measure could lead to social exclusion, affecting families lacking sufficient digital skills or access to modern devices. They further warn that minors may turn to unregulated platforms or circumvention techniques such as VPNs, ultimately exposing their personal data to even greater risks.
Communication Ambiguities and Legal Challenges
In even sharper terms, the organizations criticize the government’s public presentation of the regulation, referring to contradictory statements, ambiguities, and communication strategies that, they argue, obscure rather than clarify the true scope of the measure.
The authors note that while the Ministry of Health described the proposal as a “clear and coherent framework fully aligned with European law,” the same announcement admitted that further examination would be required to determine whether the measure could ultimately be implemented without legal conflicts with the European framework. According to the organizations, this contradiction is not merely a communication misstep but an indication of deeper legal uncertainty that could even lead to referrals to the Court of Justice of the European Union, delaying or weakening implementation.
The actual scope of the ban is also placed under scrutiny. As noted, the legislative initiative would not concern only large commercial platforms such as TikTok, Instagram, or Facebook, but, based on the definition contained in the European DMA Regulation, could extend horizontally to any “online social networking service,” including decentralized platforms of the so-called Fediverse such as Mastodon and PixelFed. The organizations emphasize that these platforms operate according to an entirely different philosophy, without centralized corporate control or algorithmic mechanisms that encourage user addiction, making their inclusion under the same regulatory framework problematic.
At the same time, the organizations question why video-sharing platforms such as YouTube are excluded from the regulation, despite being a core part of children’s daily digital lives and featuring similarly addictive content. According to the text, this distinction has not yet been adequately justified by the government, nor is it accompanied by quantitative or scientific data explaining the differentiation.
The legal argument concerning compatibility with European law is also extensive. The organizations argue that Greece risks introducing additional national obligations in an area already centrally regulated by the Digital Services Act (DSA), thereby violating the principle of uniform application of rules within the European digital market. As they point out, the DSA provides measures for the protection of minors, but not blanket age-based access bans enforced through mandatory identity verification.
The text further warns that imposing such a model could ultimately work against children’s interests by weakening pressure on platforms to make their environments safer and shifting the entire burden of protection onto user identification and exclusion. “The core model of the DSA concerns the management of systemic risks, not the prohibition of specific categories of users,” the letter states.
The organizations conclude that instead of adopting new measures of questionable effectiveness and high legal risk, the Greek state should focus on the effective implementation of the already existing European framework for the protection of minors and personal data—a framework which, they argue, remains insufficiently enforced against major digital platforms.
The joint statement closes with four key demands directed at the government:
- an open and inclusive public consultation process,
- publication of the KESY recommendation,
- full disclosure of the technical and legal opinions accompanying the measure, and
- the adoption of policies obliging platforms themselves to become safer for all users, not only children under 15.
The letter is available in both Greek and English.
The publication of the joint letter took place on Sunday, May 24, in an article by NEWS 247 and journalist Eftychia Soufleri.
The 25 organizations signing the letter are the following (in alphabetical order):
Yours sincerely,
- Asociația pentru Tehnologie și Internet (ApTI)
- Alternatif Bilisim
- Amnesty International – Greek Section
- Chaos Computer Club Karlsruhe – Entropia e.V.
- Danes je nov dan, Inštitut za druga vprašanja
- Defend Digital Me
- Digital Democracy Foundation
- Electronic Frontier Foundation
- EPAPSY (Association for Regional Development and Mental Health)
- epicenter.works – for digital rights
- Electronic Fronter Foundation
- European Digital Rights (EDRi)
- FactReview
- Hellenic Informatics Union (EPE)
- Hellenic League for Human Rights
- Homo Digitalis
- Initiative für Netzfreiheit
- In_contACT org
- IT-Pol Denmark
- Metamorphosis Foundation
- Network for Children's Rights
- Open Technologies Alliance (GFOSS)
- Research Institute for Regulatory Policies
- SHARE Foundation
- Union of Consumers “Quality of Life” (EKPIZO)
- Visible Machines – AI Research and Social Awareness Cent
*The Electronic Frontier Foundation and the Defend Digital Me co-signed the joint letter one day after its submission, as an expression of support for the initiative, specifically on 20 May 2026.
Homo Digitalis is an observer member of the new Council of Europe Committee CDNET
Homo Digitalis is proud to have been admitted as an observer organisation to the Council of Europe’s Steering Committee for New and Emerging Digital Technologies (CDNET)
Building on our previous participation as observers in the Council of Europe’s Ad hoc Committee on Artificial Intelligence (CAHAI) in 2020 and the Committee on Artificial Intelligence (CAI) in 2022, we look forward to strengthening our engagement in this newly established forum and further contributing to meaningful dialogue, collaboration, and policy development on emerging digital technologies.
Read more about CDNET here.
Participation of Homo Digitalis in the “Copyright & Access in the Age of AI” event in Cyprus.
Homo Digitalis is delighted to participate as a speaker at the event organised on Monday, 11 May, in Nicosia by Knowledge Rights 21, the Foundation for Parliamentarism and Participatory Democracy (House of Representatives – Parliament of Cyprus), and the Cyprus Association of Librarians and Information Scientists (CALIS).
Distinguished speakers will discuss issues relating to the use of Artificial Intelligence technologies by modern libraries. Through its presentation, Homo Digitalis will focus on personal data protection, the prohibition of discrimination, and the environmental footprint of the use of large language models.
We warmly thank Knowledge Rights 21 for the invitation and inclusion. Homo Digitalis will be represented by our Executive Director, Eleftherios Chelioudakis.
We look forward to welcoming you to our event, “Data, Rights & Power: In the Age of AI Hype”.
Next Thursday, 14 May, we look forward to welcoming you from 18:00 to 21:00 at the Athens Bar Association (60 Akadimias Street) for Homo Digitalis’s event titled “Data, Rights & Power: In the Age of AI Hype”! Admission is free and no registration is required.
During the event, we will present our 2025 Annual Report, highlighting the organisation’s awareness-raising activities, advocacy initiatives, and legal actions throughout the past year.
In addition, we will host three Fireside Chats, where we will discuss and exchange views with the audience on our work in the field of Artificial Intelligence, specifically:
Fireside Chat No. 1: The Hellenic Police Smart Policing Programme: Key Lessons from HDPA Decision 45/2025 – Commentary by Polyna Sini.
Fireside Chat No. 2: The Use of LLMs in Education: OpenAI’s Collaboration with the Ministry of Education – Commentary by Tania Skrapaliory.
Fireside Chat No. 3: Smart Traffic Enforcement Cameras: Implementation Status and Compliance Challenges – Commentary by Stergios Konstantinou.
The event is organised with the support of the European AI & Society Fund. The sessions will be moderated by Eleftherios Chelioudakis, Executive Director of Homo Digitalis.
We look forward to seeing you there to discuss Artificial Intelligence and the latest developments concerning the Digital Omnibus and Digital Omnibus on AI packages, as well as how these developments affect the national implementation of the AI Act.
Interview of Homo Digitalis with WIRED Greece on the ban on social media use by children under the age of 15.
Homo Digitalis was delighted to participate in the first edition of WIRED Greece magazine!
More specifically, in April we shared our views in an article by journalist Vasilis Tatsiopoulos regarding the proposed measure of the Greek Government on banning the use of social media by children under the age of 15.
You can read the article here.
We would like to thank the journalist for his interest in our work and activities. Homo Digitalis was represented by our Executive Director, Eleftherios Chelioudakis.
Smart cameras remain not fully operational, with delays in compliance with Law 5256/2025
Following relevant legal actions taken by Homo Digitalis, it has been revealed that the Unified Electronic System for recording and managing Road Traffic Code violations and fines (E.I.S.), established by Law 5256/2025 in December 2025, remains not fully operational, while there is also insufficient compliance with both the prescribed timelines and the legal obligations.
Road safety and the protection of all drivers, passengers, and pedestrians constitute an important objective. However, the manner in which the recently adopted legal framework is being implemented, as well as the installation and use of the relevant surveillance systems and their accompanying algorithms, creates challenges both for the accountability of the competent authorities and for the protection of everyone’s rights.
Numerous reports in print, television, and online media circulated inaccurate information for a prolonged period, claiming that the E.I.S. is not only fully operational, but also already capable of automatically imposing fines for violations such as mobile phone use, failure to wear a helmet, or failure to use a seatbelt while driving.
In February and March 2026, Homo Digitalis decided to make use of every legal instrument and all guarantees provided by law in order to ascertain the progress of the implementation of the E.I.S., and whether the timelines, as well as the adoption of the relevant ministerial decisions and cooperation protocols required by law, have been observed.
Specifically, on 24 February, we submitted a Request for Access to Documents to Mr. Ioannis Melas, Director of the Independent Service named “Road Supervision and Safety Systems Service (OD.Y.S.E.A.S.)” of the Ministry of Infrastructure and Transport. Through this request, we sought access to the data protection impact assessment and the algorithmic impact assessment relating to the pilot application, which, according to the Diavgeia website, appear to have been prepared. Furthermore, since well before the adoption of the legal framework—and in particular since 31/07/2025—a direct award had been published on Diavgeia to the company “EVR.ILEK LIMITED LIABILITY COMPANY” for the Development of a Pilot Information System for recording and analyzing traffic violation data, we also called upon OD.Y.S.E.A.S. to grant us access to this contract.
We also requested the Service, as required under Law 5256/2025, to inform us about the criteria and methodology on the basis of which the specific locations for the installation of the pilot system were selected, as well as the objective and technical criteria that led to the differentiation of the technologies used at each installation point (integrated radar for “Spot Speed” control, systems for detecting non-use of helmets, non-use of seatbelts, use of mobile phones while driving, as well as systems for recording red light violations, etc.).
Moreover, pursuant to Article 23(11) of Law 5256/2025, which provides that all technical and detailed matters concerning the protection of natural persons against processing carried out through the E.I.S. are to be regulated by a joint ministerial decision of the Ministers of Infrastructure and Transport, Digital Governance, and Citizen Protection, in accordance with Article 16 (Personal data protection issues), we requested that OD.Y.S.E.A.S. provide us with a copy of this Joint Ministerial Decision or, alternatively, inform us of the exact web address where it has been lawfully published. In addition, we requested information regarding the date of commencement of the system’s operation.
Finally, given that Article 23(12) of Law 5256/2025 provides that, by joint decision of the Ministers of Digital Governance, National Economy and Finance, Interior, Justice, and the competent Minister, following an opinion of the Hellenic Data Protection Authority, the operation of the E.I.S. under Article 4 shall determine: (a) the procedure for transmitting data to competent judicial, prosecutorial, and administrative authorities upon lawful request in the exercise of their duties, (b) the manner in which the controller informs the public that they are about to enter an area covered by installed or portable surveillance systems, the content of such information, and additional rights of data subjects beyond those already established under the General Data Protection Regulation and Law 4624/2019, and (c) any other specific or technical matter necessary for the implementation of Article 16, we requested to be informed whether the relevant opinion has been issued by the Hellenic Data Protection Authority.
However, OD.Y.S.E.A.S. tacitly refused to respond to the above request.
At the same time, on 27 February, we filed a complaint before Ms. Alexandra Rogakou, Governor of the National Transparency Authority (NTA), regarding the omission of significant transparency obligations by OD.Y.S.E.A.S. in relation to the pilot operation and use of the E.I.S. More specifically, pursuant to Articles 4 and 5 of Law 4961/2022, public sector bodies using artificial intelligence systems in decision-making processes or in support thereof, affecting the rights of natural or legal persons, are required to carry out an Algorithmic Impact Assessment prior to the system’s operation. Furthermore, under Article 6 of Law 4961/2022, such bodies are subject to transparency obligations, meaning they must publicly provide information on: (a) the date of commencement of the system’s operation, (b) the operational parameters, capabilities, and technical characteristics of the system, (c) the categories of decisions taken or acts issued with the participation or support of the system, and (d) the conduct of an algorithmic impact assessment. Based on the above, we called upon the NTA to examine OD.Y.S.E.A.S.’s compliance with these obligations.
On 23 April, the NTA officially responded to our complaint, informing us that, based on the investigation, the views of the competent service indicated that the joint ministerial decision of the Ministers of Digital Governance, Interior, Citizen Protection, and Infrastructure and Transport, which certifies the full operation of the E.I.S. and its necessary interconnections, has not yet been issued. Furthermore, the NTA sent a document to the competent service requesting information on the date of commencement of the system’s full operation, in order to assess, at a later stage and once the aforementioned certifying act is issued, the service’s compliance with its obligations.
In early March, a further request for access to documents was submitted by Homo Digitalis, this time to the Hellenic Police. According to Article 16(2)(b) of Law 5256/2025, within three (3) months from the entry into force of the law, the joint controllers are required to sign a cooperation protocol defining their relations with data subjects and their respective responsibilities for compliance with obligations arising from the GDPR. Under Article 49 of Law 5256/2025, the law entered into force upon its publication in the Government Gazette, namely on 8 December 2025. Therefore, the Hellenic Police, together with the other joint controllers, should have signed the protocol by 8 March 2026. This protocol is a crucial document, as it defines the relationship between joint controllers and data subjects, as well as their respective responsibilities under the GDPR.
However, the Hellenic Police also tacitly refused to respond to this request.
In conclusion, the implementation of the E.I.S., as established by Law 5256/2025, remains incomplete and is accompanied by significant shortcomings in compliance with the prescribed regulatory and organizational obligations. Homo Digitalis will continue its actions to monitor compliance with the applicable legal framework, in order to ensure both the effectiveness of the system and the full safeguarding of the rights of data subjects at the stage of its future full operation.
Homo Digitalis Press Release on the latest developments of the PREDATOR case
With this Press Release, Homo Digitalis expresses its deep concern regarding the compliance of the Greek legal order with the principles of the Rule of Law and effective judicial protection, in light of the recent developments concerning the investigation into the case of illegal wiretapping through the PREDATOR spyware.
The fact that the Prosecutor of the Supreme Court (Areios Pagos) reportedly retained the case file for twenty days without carrying out any preliminary investigative act, while also deciding to keep the case archived despite having previously been formally informed in writing by legal counsel representing victims of the PREDATOR spyware about both the existence of numerous critical documents and the imminent filing of at least six new criminal complaints by victims who have not yet appeared in the criminal proceedings, raises extremely serious concerns regarding the completeness and diligence of the judicial investigation and gives rise to intense legal and institutional concern.
This constitutes an unprecedented case, at the international level, of failure to investigate acts of espionage involving high-ranking state officials serving critical functions of the Greek State, including members of the Greek Government’s cabinet, as well as members of the leadership of the Hellenic Police and the Hellenic Armed Forces. These developments pose a serious risk both to national security and to citizens’ trust in public institutions.
Moreover, these developments are taking place during a particularly critical and institutionally fragile period, in which key independent authorities functioning as checks and balances — and which, in the exercise of their supervisory mandate, have previously brought significant aspects of the PREDATOR scandal to light, namely the Hellenic Authority for Communication Security and Privacy (ADAE) and the Hellenic Data Protection Authority (HDPA), remain without leadership.
The failure to meaningfully investigate acts that may constitute espionage and that concern high-ranking state officials and critical functions of the Greek State raises serious risks for national security and institutional stability. At the same time, the inability to fully clarify cases concerning the confidentiality of communications and the protection of personal data constitutes a direct threat to fundamental rights and undermines core principles of the Rule of Law and the administration of justice.
We are pleased to grant our auspices to the 16th Infocom Security!
It is a great pleasure for us to once again offer our support to InfoCom Security, a leading Conference & Expo on Cybersecurity.
Specifically, the event took place on April 29 & 30 at the Athens Conservatoire, and registration was free: https://www.infocomsecurity.gr/
Now in its 6th annual edition, it continues to serve as a hub for knowledge exchange, reflection, and progress, featuring keynote speeches, panel discussions, workshops, and the participation of leading organizations from Greece and abroad.
Congratulations to SmartPress S.A. and to Angeliki Nosti and Vlasis Amanatidis for the successful organization and collaboration!
