On 18 February 2019, Homo Digitalis submitted a proposal for an amendment to the Draft Law on Personal Data Protection, implementing the General Regulation (EU) 2016/679 and incorporating Directive 2016/680/EU.

Specifically, Homo Digitalis proposed the inclusion on the Draft Law of the provision article 80, paragraph 2 of the GDPR. The provision provides that the described non-profit bodies regardless of any conferment by the data subject, meaning without his command, could:

-have the right to lodge a complaint with the supervisory authority (DPA in Greece)

-have the right to effective judicial redress against a legally binding decision of the supervisory authority (DPA in Greece)

-and have the right to effective judicial remedy against a controller or processor.

We consider that the adoption of the provision of GDPR Article 80, paragraph 2 is particularly important for non-profit bodies in Greece, as Homo Digitalis, to act as enforcement bodies and guards for the strict implementation of the law for personal data and to defend the rights of the data subject. The financial crisis that plagues Greek society in recent years, makes it particularly difficult and unsustainable for citizens to bear the cost for claiming their rights. Therefore, the paramount protection for data subject’s rights from abuses of natural and legal persons will be achieved through the establishment of rules that enable, under the EU legislator’s recommendations, non-profit bodies to act independently and without being subject to the need for relating assignments and mandates.

It is recalled that Homo Digitalis had submitted an open proposal on 20 April 2018, addressed to all Members of the Greek Parliament.

The proposal was notified to the President of the special regulatory Committee for the draft law on the implementation of the General Data Protection Regulation (GDPR) and the incorporation into the national law of Directive 2016/680/EU, Mr. P. Filopoulos, and the members of the committee, to the President of Greek Parliament, Mr. N.Voutsis, and to the Minister of Justice, Transparency and Human Rights, Mr. M.Kalogirou.

We are very optimistic that the proposal of Homo Digitalis will be seriously taken into consideration and the provision of paragraph 80, paragraph 2 will be incorporated in the final draft law.

You can read the proposal of Homo Digitalis in Greek here.

January 28 has been established as the European Data Protection Day by the Council of Europe. The members of Homo Digitalis created a video explaining what do personal data mean for them.

Introductory meeting between Homo Digitalis and the Greek Data Protection Authority

Homo Digitalis had the pleasure of meeting the representatives of the Greek Data Protection Authority. Present at the meeting were the Chairperson of the Authority Mr K. Menoudakos, also Mr V. Zorkadis (Director of the Secretariat) and E. Athanasiadis (Communication Manager). Homo Digitalis was represented by E. Vamvaka, Mr K. Kakavoulis and Mr E. Mandrakis.

We discussed the broader context of the personal data protection and privacy in our country and in particular the results of the first period of application of the GDPR and the compliance of Greek stakeholders with it.

We also turned our attention to the feedback that the Authority receives from the citizens regarding the protection of their personal data. We acknowledged the importance of the Authority’s mission and the relevant challenges and we consider necessary the reinforcement of the Authority with the requisite human and economic means.

The Authority applauded the presence of an NGO, which occupies with the protection of digital rights and can reinforce the dialogue within civil society and emphasise their importance in Greece. Both sides sought possibilities for cooperation directed to the enhancement and protection of these rights.

Homo Digitalis supports the important work carried out by the Data Protection Authority. We are optimistic that our action and through continued cooperation we will contribute to its mission.

On November 15, 2018, the draft law on “Responsibilities of airline companies regarding PNR data – adaptation of the legislation with Directive (EU) 2016/681” was submitted to the Greek Parliament.

Homo Digitalis submitted an open letter on November 27, addressed to all the Members of the Greek Parliament; this letter was meant to call their attention to this draft law, which does not provide for adequate protection, according to the requirements set by the Court of Justice of the European Union (CJEU) with its Opinion 1/15, dated 26 July 2017, on the EU-Canada agreement regarding PNR data.

It must be noted that this data may reveal the movement pattern of a person, such as travel time, departure location and destination, his/her email address and postal address, as well as the persons travelling with him/her, but also other relevant data, such as hotel reservations; all these reveal information for work or personal transportation, but also the social interactions of a person, including friends or partners.

Homo Digitalis underlined that:

1. 1. The national “PNR data Unit” must be an authority responsible for the prevention and prosecution of terrorist and serious crimes or part of such an authority.
   2. There is no provision for a system, which will record access to the PNR data
   3. There is no provision for judicial control prior to the grant of access to investigation and other authorities
   4. The time for which PNR data is maintained exceeds the absolutely necessary timeframe
   5. The PNR data of underage persons, which are transmitted, must be described in a clear and precise manner
   6. The PNR data transmitted must not reveal religious beliefs or health information of the passenger

You can read the whole letter in Greek here.

Today, Monday 21 November 2018, ApTI, Privacy International, EDRi and 15 more digital rights organizations, including Homo Digitalis, sent a letter to the European Data Protection Board, notifying also the Romanian Data Protection Authority and the European Commission.

The reason for this letter is the abuse of the data protection law provisions, in order to unveil the journalistic sources behind the RISE Project in Romania. This project aims at shedding light into corruption and money laundering cases. With this letter the organizations request that the abuse of the GDPR provisions comes to an end, since it puts into risk the freedom of the press in Romania.

Learn more here and read the letter here.

“Dear Mark Zuckerberg:

What do the Philadelphia Museum of Art, a Danish member of parliament, and a news anchor from the Philippines have in common? They have all been subject to a misapplication of Facebook’s Community Standards. But unlike the average user, each of these individuals and entities received media attention, were able to reach Facebook staff and, in some cases, receive an apology and have their content restored. For most users, content that Facebook removes is rarely restored and some users may be banned from the platform even in the event of an error.”

This is how the open letter to Facebook’s CEO from the part of 80 organizations worldwide begins. Among them are the most prominent digital rights organizations. From the part of Greece, the letter was signed by Homo Digitalis.

With this letter, we asked Facebook:

– To create and implement a mechanism through which the users of the platform will be able to appeal against content moderation decisions,

– to re-review the content, which has been removed, by a human, rather than an algorithm, when an appeal is launched against such removal,

– to give clear, detailed and personalized justifications to each user regarding the reasons why his/her content was removed,

– to inform the user on his/her right to appeal such a decision, 

– to publish regularly transparency reports regarding the implementation of its Community Standards.

With more than 2 billion users, Facebook is the biggest communication platform worldwide. It is normal for some of the decisions regarding content moderation taken either by Artificial Intelligence systems or by the human personnel, to be wrong.

The users must be safeguarded from such potential faults and must have the right to request re-review when their content has been removed.

The full letter can be found here.

On the 8th of November a conference on “Facebook and other social dangers” took place in the European Parliament. The conference was held by the parliamentary committee of the Greek member of the European Parliament, Mr. Stelios Kouloglou. Homo Digitalis was invited by Mr. Kouloglou and was represented by Anastasia Karagianni.*

The presentation by Homo Digitalis focused on hate speech and child protection on the Internet.

Specifically, in the first place we developed the definition of the hate speech and the ranges that it is based on. Subsequently to mentioning the European legal framework on constraints of the hate speech, we accentuated the role of the European Union. In particular, the Members of the European Parliament have undertaken considerable action by appealing to the European Commission for the creation of a European mechanism, which will promote legislative measures with the aim of an improved privacy regarding children’s personal data.

Despite the fact that children are considered as ‘digitally educated’, they do not possess the indispensable mechanisms for their self-protection on the internet, such as the spam exclusion and critical evaluation of the content they get in touch with. The necessity of parental consent, albeit essential for children’s protection, is, in specific occasions, in conflict with the children’s involvement in decision-making.

Among the renowned speakers, Cox Leonard, Qwant’s Vice-President for International Relations, kindly thanked Homo Digitalis for mentioning Qwant Junior as an alternative child-friendly web search engine.

In addition, the member of European Parliament Cornelia Ernst deemed significant our reference to children’s consuming relation with the social media and the necessity to protect their privacy.

In conclusion, we would like to express sincere thanks to Mr. Kouloglou and his team, who invited us as Speakers and gave us in this way the opportunity to broach the matter of children’s digital rights in social networks.

* Anastasia Karagianni is a lawyer with expertise in children’s digital rights. She is a member of Homo Digitalis and co-Creator of ChildAct with the aim of protecting children’s digital rights.

We are very pleased and proud to announce that Homo Digitalis is now an observer-member of European Digital Rights – EDRi. EDRi, founded in 2002, is the biggest union of digital rights organizations in the world.

Homo Digitalis is the first Greek organization to get accepted by EDRi and we feel very honoured about this. As observer-member we will have the opportunity to participate alongside EDRi and its members in joint actions, to exchange knowledge and opinions with renowned specialists from all around the globe and increase our organization’s influence.

We would like to warmly thank epicenter.works and Bits of Freedom, which supported us from the first moment with their reference letters, as well as all the EDRi members, which voted in our favour.

Learn more on EDRi and its members on: https://edri.org/members/

The first seminar organized by Homo Digitalis, entitled “European Cyber Security Month: Real Challenges-Legal and Technical Solutions”, was successfully completed. More than 150 academics, professionals, students and citizens participated.

With the predominant message of the need for better information on the legal and technical aspects of cybersecurity, the seminar took place on Wednesday, October 31, at the Athens Bar Association.

In the framework of the European Cybersecurity Month, the workshop entitled “Real Challenges-Legal and Technical Solutions” brought together more than 150 academics, professionals and students from both legal and computer science backgrounds as well as several citizens with a keen interest in this particular issue. Particularly important was the presence of representatives from the Ministry of Digital Policy, the Data Protection Authority, the Authority for the Confidentiality of Communications, the Electronic Crime Prosecution Division and the judiciary.

In the first session of the seminar, the legal challenges and obligations of cyberspace were analyzed, while the second included a demonstration of social engineering and the presentation of the national cyber security team. The lecturers of the conference were prominent lawyers and computer professionals and demonstrated the necessary collaboration between the two fields to achieve fuller user protection.

We want to thank by heart the Athens Bar Association for its hospitality and support, as well as our outstanding speakers and collaborators, without which this event could not take place.

We are particularly grateful to the Attorney General of the Supreme Court, the Director of the Electronic Crime Investigation Department, the Data Protection Authority, the Ministry of Digital Policy and all the organizations that honored us through their presence.

We gratefully thank all of you who attended the seminar and showed us that the interest in digital rights is constantly increasing in our country.

You can see photos from the seminar here: