Press Conference on Our Joint Report on the State of the Rule of Law in Greece
On Wednesday, 11 February, a press conference on the current state of the Rule of Law in Greece was successfully held with significant attendance at the Irida Cinema Theatre. The event was organised by the independent organisations HIAS Greece, Refugee Support Aegean (RSA), Vouliwatch, the Greek Council for Refugees (GCR), the Hellenic League for Human Rights (HLHR), Homo Digitalis, Reporters United and Solomon.
You may watch the press conference here.
We would like to warmly thank omniatv for the organisation and online hosting of the press conference, as well as the Photography Department of POFPA for hosting the event at the Irida Cinema Theatre.
Representatives of the participating organisations presented the key findings of the joint submission that we submitted for the fourth consecutive year to the European Commission on the Rule of Law in Greece in 2025, as part of the Commission’s annual monitoring of national systems.
We underlined the now urgent need to address the longstanding rule of law concerns in Greece. The issues documented in the report are interconnected and have nefarious effects on an array of facets of the rule of law, from justice, law-making and transparency rules to press freedom, civil society and data protection.
Our organisations have submitted this report to the European Commission and thoroughly document the pervasive, interconnected issues and deficiencies within Greek institutions as we experience them in our daily work and reality. We will continue to defend the Rule of Law in Greece. We expect no less from the institutions tasked with safeguarding it.
Our educational activities in Messinia were successfully completed, in collaboration with the Captain Vassilis & Carmen Constantakopoulos Foundation
In 2025, as part of our educational initiatives in Messinia, we partnered with the Captain Vassilis & Carmen Constantakopoulos Foundation to deliver the educational presentations “Digital Footprint” and “Cyberbullying” in schools across the region.
Through 36 educational presentations in 30 school units, 1,620 students took part in activities highlighting the importance of digital literacy, prevention and responsible online behavior in the digital environment. During the period March–May 2025, presentations were delivered in 11 schools and during November–December 2025, in 19 schools.
This collaboration underscores the importance of partnerships between educational institutions and charitable foundations, with the shared goal of strengthening knowledge and ensuring the safety of children and young people.
Risk Management in the Digital World - A Chore or A Necessity?
Written by Ioannis Ntokos*
“Nothing in life is certain but death and taxes,” Benjamin Franklin (or someone before him) once said. But the phrase could well include another component, risk. “Death, taxes, and risk.” In the digital world, risks are a constant that we must take into account, whether as citizens, product or service providers, or as experts in the field of risk management. Let’s see how proper risk management can provide certainty and security in the digital space.
What does risk mean, and why does it deserve attention?
The digital world changes rapidly, every day. The concept of risk, however, is relatively static: every system, every program, every person using technology creates an “opening,” a vulnerability. These openings are not dangerous in themselves, but they are vulnerable to threats that can exploit them. Consider, for example, a flaw in a computer system at a nuclear power plant, a flawed process for accessing sensitive data, a bad setup of a network switch. The alarm bells are ringing.
The risk is there before you do anything, it is “inherent.” It is there by default, without any protective measures being taken. When you ride a bike, the very act of riding is a risk. In the digital world, the inherent risk arises from things like human carelessness, the complexity of systems, or the value of data shared with others. Risk itself is a certainty, a constant of life. That does not mean we ignore it.
So far, so good. The fact that I cross the threshold of my door every morning is a dangerous situation, theoretically. What is the point of action if the risk is there anyway? The next stage is to identify which risks require attention and action. This requires cold observation and logical thinking. Some risks are more significant than others, so they must go through the risk management "filter".
Calculating Risk
In its simplest form, risk (numerical or not) is simply a function of probability and impact. A given risk has (negative) consequences (impact) with some frequency (probability). Being able to quantify the variables of probability and impact in a quantitative way (using precise and detailed numbers, usually monetary for impact and annual occurrence units for probability) or qualitative way (using more arbitrary calculations, usually using a scale from 1 to 5) brings us closer to calculating risk.
In the example of cycling, a risk is my sudden encounter with a brown bear (and the unpleasant consequences that might follow). The likelihood of this happening varies depending on the situation - if I am riding my bike in an area of Korydallos, the chances of encountering a bear are close to zero. If I have gone cycling in the Pindos mountains, the situation changes dramatically. The impact of the encounter with the bear also changes. If I carry bear spray or have watched many videos on how to deal with a brown bear (the author of this article has watched quite a few such videos), I may escape with bruises and scratches (or a broken bicycle). If I lack knowledge and tools, things become more difficult.
Here the importance of protective measures and the transition from inherent to residual risk also becomes apparent. Through the protective measures at my disposal (spray), I can lower the impact of the encounter from certain death to admission to the hospital for stitches. Residual risk is the risk that remains after we take protective measures against it! Protective measures are an integral part of risk management.
Risk Management Methods
There are four appropriate ways to deal with a risk, once it has been perceived (and quantified or quantified). These options are: acceptance, transfer, reduction or elimination.
Acceptance means that you understand the risk and hold on to it, not passively or ignorantly, but rationally. Some risks are so small that it costs more to deal with them than to accept them. If I ride my bike downtown, I accept the infinitesimal chance (0.00001%) that a bear will attack me, and I enjoy my ride.
Transfer is the assignment of risk to someone else (usually through insurance). The risk does not disappear, it simply changes hands. The responsibility remains with the person subject to the risk, but there is coverage in case of damage due to the risk. In the bear scenario, I hope my insurance covers such attacks, or at least my family receives a lump sum (through my life insurance) in case the spray doesn’t help.
Speaking of spray, this is a risk reduction method! Reduction means that you limit the likelihood or impact, and it is the most common method of dealing with risks. This includes any form of preventive protection. Every protective measure I take aims to reduce the risk. If I’m out cycling in the Pindus Mountains with 10 other friends, the chances of the bear attacking me instead of one of them are drastically reduced!
Elimination is the most absolute option, as you move away from the risk and its source. Elimination is the final cleanup: the recognition that something is beyond “patching.” Are there many hungry bears on the mountain I’m planning to visit? I choose the sea instead of the mountain and I have peace of mind!
While the above ways of dealing with risk are all tried and tested, there is one reaction that is not legitimate - risk ignorance. Knowing the risk and consciously choosing to ignore it will inevitably lead to negative results!
Dealing with risk in the digital world
Risks similar to a random bear encounter exist in the digital and online space, only instead of hungry four-legged friends, we encounter hackers, abused platforms, the use of artificial intelligence that violates human rights and defective hardware. And with the same logic as our trip to the forest, these risks require special treatment, taking into account the following basic principles:
- Risk management is not a single event, but a cycle. You identify, assess, act, and regularly review. The digital world is constantly changing, which means that the risk landscape is also changing. What was secure in the morning may be vulnerable by evening. Technology waits for no one - and the associated risks must be constantly recorded and addressed.
- A holistic approach to risk is crucial. One gap is enough to cause radical damage to citizens, users, and businesses. Partial protection creates a false sense of security. In the digital space, the weak point is often not the most obvious. It can be the forgotten file, the inadequate password, the external partner using a fragile application. Therefore, a holistic view is required.
- It is also necessary to understand that risk is not only technical, but also organizational, human, or procedural. In practice, most damage results from mistakes, omissions, or misunderstandings. Technology simply exacerbates the consequences. Therefore, it is necessary to address it from many different angles.
- Awareness and education on information and data protection issues are key to reducing risks. No matter how organized you are, there will always be someone who will write their passwords in plain sight, open the wrong file, or accidentally press “delete.” The human element cannot be eliminated.
- Prevention is always cheaper than recovery. For the average user, risk management may seem like a chore, but the reality is that the world of technology has grown so much that ignorance of risk is costly. Just as no one waits to install an alarm system after a break-in, risk management works best before bad things happen.
The essence of risk management is targeted clarity: although absolute security is not possible, we strive for stability while trying to avoid major mistakes. When you understand this, risk management ceases to be a burden. It becomes an organized and coordinated effort, and then a habit. A kind of mental exercise where you ask: “What could go wrong? How much do I care? What do I do about it?” Not as an exercise in fear, but as an exercise in pure reasoning and protection. Risk will always be there. Managing it is a conscious choice, and awareness is a tool.
*Ioannis Ntokos is an IT risk management, information security and third party risk management specialist, with expertise in data protection. He specializes in ISO27001, NIST, NIS2 and the General Data Protection Regulation (GDPR). In his spare time, he offers career advice on IT governance, risk and compliance through his YouTube channel
The speech of Homo Digitalis was successfully completed at the Annual Conference of Transparency International Greece and EELLAK.
The participation of Homo Digitalis in the Annual Conference, organized by Transparency International Greece and EELLAK on January 21, was successfully completed. The conference was titled “Open Data and Artificial Intelligence: New Opportunities & Challenges in Transparency, Public Procurement and Budgets.”
Our organization was dynamically represented by our member, Tania Skrapaliοri, who took part in the 3rd panel of the conference entitled “Transparency in Practice: Proposals and Innovation Transforming Governance.”
We would like to warmly thank the organizers for this excellent event and for the opportunity for Homo Digitalis to participate.
Our GAIN event with the supervisory authorities of Article 77 of the AI Act was successfully concluded
Yesterday’s event, which we co-organized with the civil society network Greek AI Network – GAIN at the offices of network member WHEN Hub, was successfully completed.
The event opened with a welcoming address by our Co-founder and Treasurer of the Board, Konstantinos Kakavoulis. This was followed by educational presentations from representatives of two fundamental rights authorities under Article 77 of the AI Act, namely Dr. Efrosyni Siougle from the Hellenic Data Protection Authority and Dr. Christos Tsevas from the Greek National Commission for Human Rights.
Finally, during the Members in the Spotlight Session, our member and DPO Executive / GDPR Expert, Dimos Kostoulas, delivered an educational presentation on the processing of personal data in the healthcare sector and the use of Artificial Intelligence systems in this field.
We warmly thank the speakers, the members of the GAIN network, and the members of Homo Digitalis who joined us both online and in person, as well as the other organizations that honored us with their presence.
The event was held within the framework of the GAIN program, with the support of the European AI & Society Fund.
We presented our Study on the Digital Omnibus package at the Privacy & Data Protection Conference
Last Friday, Homo Digitalis was invited to the Privacy & Data Protection Conference, organized by BOUSSIAS.
There, our Executive Director, Eleftherios Chelioudakis, presented our Study on the Digital Omnibus reform packages, highlighting the challenges that the proposed changes pose to our rights in the contemporary digital era.
You can read our Study here.
We would like to warmly thank the conference organizers, and especially Alexandra Varla, for the very honorable invitation. Congratulations as well to all the speakers for their insightful contributions.
.
Our NGI TALER workshop at Journals n’ Spirits 2025 was successfully completed
On November 13, we represented NGI TALER at Journals n’ Spirits 2025, which was organized by omniatv together with the initiatives Vlavi (magazine), Copwatch GR, FactReview, Femicide.gr, Homo Digitalis, INFOWAR, inside story., Jacobin Greece, KRAX Radio, The Manifold, Reporters United, Solomon, The Untold, Vouliwatch, and YUSRA (magazine/publications), at the Kypseli Municipal Market.
More specifically, Eleftherios Chelioudakis from our team presented the GNU TALER digital payments tool, which functions like digital cash and radically reshapes the ecosystem of electronic micropayments. It is based on the principles of free/libre software and strict respect for privacy, offering a new way to conduct online financial transactions while ensuring full accountability.
We also spoke about the funding opportunities provided by NGI TALER for everyone who can contribute to our important mission. Do you have relevant ideas? Submit your application by February 1, 2026, here.
Homo Digitalis & EDRi speak to inside story on the proposed Digital Omnibus regulations
Ιs Europe moving away from the protection of our digital rights?
inside story. and journalist Eliza Triantafyllou published an in-depth article on Monday, December 1, examining the European Commission’s Digital Omnibus proposals. European Digital Rights (EDRi) and Homo Digitalis had the honor of contributing comments and arguments, represented by their members Blue Duangdjai Tiyavorabun, Ella Jakubowska (she/her), Itxaso Domínguez de Olazábal, PhD, and Eleftherios Chelioudakis.
Is the EU giving in to pressure from Trump and major technology companies to deregulate rules protecting Europeans’ personal data and privacy, rebranding it as “simplification”? What exactly do the two recent proposals include? Read the article here.
We warmly thank the journalist for her interest in our arguments.
Participation of Homo Digitalis in a Conference on Spyware
On Friday, November 21, Homo Digitalis was represented by our member and Lawyer admitted to the Supreme Court, Melina Skondra, who delivered an outstanding contribution in the third panel of the conference “The Rule of Law Today in Greece and Europe,” on the topic: Spyware, surveillance, and human rights.
We had the honor of sharing the panel with Thanasis Koukakis, journalist and victim of surveillance, and Maria Alexandri, Lawyer admitted to the Supreme Court and member of the Research Group on Information Law at the University of Macedonia.
The conference was organized by DEMOTRUST with the support of the Friedrich-Ebert-Stiftung, under the auspices of the Centre for European Constitutional Law and syntagmawatch.gr, with ROSA MEDIA as the media sponsor.
We thank the organizers for their kind and honorable invitation!