The Protect Not Surveil coalition publishes its report on the Europol Regulation

Today, the #ProtectNotSurveil coalition, in which Homo Digitalis serves as a member, launches its report on the Europol Regulation and calls for the full rejection of the European Commission’s proposal.

The Europol Regulation inadvertently supports the business model of smugglers while criminalising migration.

Crucially, the Europol Regulation:

  • expands Europol’s surveillance capacity beyond its mandate under the pretext of fighting ‘migrant smuggling’, giving Europol new powers “in relation to all crimes for which it is competent”;
  • The EDPS has already raised concerns that the file poses significant risks to the data and privacy rights of migrants, allowing mass data collection and sharing between Member States and EU agencies with known human rights violations (Frontex), as well as third countries without any legal basis for data sharing with the EU;
  • The proposal is unsafe and unsubstantiated, presented without a proper impact assessment and based on false claims that smugglers pose the greatest threat to the safety of migrants (UN report);
  • Millions in EU public funds will be wasted on Europol’s new activities for a false solution to migration management that simply will not work.

A summary of our position was also published in EUobserver. The full report is available here.

 


The Hellenic Data Protection Authority fines the Ministry of Migration and Asylum for the "Centaurus" and "Hyperion" systems with the largest penalty ever imposed to a Greek public body

Two years ago, in February 2022, Homo Digitalis had filed a complaint against the Ministry of Immigration and Asylum for the “Centaurus” and “Hyperion” systems deployed in the reception and accommodation facilities for asylum seekers, in cooperation with the civil society organizations Hellenic League for Human Rights and HIAS Greece, as well as the academic Niovi Vavoula.

Today, the Hellenic Data Protection Authority identified significant GDPR violations in this case by the Ministry of Immigration and Asylum and decided to impose a fine of €175.000 euro – the highest ever imposed against a public body in the country.

The detailed analysis of the GDPR highlights the significant shortcomings that the Ministry of Immigration and Asylum had fallen into in the context of preparing a comprehensive and coherent Data Protection Impact Assessment, and demonstrates the significant violations of the GDPR that have been identified and relate to a large number of subjects who have a real hardship in being able to exercise their rights.

Despite the fact that the DPA remains understaffed, with a reduced budget, facing even the the risk of eviction from its premises, it manages to fulfil its mission and maintain citizens’ trust in the Independent Authorities. It remains to be seen how long the DPA will last if the state does not stand by its side.

Of course, nothing ends here. A high fine does not in itself mean anything. The Ministry of Immigration and Asylum must comply within 3 months with its obligations. However, the decision gives us the strength to continue our actions in the field of border protection in order to protect the rights of vulnerable social groups who are targeted by highly intrusive technologies.

You can read our press release here.

You can read Decision 13/2024 on the Authority’s website here.