I HAVE RIGHTS and Homo Digitalis Publish Report on the Situation in the Samos Closed Controlled Access Centre (CCAC) One Year After the Fine Issued by the Hellenic Data Protection Authority for KENTAURUS and HYPERION Systems
The Hellenic Ministry of Migration (MoMA) continues to violate data protection rights of asylum seekers in the Samos Closed Control Access Centre (CCAC), I Have Rights and Homo Digitalis said in a report released today.
The report, titled “They Never Tell Us Anything”: Ongoing Data Rights Violations in the Samos CCAC analyses the implementation of a compliance order issued by the Hellenic Data Protection Authority (HDPA) in April 2024. In this historic ruling, the HDPA had found that MoMA’s use of surveillance technologies in reception facilities across Greece, including biometric access systems and surveillance infrastructure tools violates EU data protection laws (GDPR).
Ten months after the passing of the implementation period in July 2024, the report finds that MoMA has failed to comply with the order. “The ongoing violations of data protection rights in the Samos CCAC are emblematic of a system where control and surveillance are prioritised over the rights of those seeking protection” said Réka Rebeka Rósa, Legal and Team Coordinator at I Have Rights. “The European Union should press Greek authorities to address prevailing rights violations. Otherwise, these violations risk becoming a blueprint for further (digital) rights abuse of people on the move across Europe.”
The Samos CCAC opened in September 2021 as the first of the now existing five facilities in Greece, following an agreement between the European Commission and the Greek Government in 2020. Since its opening, NGOs, international human rights experts and people held in the facility have consistently raised concerns about the facility’s securitised infrastructure, de facto detention practices, and inadequate living conditions.
These concerns are exacerbated by the overall lack of transparency in the Greek asylum procedure and opaque surveillance system in the Samos CCAC.
As one client explained about the intransparency of biometric data collection: “No, no one explains it. They only take fingerprints and take us from one place to another, and we do it without knowing why. There is no person to explain what is happening.”
Greece has legal and moral obligations to uphold fundamental rights and data protection rights of asylum seekers, as enshrined in the European Charter of Fundamental Rights and GDPR. The European Union, in particular the European Commission – given its central role in conceptualising, financing, operating, and monitoring the CCACs in Greece – bears responsibility to ensure that these standards are fully respected. “The continued lack of GDPR compliance, in terms of transparency and accountability in the deployment of the Centaur and Hyperion surveillance systems, at the Samos CCAC reflects a disturbing erosion of the fundamental rights. By failing to meet even the basic requirements of data protection in practice, MoMA is reinforcing a dangerous trend of surveillance-driven border management that dehumanizes people on the move” said Eleftherios Chelioudakis, Executive Director at Homo Digitalis.
Homo Digitalis Speaks Once Again at CPDP!
Homo Digitalis participated once again in the largest international conference on data protection, Computers, Privacy and Data Protection (CPDP), with a talk on the panel “Protecting the Digital Rights of Asylum Seekers and Refugees”, organized by the Centre for Fundamental Rights – Hertie School!
Eleftherios Chelioudakis, Co-Founder and Executive Director of Homo Digitalis, represented us as a speaker on the panel, alongside Francesca Palmiotto (IE University), Derya Ozkul (University of Warwick), and Joanna Parkin (EDPS – European Data Protection Supervisor) on Friday, May 23.
Congratulations to the organizing team at the Hertie School and to Ida Reihani for the excellent collaboration!
We give a lecture at the OSCE's three-day training seminar on the protection of human rights at the borders
The OSCE Office for Democratic Institutions and Human Rights (ODIHR) organizes next week its training course for human rights defenders working at international borders in Warsaw! The three-day training course aims to enable human rights defenders to understand the human rights implications of border technologies and to improve their skills in collecting and verifying information through various means, including new technologies, for effective human rights monitoring at borders.
On a pro bono basis, Homo Digitalis and HIAS Greece will give a lecture during the training course related to our great success with the KENTAUROS and HYPERION case!
Our lecture titled “Combating Centaurs and Titans – Leveraging Data Protection Law to Counter Intrusive Surveillance in Migration” will focus on how data protection law can be strategically employed to challenge invasive surveillance technologies used in migration. Eleftherios Chelioudakis will represent Homo Digitalis in this lecture.
We would like to thank the organizers for their kind invitation, as well as HIAS Greece for the great collaboration.
You can find more information about the OSCE Office for Democratic Institutions and Human Rights (ODIHR) here.
Centaur & Hyperion: We asked the Greek DPA whether the Ministry of Immigration & Asylum has made the necessary compliance steps
In the framework of the Decision 13/2024 of the Greek Data Protection Authority (DPA), which was posted on its website on 2/4/2024, the Ministry of Immigration and Asylum was instructed to take all necessary steps to complete its compliance with the obligations of the controller, as described in the body of the Decision, within 3 (three) months from the date of its receipt.
Given that on Tuesday 2/7/2024, 3 months were completed, we decided to send a letter to the DPA on Wednesday 3/7/2024 (ref. no. G/EIS/5662/03-07-2024) requesting to be informed whether the Authority has received any relevant information from the Ministry of Immigration and Asylum regarding the completion of its compliance, as it was obliged to do.
It remains to be seen what level of compliance has been achieved in these three months in a case that is of the utmost importance.
Interview of Homo Digitalis in mononews about our great success and the 175.000 euro fine of the Greek DPA to the Ministry of Asylum and Migration
Homo Digitalis spoke to mononews and journalist Alexianna Tsotsou for her report on our complaint against the KENTAUROS and YPERION systems and the 175,000 euro fine imposed by the Greek Data Protection Authority on the Ministry of Asylum and Migration. Comments on Homo Digitalis were provided by our Co-Founder and Lawyer, Eleftherios Chelioudakis
You can read the article here.
We would like to thank the journalist for her cooperation, her detailed reporting and her interest in our actions.
Homo Digitalis' interview with Computer Weekly about our great success and the 175,000 euro fine imposed by the Hellenic Data Protection Authority to the Ministry of Asylum and Migration
Homo Digitalis spoke to Computer Weekly and journalist Lydia Emmanouilidou for her report on our complaint against the KENTAUROS and YPERION systems and the 175,000 euro fine imposed by the Greek Data Protection Authority on the Ministry of Asylum and Migration. Comments on Homo Digitalis were provided by our Co-Founder and Lawyer, Eleftherios Chelioudakis.
You can read the article here.
We would like to thank the journalist for her cooperation, her revealing report and her interest in our actions.
Interview of Homo Digitalis on Netzpolitik.org about our great success and the 175.000 euro fine of the Hellenic Data Protection Authority to the Ministry of Asylum and Migration
Homo Digitalis spoke to Netzpolitik.org and journalist Chris Kover for their report on our complaint against the KENTAUROS and YPERION systems and the 175,000 euro fine imposed by the Greek Data Protection Authority on the Ministry of Asylum and Migration. Comments on Homo Digitalis were provided by our Co-Founder and Lawyer, Eleftherios Chelioudakis
You can read the article here.
We would like to thank the journalist for her cooperation and interest in our actions.
Interview of Homo Digitalis to SOLOMON for our great success and the 175.000 euro fine of the Hellenic DPA to the Ministry of Asylum and Migration
Homo Digitalis spoke to SOLOMON and journalists Lydia Emmanouilidou and Apostolis Fotiadis for their report on our complaint against the KENTAUROS and YPERION systems and the 175,000 euro fine imposed by the Greek Data Protection Authority on the Ministry of Migration and Asylum. Comments on Homo Digitalis were provided by our Co-Founder and Lawyer, Eleftherios Chelioudakis.
You can read the article and the journalists’ important revelations here.
We sincerely thank the journalists for their cooperation and interest in our actions.
The Hellenic Data Protection Authority fines the Ministry of Migration and Asylum for the "Centaurus" and "Hyperion" systems with the largest penalty ever imposed to a Greek public body
Two years ago, in February 2022, Homo Digitalis had filed a complaint against the Ministry of Immigration and Asylum for the “Centaurus” and “Hyperion” systems deployed in the reception and accommodation facilities for asylum seekers, in cooperation with the civil society organizations Hellenic League for Human Rights and HIAS Greece, as well as the academic Niovi Vavoula.
Today, the Hellenic Data Protection Authority identified significant GDPR violations in this case by the Ministry of Immigration and Asylum and decided to impose a fine of €175.000 euro – the highest ever imposed against a public body in the country.
The detailed analysis of the GDPR highlights the significant shortcomings that the Ministry of Immigration and Asylum had fallen into in the context of preparing a comprehensive and coherent Data Protection Impact Assessment, and demonstrates the significant violations of the GDPR that have been identified and relate to a large number of subjects who have a real hardship in being able to exercise their rights.
Despite the fact that the DPA remains understaffed, with a reduced budget, facing even the the risk of eviction from its premises, it manages to fulfil its mission and maintain citizens’ trust in the Independent Authorities. It remains to be seen how long the DPA will last if the state does not stand by its side.
Of course, nothing ends here. A high fine does not in itself mean anything. The Ministry of Immigration and Asylum must comply within 3 months with its obligations. However, the decision gives us the strength to continue our actions in the field of border protection in order to protect the rights of vulnerable social groups who are targeted by highly intrusive technologies.
You can read our press release here.
You can read Decision 13/2024 on the Authority’s website here.