Homo Digitalis meets with the Greek Ombudsman
he Greek Ombudsman welcomed the non-profit organization Homo Digitalis to his offices on June 26, 2025, for a meeting on issues related to digital rights and artificial intelligence. Among other topics, the discussion addressed the role of the Ombudsman under the European Union’s Artificial Intelligence Act, following his designation as one of the fundamental rights authorities under Article 77 of the Regulation.
We warmly thank the Honorable Greek Ombudsman, Mr. Andreas Pottakis, for his time and availability.
Participating in the meeting was Homo Digitalis Co-founder and Executive Director Eleftherios Chelioudakis.
Homo Digitalis meets with the Hellenic Data Protection Authority
The Hellenic Data Protection Authority (HDPA) welcomed the non-profit organization Homo Digitalis to its offices on May 30, 2025, for a meeting on issues related to digital rights, personal data protection, and artificial intelligence. Among other topics, the discussion covered recent developments in the field of new technologies, relevant cases and requests we have submitted before the Authority, as well as the role of the HDPA under the European Union’s Artificial Intelligence Act, following its designation as one of the authorities under Article 77 of the Regulation (Powers of the authorities for the protection of fundamental rights).
Participating in the meeting were Homo Digitalis Co-founder and Executive Director Eleftherios Chelioudakis and Homo Digitalis Director of Human Rights and Artificial Intelligence Lamprini Gyftokosta.
I HAVE RIGHTS and Homo Digitalis Publish Report on the Situation in the Samos Closed Controlled Access Centre (CCAC) One Year After the Fine Issued by the Hellenic Data Protection Authority for KENTAURUS and HYPERION Systems
The Hellenic Ministry of Migration (MoMA) continues to violate data protection rights of asylum seekers in the Samos Closed Control Access Centre (CCAC), I Have Rights and Homo Digitalis said in a report released today.
The report, titled “They Never Tell Us Anything”: Ongoing Data Rights Violations in the Samos CCAC analyses the implementation of a compliance order issued by the Hellenic Data Protection Authority (HDPA) in April 2024. In this historic ruling, the HDPA had found that MoMA’s use of surveillance technologies in reception facilities across Greece, including biometric access systems and surveillance infrastructure tools violates EU data protection laws (GDPR).
Ten months after the passing of the implementation period in July 2024, the report finds that MoMA has failed to comply with the order. “The ongoing violations of data protection rights in the Samos CCAC are emblematic of a system where control and surveillance are prioritised over the rights of those seeking protection” said Réka Rebeka Rósa, Legal and Team Coordinator at I Have Rights. “The European Union should press Greek authorities to address prevailing rights violations. Otherwise, these violations risk becoming a blueprint for further (digital) rights abuse of people on the move across Europe.”
The Samos CCAC opened in September 2021 as the first of the now existing five facilities in Greece, following an agreement between the European Commission and the Greek Government in 2020. Since its opening, NGOs, international human rights experts and people held in the facility have consistently raised concerns about the facility’s securitised infrastructure, de facto detention practices, and inadequate living conditions.
These concerns are exacerbated by the overall lack of transparency in the Greek asylum procedure and opaque surveillance system in the Samos CCAC.
As one client explained about the intransparency of biometric data collection: “No, no one explains it. They only take fingerprints and take us from one place to another, and we do it without knowing why. There is no person to explain what is happening.”
Greece has legal and moral obligations to uphold fundamental rights and data protection rights of asylum seekers, as enshrined in the European Charter of Fundamental Rights and GDPR. The European Union, in particular the European Commission – given its central role in conceptualising, financing, operating, and monitoring the CCACs in Greece – bears responsibility to ensure that these standards are fully respected. “The continued lack of GDPR compliance, in terms of transparency and accountability in the deployment of the Centaur and Hyperion surveillance systems, at the Samos CCAC reflects a disturbing erosion of the fundamental rights. By failing to meet even the basic requirements of data protection in practice, MoMA is reinforcing a dangerous trend of surveillance-driven border management that dehumanizes people on the move” said Eleftherios Chelioudakis, Executive Director at Homo Digitalis.
Homo Digitalis meets with the National Commissioner for Human Rights (NCHR)
The Greek National Commission for Human Rights (GNCHR) welcomed the NGO Homo Digitalis to its offices on May 13, 2025, for a meeting focused on digital rights and artificial intelligence.
Among other topics, the discussion covered recent developments in the field of emerging technologies, the EU Artificial Intelligence Act and its implementation, as well as the role of the GNCHR under the Regulation, following its designation as one of the authorities referred to in Article 77 (Powers of Fundamental Rights Monitoring Authorities).
Participants in the meeting included Professor Maria Gavouneli, President of the GNCHR, Elli Varchalama, Second Vice-President of the GNCHR, Dr. Christos Tsevas, Special Scientist, Eleftherios Chelioudakis, Co-Founder and Executive Director of Homo Digitalis and Lambrini Gyftokosta, Director of Human Rights & Artificial Intelligence at Homo Digitalis.
From Secrecy to Transparency: The Five-Year Battle for the Publication of Police Camera Operation Decisions
Strategic legal action takes time, but its outcomes benefit society as a whole, strengthening public trust in institutions.
In December 2020, Homo Digitalis, in collaboration with Reporters United and The Press Project, formally requested access to the Hellenic Police’s decisions regarding the operation of drones and other portable cameras in public spaces, as stipulated in Article 12 of Presidential Decree 75/2020. Despite the legal obligation to publish these decisions publicly, the police refused access, disregarding the transparency required by law.
A few months later, in May 2021, we filed a joint complaint before the Hellenic Data Protection Authority (HDPA), citing repeated non-compliance by the police—at least 67 times over a short period. The HDPA launched an investigation into the legality of these practices.
In early 2024, we submitted a request for access to HDPA documents to better understand the progress of the investigation. Correspondence between the Hellenic Police and the HDPA revealed that, even as of March 2024, the police continued to argue that Presidential Decree 75/2020 did not require them to publish camera operation decisions, despite the HDPA’s opposing view.
Yesterday, through a report by journalist Giannis Bazaios in Efimerida ton Syntakton, we learned that such a decision had been published on the Hellenic Police’s website. Indeed, upon verification, we found that as of February 17, 2025, the police had changed their practice and begun publishing these decisions as required by law. The report was published today online here.
From the initial refusal in 2020, it took five years for this change to be implemented. We now eagerly await the final decision of the HDPA and the conclusion of its investigation, which will establish a definitive framework for transparency and accountability within law enforcement.
What’s Happening with the 1,000 Smart Policing Devices of the Hellenic Police, Five Years After Our Complaint to the Hellenic Data Protection Authority ?
What is the status of the 1,000 portable smart policing devices used by the Hellenic Police as part of the Smart Policing program, which incorporate artificial intelligence technologies and cost €4 million? (Spoiler alert: the news is not good!)
Journalist Eftychia Soufleri has written a detailed article for NEWS247.gr (THE MAGAZINE) shedding light on the case and highlighting the key actions taken by Homo Digitalis since 2019. Our Executive Director, Eleftherios Chelioudakis, provided statements on behalf of our organization.
Significant Revelations Emerge for the First Time!
According to the report, despite the absence of any legal framework allowing their use, the Hellenic Police:
-
Claims to have been using the devices operationally since 2021, even though the Hellenic Data Protection Authority (HDPA) has been investigating the matter since August 2020 and continues to do so today.
-
Confirms that it fully utilizes the biometric processing capabilities of these devices (facial recognition, fingerprint identification).
-
Validates what was outlined in the 2018 technical specifications document, namely that the devices are used for “preventive policing”, with the collected data potentially being used in the future to establish correlations, conclusions, and predictive analytics.
Awaiting the HDPA’s Decision
We are still awaiting the Hellenic Data Protection Authority’s decision, as its investigation has now lasted over 4 years and 7 months (initiated in August 2020). The situation is escalating rapidly, and the risks to democracy and human rights protection are extremely high.
A big thank you to the journalist for her interest in our work!
You can read the full article here.
4 million euros were spent by the Greek Police to issue fines related to violations of the Road Traffic Code
Back in 2019, we started one of our first actions in the field of artificial intelligence by bringing to light the Smart Policing program of the Greek Police in collaboration with Intracom-Telecom.
The purpose of this project? The purchase of 1,000 portable devices that would enable functions like facial recognition, fingerprint scanning, document identification, and license plate recognition in urban centers during police checks.
We acted promptly and, in March 2020, requested the Data Protection Authority to investigate the matter, as, according to our legal analysis, processing biometric data in the context of using these devices would not be legal.
Since August 2020, the Authority has been investigating the case. The State paid the 4 million euros, and the company delivered the devices to the Hellenic Police. The latest development was in October 2024, when the Hellenic Police decided, starting from the first quarter of 2025, to use the document/license plate recognition functions of the devices to issue fines for violations of the Road Traffic Code.
We are glad that our swift action and the investigation by the Data Protection Authority froze the use of the invasive facial recognition and fingerprint scanning functions of these devices. However, the relevant decision by the Authority must be published immediately.
The 4.5 years of investigation by the Data Protection Authority also reveal that the state must support the Data Protection Authority, as the high level of expertise of its inspectors is not enough, and more human and financial resources are needed. And all this without considering the increased workload expected in the coming years with the AI Act.
You can read more about this in our latest study on the AI Act, pages 51-54 here.
Homo Digitalis Submits Urgent Letter to the Council of Europe’s Commissioner for Human Rights
Homo Digitalis submitted today a letter to the Council of Europe’s Commissioner for Human Rights.
We this letter, the Greek CSO aims to draw the Commissioner’s attention to the following three issues:
A. The imminent adoption of a Presidential Decree in Greece permitting state authorities to procure spyware.
B. The deteriorating condition of independent supervisory authorities in Greece, plagued by power struggles, understaffing, and financial constraints.
C. The latest developments in the ongoing PREDATOR scandal in Greece, which leaves critical questions unanswered regarding the surveillance of journalists, politicians, and lawyers through illegal means.
Moreover, with this letter Homo Digitalis urges the Commissioner:
- To give full and close attention to the situation in Greece,
- To take into account the facts presented above and urgently request further information and clarifications from Greek authorities,
- To examine the situation in Greece and take necessary steps to identify any shortcomings in the law and practices concerning human rights abuses, and
- To assist in strengthening the activities of national supervisory institutions and other human rights structures in Greece.
You can read the letter (EN) here.
Homo Digitalis is immediately informed by the Hellenic DPA & the Hellenic Authority for Communication Security and Privacy for their intervention re the Draft Presidential Decree on Spyware
On Tuesday July 30th η Homo Digitalis filed a request before the President of the Hellenic Data Protection Authority (HDPA), Mr.Menoudakos (no.6277/30-07-2024), and the President of the Hellenic Authority for Communication Security and Privacy (ADAE), Mr. Rammou (no. 2755/30-07-2024), in order for the two Independent Authorities to exercise their advisory powers and issue a joint Opinion regarding the Draft Presidential Decree of Articles 13 & 47 of Law 5002 /2022 on the procurement of contracts on behalf of governmental structures for the supply of spyware or surveillance devices.
In response to our request, the response of the HDPA and ADAE has been lightning fast. Specifically, the Directorate of Supervisory Work of the HDPA informed us on the same day, 30 July 2024, that the HDPA has requested the draft presidential decree from the Ministry of Citizen Protection from 19 July 2024 in order to give its opinion on the matter, while the President of ADAE, Mr. Rammos, in a letter addressed to Homo Digitalis on August 1, 2024, informed us that ADAE, as it always does, within the framework of its constitutional and statutory competence, it goes without saying that it will exercise its advisory competence (provided for by Article 6 paragraph 1 point i of Law 3115 /2003) and on the specific draft presidential decree in the context of an institutional dialogue with all the state bodies involved in its adoption.
We await with interest the relevant developments in the near future, since, as Homo Digitalis has pointed out in its letter to the two independent authorities, the provisions of the draft presidential decree may cause irreparable risks for democracy, the rule of law and the protection of fundamental rights and freedoms in Greece.