Interview of Homo Digitalis to SOLOMON for our great success and the 175.000 euro fine of the Hellenic DPA to the Ministry of Asylum and Migration
Homo Digitalis spoke to SOLOMON and journalists Lydia Emmanouilidou and Apostolis Fotiadis for their report on our complaint against the KENTAUROS and YPERION systems and the 175,000 euro fine imposed by the Greek Data Protection Authority on the Ministry of Migration and Asylum. Comments on Homo Digitalis were provided by our Co-Founder and Lawyer, Eleftherios Chelioudakis.
You can read the article and the journalists’ important revelations here.
We sincerely thank the journalists for their cooperation and interest in our actions.
The Hellenic Data Protection Authority fines the Ministry of Migration and Asylum for the "Centaurus" and "Hyperion" systems with the largest penalty ever imposed to a Greek public body
Two years ago, in February 2022, Homo Digitalis had filed a complaint against the Ministry of Immigration and Asylum for the “Centaurus” and “Hyperion” systems deployed in the reception and accommodation facilities for asylum seekers, in cooperation with the civil society organizations Hellenic League for Human Rights and HIAS Greece, as well as the academic Niovi Vavoula.
Today, the Hellenic Data Protection Authority identified significant GDPR violations in this case by the Ministry of Immigration and Asylum and decided to impose a fine of €175.000 euro – the highest ever imposed against a public body in the country.
The detailed analysis of the GDPR highlights the significant shortcomings that the Ministry of Immigration and Asylum had fallen into in the context of preparing a comprehensive and coherent Data Protection Impact Assessment, and demonstrates the significant violations of the GDPR that have been identified and relate to a large number of subjects who have a real hardship in being able to exercise their rights.
Despite the fact that the DPA remains understaffed, with a reduced budget, facing even the the risk of eviction from its premises, it manages to fulfil its mission and maintain citizens’ trust in the Independent Authorities. It remains to be seen how long the DPA will last if the state does not stand by its side.
Of course, nothing ends here. A high fine does not in itself mean anything. The Ministry of Immigration and Asylum must comply within 3 months with its obligations. However, the decision gives us the strength to continue our actions in the field of border protection in order to protect the rights of vulnerable social groups who are targeted by highly intrusive technologies.
You can read our press release here.
You can read Decision 13/2024 on the Authority’s website here.
The Greek DPA discussed in a Plenary Session our Case on Electronic Communications Metadata Retention
Yesterday, Tuesday 14/11, we were present at the Plenary Session of the Greek DPA during which our case concerning the retention of electronic communications metadata and the right of access to them was discussed. Our Secretary, Eleftherios Chelioudakis, who is the Data Subject in this case, participated there.
In simple terms, metadata allows us to establish who spoke to whom, via which devices, when, for how long, and where the users were approximately located during their conversation. Therefore, metadata is not about the content of the communication but about all the other accompanying elements of the communication. All electronic communications providers in Greece are required to keep it for one year from the date of the communication.
The Court of Justice of the European Union ruled in 2014 that the retention of this amount of metadata for everyone, everywhere and always, constitutes a mass surveillance measure that allows for particularly accurate conclusions to be drawn with regard to the privacy of the persons whose data has been retained, and violates the EU Charter of Fundamental Rights, ruling Directive 2006/24, which allowed for this, as invalid.
However, the Greek State has not revised until today, almost 10 years later, the Law 3917/2011 that transposes this Directive into the Greek legal landscape, while as Homo Digitalis revealed in 2019 the relevant legislative committee that was asked to prepare a new draft law, an explanatory memorandum and an impact assessment on this matter ever delivered any work in the 5 years of its existence (2014-2019).
We look forward with great interest to the next stages of the process and have full confidence in the work of the Greek DPA.