Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Greece: HDPA issues opinion on a draft law of the Ministry of Civil Protection

The Hellenic Data Protection Authority ('HDPA') issued, on 1 September 2021, Opinion No. 6/2021 ('the Opinion'), at the request of the Ministry of Civil Protection, on a draft presidential decree entitled 'Taking measures to implement Council Decision 2008/615 / JHA of 23 June 2008 on the upgrading of cross-border cooperation, in particular with regard to the fight against terrorism and cross-border crime' ('the Presidential Decree'). In particular, the Opinion notes that the subject matter of this draft Presidential Decree concerns the processing of personal data, including biometric data (genetic fingerprints and fingerprints), for the purposes of the aforementioned Council Decision 2008/615 / JHA of 23 June 2008 ('the Decision'), namely to facilitate and improve the exchange of information and mutual access by Member States to automated national DNA records, automated fingerprint recognition systems, and vehicle registers. In addition, the Opinion identifies specific points of the draft Presidential Decree which need improvement and/or clarification. Among others, the Opinion notes that in Article 6 of the draft Presidential Decree, the general purpose of preventing and investigating criminal offences, as described in Article 1 of the Decision and Article 1 of this draft Presidential Decree, is omitted and that it would be safer to state explicitly or by reference the specific purpose of the processing of personal data. Further to this, Article 7 regulates processing for another purpose upon authorisation but without specifying who grants the authorisation, hence it should be made clear that this article refers to data received by Greece from another Member State, and that the authorisation refers to the State providing the data, and in this respect, since the Decision also refers to the need for consistency with national law, these different purposes should be defined in Greek legislation.

You can read the press release here and the Opinion here, both only available in Greek.