Athens: Two months before Greece goes to the polls in the European Parliament elections, a political spam scandal has forced a candidate to withdraw and authorities have opened an investigation into the case that has reignited national concern about data leaks.
Last month, hundreds of Greeks living in Europe and the United States protested after receiving an unsolicited letter from EU parliamentarian Anna-Michelle Assimakopoulou, a member of the conservative New Democracy Party.
Two employees have resigned in the case, and an investigation is being carried out by the Athens prosecutor’s office and the independent Greek data protection watchdog HDPA.
HDPA head Konstantinos Menoudakos told AFP that while misuse of personal data in election campaigns was not uncommon, the scale of the breach was unprecedented.
Vassilis Sotiropoulos, representing several plaintiffs, said they are taking action against the Greek state regarding the incident.
The incident embarrassed the Greek government, as postal voting for the country’s large diaspora was to be used for the first time in June.
State officials said voters’ email addresses had been exchanged long before postal voting reforms were introduced in January, and that safeguards have been in place since then.
A senior Interior Ministry official and the head of the New Democracy diaspora department resigned over the incident.
Avoiding questions from the media and legal groups, government spokesman Pavlos Marinakis said on Monday that “there is nothing more” to be done now that the case is under investigation.
“Responsibility has been claimed, they have been fired, and the investigation is still underway,” he told reporters.
Menoudakos said data protection is “necessary for the rule of law”.
“Any violation raises serious questions about democracy,” he said, adding that it was the second “significant” case in two years.
In 2022, dozens of politicians and journalists were involved in a scandal over the illegal hacking of mobile phone software called “jailbreak”.
Eleftherios Chelioudakis, founder of digital rights NGO Homo Digitalis, said the email scandal had “raised public awareness” of the EU’s general data protection rules.
During the Covid-19 pandemic lockdown, data watchdogs slammed the Ministry of Education for failing to provide adequate privacy advice to students using distance learning platforms.
Greece’s flagship phone operator OTE and Piraeus Bank, one of the country’s big four, have also been fined in recent years.
In a rare move, a data watchdog was fined this week for breaching data protection rules at migrant camps controlled by the country’s migration ministry.
In its statement, the independent body found no “shortcomings” in the ministry’s compliance with data protection rules.
The watchdog said the ministry is reviewing digital security management and access control systems in the camps after receiving requests for information from the European Parliament’s civil liberties committee and the UN refugee agency.
The ministry also said there was a “lack of cooperation” and that the data protection impact assessment was “incomplete”.
The ministry was fined 175,000 euros ($189,000) and given three months to comply, the watchdog said.
