Athens (AFP) – Two months before Greeks vote in European Parliament elections, a political spamming scandal has forced a candidate to drop out and authorities to launch a probe in a case that has rekindled national concerns over data leaks.
Hundreds of Greeks residing in European countries and the United States last month complained after receiving unsolicited emails from EU lawmaker Anna-Michelle Assimakopoulou, a member of the ruling conservative New Democracy party.
Two officials resigned over the case, and investigations are underway by the Athens prosecutor's office and the independent Greek data protection watchdog HDPA.
HDPA chairman Konstantinos Menoudakos told AFP in an interview that although misuse of personal data is not uncommon during electoral campaigns, the scale of the breach is unprecedented.
"HDPA is investigating the emails of hundreds of people that were used" without their consent, Menoudakos said. Vassilis Sotiropoulos, a lawyer representing several plaintiffs, said he is taking action against the Greek state over the incident.
The case has embarrassed the Greek government at a time when postal voting for the country's sizeable diaspora is to be used for the first time in June.
Government officials have been at pains to stress that the voters' email addresses were improperly exchanged long before the postal voting reform was introduced in January, and that adequate safeguards have been enacted since.
A senior interior ministry official and the head of New Democracy's diaspora department resigned over the incident. Assimakopoulou also withdrew her candidacy for the June 9 vote.
Government spokesman Pavlos Marinakis has deflected questions from media and rights groups, declaring on Monday that as the case is under investigation there was "nothing more" to be done at present.
"The responsibilities have been assumed, there have been resignations, the investigation is ongoing," he told reporters.
Data protection 'essential'
Menoudakos said data protection "is essential to the rule of law". "Any violation raises important questions of democracy," he added, noting that this is the second "major" case in two years.
In 2022, the country was shaken by a scandal involving the illegal wiretapping of dozens of politicians and journalists by cellphone spyware called Predator.
Eleftherios Chelioudakis, co-founder of Homo digitalis, an NGO for the protection of digital rights, said the scale of the emails affair "has made public opinion even more aware" of the EU's general data protection regulations.
During the Covid-19 pandemic lockdown, the data watchdog had rapped the education ministry for inadequate privacy advisories to students using its long-distance learning platform.
Greece's leading telephony operator OTE and Piraeus Bank, one of the country's four largest, have also been fined in recent years.
In a rare move, the data watchdog this week also fined the country's migration ministry for data protection breaches in migrant camps under its care.
The independent authority said in a statement that it had found "serious shortcomings" in the ministry's compliance with data protection rules, without giving further details.
The watchdog said it had examined the ministry's systems for digital security management and entry-exit control at the camps, after receiving information requests from the European Parliament's committee on civil liberties and the UN refugee agency.
It said there was also a "lack of cooperation" by the ministry and that its data protection impact assessments "were substantially incomplete".
The ministry was fined 175,000 euros ($189,000) and given three months to comply with the rules, the watchdog said.
Menoudakos said the checks have been achieved despite a 15-percent drop in the authority's budget between 2020 and 2024, when other countries allocate additional funds. "The significant lack of staff limits our controls," he said.