Greece's new Cybersecurity Bill

By Elisavet Goutman March 11, 2023

Greece’s new Cybersecurity Bill

A bill on cyber security, telecommunication privacy issues and personal data has been submitted to the Greek parliament. In particular, the bill aims at “ensuring the necessary balance between privacy protection and national security, within the constitutional frame and in the foundation of the best international policies.” Additionally, the bill strengthens the “citizen’s rights against the threats that are connected to the technological evolution”.

The bill in question deals with issues of counter surveillance with the use of right tools, the foundation of Information Academy and counterintelligence and the setting of a stricter privacy frame. A major part of the bill though is about cybersecurity and the enforcement of the privacy protection. A coordination committee is assembled with the task of breaking down of the related structures. A Unified Reporting Center for Cybersecurity is running in the ministry of Digital Governance. Also, for the first time, a National Plan for Valuation of Technology and Communication Systems hazard levels is structured. It is used for recognition, analysis and valuation of the hazards and their repercussions on the safety of the national technology, information and communication systems. Prior ambiguities in the embedding of this frame for privacy protection were lifted. The ministry of Justice embodies in this bill, a number of suggestions that were made during its consultation and further improvements were made. A number of amendments were carried out and they are outlined below:

  1. In regards with cyber security, a unified report center is assembled in the Cyber Security Department of the Digital Governance Ministry. This Center has as its main aim to develop, support and strengthening of the skills on a national level for the timely detection and treatment of cyber-attacks throughout the country, mainly through improvement methods of timely warning, detection and withstanding cyberattacks.
  2. The definition for the term: “national security reasons” changed. The latter are now considered only the reasons that are in compliance with the protection of the basic state functions and the fundamental rights of the Greek citizens.
  3. Augmented demands for documentation of a request for a remission of confidentiality now need to be met. The request needs to include the reasons that constitute danger to the national security, the necessity for its lift, ie the external elements of the communication and the absolutely necessary span.
  4. A number of augmented guarantees for the vouchsafing of the three-part body that makes the calls for the remission of confidentiality.
  5. The procedure of the destruction of the surveillance material is further standardized.
  6. Τhe catalogue of the crimes that justify the remission of confidentiality is further clarified. The remission of confidentiality is only allowed in in crimes of particular demerit whose thorough examination calls for it, thus making the remission necessary.