New Democracy fined 40,000 euros by the Data Protection Authority for the Asimakopoulou email leak scandal – The Press Project

The HDPA fined Nova Democracia €30,000 for inadequate data protection practices and an additional fine of €10,000, after it was determined that the voter list had been leaked by the former Secretary of State for Party expatriate, Nikos Theodoropoulos. In addition, both Theodoropoulos and Menios Koromilas, then the party’s Organization Secretary for Local Government and Crisis Management, were each fined 10,000 euros for sharing sensitive data.

According to the HDPA’s investigation, the file in question — containing personal information of expatriate voters — was illegally taken from the Ministry of the Interior and shared with Koromilas, who then forwarded it to Theodoropoulos, who in turn he sent it to MEP Anna-Michelle Asimakopoulou. . The HDPA determined that this mishandling of the file violated various data protection laws and resulted in the unlawful dissemination of personal voter information.

Main conclusions of the Data Protection Authority

The HDPA ruling stated that Nova Democracia had not implemented adequate technical and organizational measures to ensure compliance with the General Data Protection Regulation (GDPR). He emphasized that important party operations were carried out on personal devices of party officials, which did not have sufficient oversight regarding the handling of personal data.

The HDPA noted that while New Democracy had official policies for its internal network, those policies did not cover the use of personal devices by party officials. This gap in policy, the Authority concluded, contributed to the mishandling and unauthorized dissemination of voter data. The HDPA also criticized New Democracy for not investigating the incident thoroughly enough after discovering that two of its officials were involved in the illegal transmission of personal data.

Despite New Democracy’s claim that the party did not have the illicit file on its systems, the HDPA raised concerns that the party may have had the file unofficially and illegally, as it find that party officials had been in possession of it.

New Democracy’s response and appeal

In response to the ruling, New Democracy sources stressed that the fine was not directly related to the leaking of e-mails from expatriate voters, but to a parallel investigation into the party’s general compliance with data protection legislation. The party said it disagrees with the HDPA’s findings and will appeal the decision to the Council of State, Greece’s highest administrative court.

New Democracy argued that it has already demonstrated compliance with GDPR regulations and rejected the HDPA’s claim that the party should monitor the personal devices of its officials. According to party sources, the HDPA’s suggestion that New Democracy should control such devices was “manifestly unenforceable and even illegal”.

The party also stressed that the decision was not unanimous, with some HDPA members voting against the ruling and defending New Democracy’s exoneration. “It is clearly stated that New Democracy had no involvement in the leaking of the email and that none of these actions were carried out under its orders or on its behalf,” the party’s statement concludes.

The ruling follows a wider investigation into the Asimakopoulou scandal, which saw a massive leak of emails and confidential information from expatriate voters, and for which the former MEP remains unrepentant.

___________________________________________

Looking for news from Greece presented from a progressive and unconventional perspective? Subscribe monthly or annually to support TPP International in the submission of independent reports in English. Don’t let Greek progressive voices fade away.

Be sure to reference “TPP International” and your order number as the reason for payment.