Access to & reuse of public sector information
Free access to information held via electronic means is backed by art. 5 par. 2 of the Greek Constitution which states that “Facilitation of access to electronically transmitted information, as well as of the production, exchange and diffusion thereof, constitutes an obligation of the State, always in observance of the guarantees of articles 9, 9A and 19…”.
Furthermore, Greece has harmonised both Directives 2003/98/EC on the re-use of public sector information (PSI, L.3448/2006) and Directive 2013/37/EU amending Directive 2003/98/EC on the re-use of public sector information (L.4305/14). Greek legislation has recently been codified by Predential Decree 28/2015.
Εlectronic communications
Greek Law 4070/12 has harmonised Directives 2002/21/EC on a common regulatory framework for electronic communications networks and services, 2002/19/EC on access to, and interconnection of, electronic communications networks and associated facilities, 2002/20/EC on the authorisation of electronic communications networks and services and 2009/140/EC amending those Directives.
The National Telecommunications and Post Commission (NTPC) is the independent authority in charge of the regulation of telecommunications in Greece.
Radio & TV
Censorship and any other preventive measures are prohibited (Art. 14 par. 2 of the Greek Constitution), while the seizure of newspapers and other publications before or after circulation is prohibited (art 14 par. 3). However, Radio and TV fall under the stricter regime of art. 15, which specifies state control for mass electronic media. The Greek National Council for Radio and Television (NCRTV) is an independent administrative authority, provided for in the Constitution (art 15 par. 2) that supervises and regulates the radio/television market.
Privacy, data retention & data protection in the electronic communications
In Greece both protection of personal data and protection of secrecy of communications are backed by Constitutional provisions (arts 9A and 19 respectively). Two independent Authorities supervise each field respectively: The Hellenic Data Protection Authority (HDPA) and the Hellenic Authority for Communication Security and Privacy (HACSP). In particular, for communication data to be revealed, a criminal investigation must be instigated for a particular list of serious crimes, contained in a catalogue described by law (L. 2225/1994). Under current legislation common Internet crimes resulting to harmful or illegal content, such as copyright infringements or defamation, are not included in the list of serious crimes.
Greece implemented the Data Protection Directive (95/46/EC) in 1997, while a constitutional amendment in 2001 has awarded, as explained, constitutional (art. 9A) status to the protection of personal data. Similarly, in 2002, Greece harmonized the e-Privacy Directive 2002/58 and, in 2006, the Data Retention Directive 2006/24, which, however has been cancelled by recent ECJ decisions.
Sector – Providers of publicly available electronic communication services - Competent supervisory independent administrative authorities
National Telecommunications and Post Commission (NTPC) is also responsible for supervising the “.gr” domain (art. 12 par. 24 of Law 4070/12). NTPC is entitled according to the Domain Name Regulation to delete domain names that infringe existing intellectual property rights or trademarks or that have been registered in bad faith or the name which clashes with moral perceptions or Greek public policy. The concept of “public policy” is closer to that of “public order”/”safety” so as to cover the limitations of art. 10 ECHR. However, the application of “moral perceptions”in order to delete a domain name is facing certain difficulties in view of the international nature of the Internet. The procedure may be instigated either by an individual complaint or ex officio. While a procedure for deletion is pending, the chairman of NTPC may issue a decision for the provisional suspension of a domain name, if there are only indications of reasons for deletion or if a court Provisional Order imposes such suspension.
Gambling Law imposes a regulatory regime (arts 45-58 L. 4002/11) regarding blocking of websites. The Greek Gaming Commission (GGC), which is an independent Authority, is entitled to publicise from time to time a “blacklist”of prohibited gambling sites. Mainly, blacklisted websites are those not licensed by the GGC and, hence, not taxed by the Greek State. According to the wording of the law all Internet Service Providers (“ISPs”) apparently meaning all “access providers” - operating in Greece and registered with the Telecommunications Commission (see NTPC supra), as per telecommunications legislation, must disable access to those “blacklisted” sites. The wording of the Law states, generally, that “domain names” and “IP addresses” should be included in the “blacklist”. It is not clear, in the particular provision, which blocking method should be followed: that of blocking the DNS names or the IP addresses? It is also not obvious if any other hardware or software identification or labelling of the blacklisted website is required. It is affirmed however, in art. 3.4 of the Internet Gambling Regulation of the GGC, that blocking must take place when access is attempted for “an IP address residing within the Greek territory”, without any other indication as of how to identify such “residence” of an IP address. Additionally, ISPs must not allow “any action of commercial communication” of illegal gambling providers. Again, it is not evident whether ISPs must block any type of advertisement including, for example, frames and nested hyperlinks. It is also interesting to note that the simple posting of the “blacklist” in GGC’s website is considered to constitute “adequate knowledge” and proof of evidence against ISPs. Furthermore, according to the law, the GGC is also entitled to send to the ISPs a list of “keywords” that indicate a connection to Internet gambling. If the ISPs are being asked to provide a Domain Name that includes any such “key-word”, then they should, within 15 days, notify GGC accordingly.
Internet - Duties & liability of media
In 2003 the Greek legislator implemented (Presidential Decree 131/2003) the Directive “for Electronic Commerce” (ECD, 2000/31/EC) without adopting any specific regulations for blocking, filtering and taking down of illegal internet content. Having as guideline the immunity provided for by ECD, filtering and taking down content by access and host providers has been applied, mainly for violations of copyright, through case-law granting either injunction relief or imposing criminal sanctions. Based on the immunity provided for by ECD, the Greek system introduces a horizontal approach for all types of liability. In the particular area of the Liability of Intermediaries, commentators agree that Internet liability concerns all types of responsibility both under civil, administrative or criminal law, which leads to a general legal liability. The ECD system is completed with the known prohibition of a general obligation of the Intermediaries to permanently monitor content (art. 15 ECD, art. 14 Greek PD).
Internet crimes - Social networks
Greece has signed the Convention on Cybercrime (CETS No. 185, Budapest, 23.11.2001), and is about to (May - June 2016) implement it in domestic law. An attempt has been made to ratify the Convention in 2008, including an additional section for the regulation of blogs and bloggers, without success. The same counts for the Additional Protocol to the Convention, concerning the criminalisation of acts of a racist and xenophobic nature committed through computer systems.
In 2002, art. 348A was introduced into the Greek Penal Code in order to combat child pornography. The particular article has been recently amended in order to harmonise with the Child Pornography Directive 2011/92/EU. Nevertheless, art. 25 of the Directive (measures against websites) has been harmonised separately by art. 18 of Law 4267/2014, stating that the Public Prosecutor is able to order “taking down”of a website hosted in Greece, containing or transmitting child pornography material. Furthermore, in case that the website cannot be traced in Greece or elsewhere, the Prosecutor may order the temporary deactivation (for two months) of any Domain Name assigned in Greece, hosting or leading to such website. Finally, in case that the website is neither hosted in Greece, nor belonging to a domain name assigned in Greece, the Prosecutor may order the blocking of access to such websites. The Order must be individually and fully justified and is addressed to the owner of the website and the National Telecommunications and Post Commission (NTPC). NTPC must, in turn, notify all access providers registered in Greece as per Greek Telecommunications Law (Law 4070/2012). Apart from seeking compliance, NTPC may demand that the provider takes awareness measures for the users.
In 2007, Greece ratified and implemented the UN Optional Protocol on the sale of children, child prostitution and child pornography adopting the specific references to the Internet and emerging technologies. Equally, in 2008 Greece ratified and implemented the Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse (CETS No. 201, known as the Lanzarote Convention).
Recently, Law 4285/2014 harmonised Greek legislation with the Council Framework Decision 2008/913/JHA on combating racist and xenophobic content. The Greek Law criminalises racist content, xenophobia, hate speech, denial, gross minimisation, approval or justification of genocide or crimes against humanity as these have been recognised by international courts or the Greek Parliament. Article 3 of the Law provides that when such actions are being committed through the Internet or other means of communication, then the place of committing the crime (locus delicti) is considered to be the entire Greek territory, as long as access to the particular media is completed in Greece and irrespective of the place of establishment of the media i.e. if the “access” machinery is in Greece, regardless of the main server/source of information being established elsewhere. Therefore, if the illegal content is accessed in Greece then the perpetrator could be subject to the sanctions, no matter if the illegal content is hosted in hardware outside Greece. A Court decision may include, among other, sanctions such as the blocking/take down of internet content.