The scientific online workshop of the Hellenic Data Protection Authority (HDPA), entitled “1st Dialogue Day with the Research Community,” was successfully held on Wednesday 1 October.
Dr. Konstantinos Limniotis, Special Scientist and Head of the Authority’s Department of Research and Studies, welcomed the speakers and participants and gave the floor to the Acting President of the ΗDPA, Honorary Supreme Court Judge, Georgios Batzalexis. In his opening address, the President emphasized that “strengthening cooperation with the academic and research community is a key strategic objective.” He also noted that “over the past three years, the Authority has signed memoranda of understanding with universities and research centers, aiming for a stable connection with the field of research on critical issues concerning data protection and privacy”. G. Batzalexis also made a personal reference to the former President of the HDPA, Konstantinos Menoudakos, expressing his sincere gratitude for “the excellent cooperation from 2016 until recently — nearly nine productive and creative years, during which the HDPA operated in a very friendly environment and was consistently effective in all its actions under his presidency.” In his response, the former President of the HDPA, Konstantinos Menoudakos, Honorary President of the Council of State, thanked him and congratulated all those who contributed to the launch of the Dialogue Days. K. Menoudakos pointed out that “such high-level informational events are a valuable contribution to scientific research and discussion on the critical issues surrounding personal data protection and privacy”.
Dr. Vasilios Zorkadis, General Director of the Authority’s Secretariat, then took the floor and emphasized in his speech that “particularly with the adoption of the GDPR, the Authority has sought to systematically contribute to research and the development of informative material and tools for data protection”. Dr. Zorkadis referred to the Authority’s four recent relevant projects (byDesign, byDefault, byRisk, and XTRUST-6G) and explained that “the HDPA aims to collaborate with scientific bodies, supports research, and to the extent possible, seeks to contribute as well”. The keynote speaker of the 1st Dialogue Day, Jaap-Henk Hoepman, Professor at the iHub at Radboud University Nijmegen and Visiting Professor at Karlstad University stressed in his presentation entitled “Privacy-Friendly Digital Wallets? The devil is in the details (unfortunately)” that “The EU Identity Wallet is supposed to offer European citizens a privacy friendly means to prove (aspects of) their identity. Unfortunately, the current implementation breaks the privacy guarantees that the attribute- based wallet offers in practice".
Key Points
1st session:
The first session, entitled "Data Protection Issues in AI Applications I" was moderated by Professor Christos Kalloniatis, Member of the Authority and faculty member of the Department of Cultural Technology and Communication, School of Social Sciences, University of the Aegean. Professor Vasileios Verykios, Vice-Rector for Student Welfare and Professor at the School of Science and Technology, Hellenic Open University, presented on the topic of “Large Language Models (LLMs) and Privacy: Challenges, Risks, and Regulatory Approaches”. He emphasized that “LLMs pose significant privacy challenges due to risks of data leakage and manipulation, while the existing regulatory framework, along with proposed technical and organizational solutions are critical tools for their safe and responsible use”. In her presentation “Triple Compliance for AI-Based Medical Technology: GDPR, MDR & AI Act” Anastasia-Nefeli Vidaki, PhD candidate at the Cyber & Data Security Lab, Vrije Universiteit Brussel, analyzed the interplay between the AI Act, GDPR, and MDR in the context of medical technology, with a focus on issues of accuracy, data governance, transparency, risk management, and compliance. She proposed aligning legislative requirements with technical documentation during the development of such devices. Next, Anastasia Fylla (LL.M., lawyer) and Sotiris Pelekis (AI Researcher in Energy Systems) delivered a joint presentation entitled “Challenges Regarding the Protection of Personal Data in the Development of Testing and Experimentation Facilities (TEFs) in the energy sector”. Drawing on the EU-funded research project EnergyGuard, they presented the project's objectives, the functions of its platform, and the legal/ technical issues related to data collection and processing within such facilities.
2nd session:
The second session, entitled "Data Protection Issues in Artificial Intelligence Applications II," was moderated by Professor Kostas Lambrinoudakis, Member of the Authority and Professor at the Department of Digital Systems, University of Piraeus. Assistant Professor Vasiliki Diamantopoulou of the Department of Information and Communication Systems Engineering, School of Engineering, University of the Aegean, and Professor Stefanos Gritzalis, Professor of Information and Communication Systems Security at the Department of Digital Systems, University of Piraeus, former Rector of the University of the Aegean, and member of the Hellenic Authority for Communication Security and Privacy (ADAE), delivered a presentation entitled “Privacy Protection and Large Language Models: The ‘Membership Inference Attack’”. The speakers highlighted that “in large language models, the Membership Inference Attack- MIA, aims to compromise the privacy of individuals”. Moreover, the nature of the attacks, their implications for individual privacy, and the available defense strategies were presented. Next, Dr. Manolis Terrovitis, Senior Researcher at the Athena Research Center, presented on the topic of “Privacy Issues in Machine Learning Models.” He described the challenges arising from the use of personal data during the training and deployment of machine learning models. He outlined scenarios involving the leakage of sensitive information and introduced privacy-preserving techniques such as differential privacy, federated learning, and data anonymization. Finally, Dr. Giorgos Giannopoulos, Research Associate at the Athena Research Center, gave a presentation entitled “Challenges in Achieving Algorithmic Impartiality in Artificial Intelligence Systems”. He explored certain gaps between legal frameworks and algorithms, with regard to the goal of achieving fairness in Artificial Intelligence systems and pursued to bridge the two domains.
3rd session:
The third session of the event was entitled "Special Topics in Data Protection" and was moderated by Dr. George Rousopoulos, Special Scientist and Head of the Supervision Directorate of the HDPA. Eleftherios Tranakos, Lawyer M.Sc., and PhD candidate at the Department of Public Administration, Panteion University, presented the topic of “The Protection of Personal Data in Insolvency Proceedings: Concerns and Challenges”.
He examined the protection and processing of personal data in the context of insolvency procedures (Law 4738/2020), highlighting the legal and practical challenges that arise—particularly in light of the GDPR. Asteris Th. Girmpas, Lawyer and PhD candidate at the Faculty of Law, National and Kapodistrian University of Athens, delivered a presentation on “RFID/NFC implants as digital identity: Issues concerning the right to privacy.” In his presentation, he explored “the post-Orwellian scenario of merging the human body with radio-frequency identification (RFID) and near-field communication (NFC) devices for the purpose of subject identification”. Dr. Sotirios Brotsis, PhD in Informatics and Telecommunications from the University of the Peloponnese, made a presentation entittled “Privacy-preserving features through blockchain technologies”. His presentation focused on three key questions: “Why does privacy matter in the blockchain technology? What privacy enhancing techniques are used in this technology and how can this technology comply with the right to the erasure?
4th session:
Finally, the fourth session of the “1st Dialogue Day with the Research Community,” entitled “Surveillance algorithms and the challenge of preserving privacy,”
was moderated by Maria Psalla, Legal Expert (MSc) and Alternate Member of the Authority. The session began with a presentation by Evangelos Zarkadoulas, PhD candidate in Law at Vrije Universiteit Brussel, Researcher at the VUB's Cyber & Data Security Lab, Senior Officer of the Hellenic Police, and Justice and Home Affairs Counsellor at the Permanent Representation of Greece to the EU, titled:
“Utilizing Artificial Intelligence by Law Enforcement Agencies: Emerging Challenges for the Protection of Personal Data”. In his speech, he highlighted both the benefits and challenges of AI in the field of law enforcement, focusing mainly on the legal framework, practical applications, personal data protection safeguards, and the need for transparency, training, and public acceptance. Next, Andreas Kanakakis, PhD candidate and Researcher at Vrije Universiteit Brussel and Université du Luxembourg, presented on the topic of “Web Crawlers supported by AI systems (the case of facial recognition) and data protection”. His presentation focused on web crawlers powered by the use of AI by law enforcement in criminal investigations, as part of the automated collection of publicly available online data. He addressed privacy concerns, data protection challenges, and the need for legislative regulation. The session concluded with a presentation by Giorgos Bouhagiar, Postdoctoral Researcher in Law and Technology at Vrije Universiteit Brussel and the Ionian University, entitled “Emotiveillance: Emotion prediction in the age of Artificial Intelligence”. His study proposed a “mechanism for the appropriate governance of AI functions aimed at emotion prediction—elements, that “like ideas or thoughts—inasmuch as they are not expressed directly or indirectly—should remain outside the reach of any law or practice”.
At the end of each session, speakers addressed a range of key questions posed by the audience. The event was officially concluded by Dr. Limniotis, who offered a brief summary and expressed warm thanks to the speakers and all attendees.
Conference presentations are available (in Greek) at: https://www.dpa.gr/el/enimerwtiko/ekdiloseis/1i-imera-dialogoy-me-tin-ereynitiki-koinotita
Ιndependent Department of Communication and Public Relations
