Table of Contents Previous Document Next Document

LAB logo

European Commission
Legal Advisory Board

LABnews September 1997

Flags of 15 EU Member States

6. Data protection

6.1. Greece - Data Protection Act

In April 1997 the Greek Parliament passed the Data Protection Act. Designed to guarantee a basic level of privacy protection, the Act (law 2472/1997) is in line with EU Data Protection Directive 95/46/EC and the 1981 Convention of the Council of Europe. It establishes a Data Protection Authority together with a set of guidelines, principles and rules relating to the use, processing, storage and export of personal data both in electronic and manual files.

It also imposes registration and notification of electronic data processing and defines the licensing requirements which apply to the establishment of databases containing personal data and to the transfer of personal data overseas. Transborder data transmission from Greece to EU countries is unrestricted. Transmission of data to other countries requires a licence to be granted by the Data Protection Authority on the criterion of reciprocity.

Data subjects are entitled to access and correct the data relating to them and to claim compensation where loss or damage is suffered as a result of the use or disclosure of such data. Infringement of the legislation entails administrative, civil and penal liability.

The new legislation needs to be complemented by sectorial rules (digital networks, ISDN) in view of the liberalisation of all communication services scheduled in Greece by 1 January 2001 and the competitive provision of liberalised services on alternative networks planned for the beginning of 1998.

The Act can be accessed in Greek at the Athens Bar Association legal data base (

6.2. Italy - Privacy law amended

The Law 675/96 on protection of personal data has been amended by the Legislative Decree 255/97. The text of the Official Journal reporting the legislative decree is available on the Internet at

The amendment, the second one since the enactment of the law, aims to simplify the procedures for notification of the treatment of data in some specific areas. The Legislative Decree 255/97 also postpones the coming into force of compulsory notification of personal data treatment to 1 January 1998. The law 675/96 on data protection, except for the section on notification of treatment of data, has been in force since 8 May 1997. The technical specifications on the minimum measures to be taken in order to guarantee security of data will be established by the Authority for Information technology in the Civil Service. It also provides for a general framework of data protection, and implements Directive 95/46/EC.

It establishes an independent regulatory authority, the Garante per la tutela dei dati personali, with inspection powers and concurrent judicial protection for the individual on civil and criminal grounds. Prof. Stefano Rodotà, a member of the Legal Advisory Board, has been chosen to head this new body.

As the law sets up a totally new framework for the Italian legal system, the Government has been delegated the powers to enact corrections to the law in order to smooth its application with no prejudice to the basic principles thereof.

LAB Home] [ I*M Europe Home] [ Help] [ Frequently Asked Questions (FAQs) ] [ Subject Index
Text Search] [ Discussion forums] [ Feedback and queries] [ Europa WWW server]

Home - Gate - Back - Top - Capter6 - Relevant

©ECSC-EC-EAEC, Brussels-Luxembourg, 1997