175,000 fine from the Protection Authority Data at the Ministry of Migration and Asylum

A fine of 175,000 euros was imposed on the Ministry of Migration and Asylum (YMA) for the operation of the “Kentaurus” and “Overseas” programmes. The Authority has carried out a thorough audit of the integrated digital electronic and physical security management system (‘Kentaurus’) and the integrated entry-exit control system with a reader in combination with a footprint (i.e. biometric data processing) at the premises of the hosts’ structures as well as workers and certified members of non-governmental organisations. The Authority found insufficient cooperation on the part of the Ministry of Migration and Asylum, as the Director of Processing and further considered that the required Copy Assessments on Data Protection carried out by the Ministry were substantially incomplete and limited in scope, as well as that serious omissions remain with regard to the compliance of the Ministry with specific provisions of the GDPR with respect to the implementation of the systems at issue. For these reasons, he imposed an administrative fine of EUR 175,000 for the infringements found in connection with the cooperation with the Authority and the Copy Assessments and, at the same time, addressed the Ministry of Compliance within three months with regard to its obligations arising from the GDPR. The “Kentaurus” Program is reportedly a comprehensive digital system of management of electronic and physical security perimeters and within the facilities of the Centers for Closed Controlled Structures (CEDs) (& Reception and Identification Centres (KYTs)) of third-country citizens in the islands of Lesvos, Chios, Samos, Leros and Kos using cameras and algorithms of motion analysis (Artifical Intelligence Behavioral Analytics), whose management will be carried out by YMA. The ‘Centaurus’ programme includes, inter alia, the use of a CCTV system and drones, with which personal data will be processed, at least image. At the same time, the Hyperion Programme is described as an integrated entry-exit control system at the premises of the aforementioned structures for the purpose of controlling entry and exit on the one hand of the hosted and certified members of the certified non-governmental organisations (NGOs), by demonstrating the asylum applicant card or member/representative NGOs, and on the other hand, by RFID reader in combination with a two-factor authorisation, through which personal data and de biometric data are processed.