PEGA-UntersuchungsausschussGriechenland überwacht Journalisten mit Statstrojanern

Am Donnerstag, den 8. September, veranstaltete der Staatstrojaner-Ausschuss eine Anhörung zu Griechenland. Wir veröffentlichen ein inoffizielles Wortprotokoll der Anhörung.

Thanasis Koukakis, griechischer Journalist, der Opfer der Spionagesoftware Predator geworden ist, spricht vor den Mitgliedern des PEGA-Untersuchungsausschusses.
Thanasis Koukakis, griechischer Journalist, der Opfer der Spionagesoftware Predator geworden ist, spricht vor den Mitgliedern des PEGA-Untersuchungsausschusses. – Alle Rechte vorbehalten Europäisches Parlament

Der Untersuchungsausschuss hörte griechische Journalist:innen, die ihre Erfahrungen als Opfer, aber auch als Ermittler:innen der Überwachung schilderten, und diskutierte das Thema mit griechischen Regierungsvertreter:innen.

Von der Anhörung gibt es ein Video, aber kein offizielles Transkript. Daher veröffentlichen wir ein inoffizielles Transkript.


  • Date: 2022-09-08
  • Institution: European Parliament
  • Committee: PEGA
  • Chair: Jeroen Lenaers
  • Experts:
    Panel 1: Thanasis Koukakis (journalist, targeted with Predator), Stavros Malichudis (journalist, victim of wire-tapping), Eliza Triantafillou (investigative journalist Inside story)
    Panel 2: Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post), Panos Alexandris (Secretary General of the Ministry of Justice and Human Rights), Christos Rammos (President, The Hellenic Authority for Communication Security and Privacy, ADAE)
  • Links: Hearing, Highlights, Video
  • Note: This transcript is automated and unofficial, it will contain errors.
  • Editor: Emilia Ferrarese

Use of Spyware in Greece

Panel 1

Jeroen Lenaers (Chair): Well, good morning, colleagues, and welcome to all and substitute members of our enquiry committee who are present here today. We will have a hearing today on the use of spyware in Greece. And just as a point on the agenda and the agenda, we’ve had also foreseen that we would have a report back from the delegation to Israel. But since we have a limited time available today, I proposed to postpone that to our next session where we can have a bit more time. So if there are no other comments on the agenda, we consider it adopted. We will have interpretation in German, English, French, Italian, Dutch, Greek, Spanish, Hungarian, Polish, Slovakian, Slovenian, Bulgarian and Romanian. As you are all aware by now. We haven’t been informed that interpreters are still on strike until the 12th of September. We have tried to get all our guests here today in Brussels so we can have a full interpretation. But for those who are connected online, I would just like to point out that those interventions will be in English today, but not interpret it, even though all the questions that you will ask from this room will be interpreted in the room. Then we move immediate to our hearing. And let me first of all, thank our guests on the panel for their willingness and also the flexibility shown to come to our meeting room in such a short notice, because we are, of course, also with all the developments over summer. And there was a strong desire to have this meeting on developments in Greece earlier than originally planned. So I really thank all of you to be available on such short notice. Let me also thank the Secretariat and all the group advisors and everybody else involved for making this hearing possible. Now, we’ve all been following the reporting on Greece over the past summer, and this is the reason why we decided to have this meeting here today. And the key task of our committee is, of course, to investigate the use of Pegasus or equivalent spyware in the member states in breach of EU legislation or the treaties. And to be able to assess this, we have to have a solid base and today’s hearing is one of the many we hold in order to get to that sort of base. We’ll have two panels. We’ll start with the first panel, and we’re very happy to welcome Mr. Thanasis Koukakis, a journalist for the Greek media outlet News, but also a contributor to many other news outlets, including CNN and the Financial Times. And his phone was infected with Predator spyware in 2021. We welcome Stavros Malichudis first was as a journalist from the investigative outlet Solomon and Reservations, published by Greek newspaper. If you may read the Toms intact. Tom indicated that the IMF, the EIB, had been conducting a monitoring of his communications as well. And we welcome Eliza Triantafillou, who is an investigative journalist for Inside Story and has written extensively about the recent developments in Greece. So I would give you all the floor for about 10 minutes to make your contributions, and then we will open the floor for questions and answers. So I would like to start with Mr. Koukakis. You have the floor for 10 minutes.

Thanasis Koukakis (journalist targeted by spyware): Thank you, Chairman. Members of the Committee, thank you for your invitation and for your willingness to focus on this very specific and important issue. And allow me to speak in Greek and. So effectively my case, the two wire toppings because there’s two of them started in the summer of 2020. We are talking about the period when we already had some articles in the Financial Times, along with the Athens correspondent of this newspaper, is getting hope. We had shown that the Greek government legislated in a particular way so that. Basically they are in favour of financial crime, the white collar crime. So what were those articles about in the Financial Times, first of all? We spoke about how the Greek government in November 2019 changed the penal code and in effect, when the Greek prosecutors found that within a bank there has been a fraud. They could not directly move forward. With bringing these prosecutions. So I suppose that in your countries, when the prosecutor finds that a banker is effectively working at the expense of his own bank and is committing fraud, then he will be prosecuted. This is not the case in Greece. In order for the prosecution to take place, the prosecution of a banker, the board of the bank itself has. To take this person to court. So this was one of the issues that we had written about in an article with Ken Hope. Then we mentioned another change in the law, which is also something unique in Europe. And I would like you to know about it in Greece. All of the proceeds of crime that. Have been frozen by the prosecutors and the relevant authority. Again, the law changed in 2019 and the proceeds of crime are being returned to the people that committed the crimes. This was just a change in the law in Germany, for example. The prosecutor can actually not only freeze but also confiscate these assets in Greece. If 18 months have gone by and things have not moved forward in court, then automatically these assets are unfrozen and they are returned to the criminals. Another. Legislative initiative of the government. All of these things are published and we have written about them in the Financial Times. Had to do with the way the government changed the tax code so that when a prosecutor found that someone has. Evaded tax over €150,000, which is a felony. They cannot actually prosecute this person unless the Greek tax authorities. Have. Certified that there has been this tax evasion. Why am I talking about these articles? Because these articles in the Financial Times caused a reaction by the government in 2020. They sent letters to the editor of the newspaper. Of course, the newspaper stood behind the journalists because we had the data to support our story. And then in the summer of 2020, the Greek government decided. For reasons of national security to wiretap my phone with conventional means, not with the Predator programme. And that started in June 2020. My mobile phone had started acting weird at the time. It ran out of battery very quickly. And whenever I called someone. It didn’t drink. I was connected immediately. I was amazed by that. And after two visits at the. Technical services for the iPhone. They found that there was no technical problem. So I tried to see if I was being wiretapped. And then later in the year, in 2020, someone told me, a source told me that indeed the National Intelligence Service was wiretapping me. And then in August 2020, that was in July. And then in August 2020, he actually brought me some evidence, and that was basically a transcript of a phone call of mine. As soon as I got that transcript, I went directly to the Privacy Authority in Greece. It is an independent authority from the constitution. You will hear from the president as well. He will tell you the details. As soon as I went to the. Privacy Protection Authority. We found from a report of. A journalist then called Reporters United that on the same day that I went to the Privacy Authority, the National Intelligence Service stopped the wire tapping me. But it’s not only that. A few months later. While the deadline was still running, the deadline for the Privacy Authority to tell me whether I was being wiretapped or not. The Greek government in May 2021 changed the law that had been in effect for 27 years before, and then the authority could not tell someone if he was being wiretapped, if it was for reasons of national security. So I would also like to let you know that on the 28th of July, I went to the European Court of Human Rights against this change in the law, and I hope that will be vindicated. So when the Lord sends day in March 20, 21, three months later, I got another message on my phone and it said, Son, I said, Do you know about the thing? And there was a link in it off a web page. It was some financial news. I clicked on the link. And then I saw that indeed it was it. I was redirected to a web page about some financial issue and actually answered no, I did not know that. That was on the 18th of July 2021, and that was the exact moment when my phone was infected with the predator or spyware. And that lasted until the 24th of September 2021. And this was certified by the Citizen Lab of the University of Toronto. And I think you have heard from them in your committee as well. And Bill Mazurka, if I’m not mistaken, who is responsible for the analysis saying that Technical Institute has already mentioned to your committee that they had found this spyware on my phone. Now, the Greek government denies the fact that they have this breadth of spyware. If it was not for your committee to move forward in order to take the phones of the MEP and if this link, uh, this predator link had not been found in the phone of Mr. Downer. Likewise, I would have just been a random case that had to do with wiretapping between private persons, as the Government says. The fact that your committee exists and the way in which you are actually looking into this found. The spyware into the phone of MEP Ms. that I would like you. So it came out that I was not the only one that was being wiretapped through Predator. So now the research is ongoing and the. It is on the agenda. I am sure that more cases will come forward. That is all I had to say. Thank you very much.

Jeroen Lenaers (Chair): Thank you. Thank you very much for your contribution and for also highlighting the role that our committee played. I am sure there will be many members interested in asking further questions. So we’ll come to that in a moment. But the first part, the floor to Mr. Malichudis, you have the floor also for 10 minutes, this one.

Stavros Malichudis (journalist targeted by spyware): Hello from our side also. And it’s an honour to be here. Although I have been used to be on the other side of this room and I would love to talk in Greek.My name is Stavros Malichudis. I’m a journalist. I work for Solomon, an independent media, and I’m a part of United, a network of journalists. As Mr. Koukakis said, I mainly cover issues that have to do with the refugee issue, and especially for foreign media. No good could move forward to the seventh slide, please. No. My word thumping came to light in November 20, 21 from a newspaper. You can see on the left side the first page of the newspaper. It’s a familiar business checked on. It’s the main newspaper of the left wing in Greece today. And that was an exchange of messages. So on the left hand side, you can see the first page of the newspaper. Now, this was internal correspondence of the National Pen Service, where some people within the agency were asking for information for people that were being worth up to. And I’ve also translated it in in English, and you can see it in slide number nine now. The you can see here that my name has been blacked out. And as you can see in the message, the role of the National Intelligence Service has to do either with organised crime or dangers to national security. The very interest you can see here is purely journalistic. They want to find out about my information, who my sources are, where I’m going to publish those things. And they’re asking about information about a 12 year old boy from Syria. The colleagues in Athens are asking from their colleagues in course information about the child and the worker of the IOM that they knew I was talking with. Now, let me add another thing. They are talking about reliable sources. So what they have what we have found out is that when they are talking about highly reliable sources, it means that they are listening in to your phone. So that is code for that. The one problem here is that the government through me. He’s asking and is basically also following a work of the International Organisation for Migration, which begins of being a U.N. organisation, is also an official partner of the government concerning the refugee issue. So this is not some kind of conspiracy against the democracy in Greece or a danger for national security. This is purely journalistic. They want to find out what I’m going to write in my article in the future. When we found out that I was being wiretapped, I was lucky because I was working for the FSB as long as France Crafts Press and my employer sent a couple of letters to the government. There had been some announcements from the Foreign Press Association in Greece, and because I was working for a large agency, the government was forced to answer with two letters as well. So if you could move to slide number 13, please. You can see the letters there. The point of those letters is that the government denies. Somewhat telegraphed early in the first one and rather more in a rather more extended way in the second one. Not only the fact that I was being wiretapped, but that journalists in general are being wiretapped. And they say that if something were to happen, the government would find it unacceptable. Now, the problem with this letter, which is signed by Mr. Get Up at eight, is which is a minister responsible for public administration, is that at the time when these were being written, Mr. and Mrs. Koukakis was already being followed. So we have at least one wire tapping of journalist. And I mean so. This is a point that is untrue in this letter. No, I would like to say what a few things about what someone can do when he finds out that he’s being wiretapped since he’s been living and working in a country for 30 years. And I do not think that I am a danger to national security. Now, me, through my lawyer, Mr. Laws, have told those things to the prosecutor. And if nothing happens in the Greek courts, we will also go to the European courts. Now, another thing that you have to know about my wiretapping is that in all probability, I was not the person of interest or not the sole person of interest. The interest in my wiretapping, besides me being a member of two groups of investigative journalism, Solomon and Reporters United, I was cooperating with investigating Europe, lighthouse reports and other international investigative journalists. And we were trying to set up such a network in Greece. So that means that anyone who was listening into my phone calls through me at this period when I did not know that I was being wiretapped, were also collecting information about tens of thousands of colleagues, journalists that were looking into issues of public interest in Greece. In January with my colleagues and reporters united, we brought out the issue. I would not like to take up any more of your time right now, but I would. I think that, in my opinion, it is very problematic for a journalist to be wiretapped by the government of the country that you are living in. They went to school you work in and where the people you love live. And there was, again, another amendment in the law that was actually brought to the parliament in a piece of legislation that had nothing to do with the issue. Where they actually took away their right. But I think we should have in every European country to know that we had been wiretapped.

Jeroen Lenaers (Chair): Thank you. Thank you very much, Mr. Malichudis, for your contribution. Also, thank you for sticking to the time limits because I know there will be many members also interested to have a further dialogue with you. But before we do so, I’d like to pass the floor to Ms Eliza Triantafillou. And before I do, if I’m assuming that all the coordinators present here will take the floor in the next round for all those who are not. Coordinator. Rapporteur and you would like to take the floor? Please indicate during the contribution of Mr. Phillips that we can make a speaker’s list and we can try to do this in a somewhat organised fashion. So thank you very much. And you have the floor for 10 minutes.

Eliza Triantafillou (investigative journalist): Good evening and thank you very much for the invitation. I work as a journalist in a site called Inside Story and I first started looking into this predatory spyware that is being marketed by a certain company in Greece. After two independent investigations by the citizens lab in Toronto that was already mentioned and another investigation by Metro, the parent company of Facebook. From January until today, nine months have gone by and during those nine months, the Greek government and the Greek services have not actually controlled this company that is marketing the spyware in Greece. So when these two investigations came out back in January, we came out with our first report and we mentioned we’ve revealed the company that had been set up in Greece because first of all, it had been kicked out of Cyprus when they found a spying van in the country in 2019. So they came in to Greece. They took up two floors and two basements in a rather large building in a clinic. So, I mean, it’s not, you know, just a P.O. box company that just has. Some attacks residents in Greece. It is actually a company that employs people. It is a company that after the. First, the actual official revelation of a European citizen, Mr. Koukakis, being worth up to better. They have doubled their personnel. And this is a company that the Greek Privacy Authority. But as. Taking over the case of Mr. Koukakis. And the point of the investigation is whether this spyware is being used by the state or not, not whether it is actually being used, because what they are in effect doing is taking if the government is telling the truth, that it is not being used by state services. And that was actually what the government representative said on the first day, that this is something between private persons. So it’s a bit surprising that the Privacy Authority, instead of looking into who is using this powerful spyware that can be used not only against journalists, but also against politicians, as we have seen. And. I mean, who can say it can be used against ministers, diplomats? I mean, or even, I don’t know, against the Prime Minister. This should be general alertness, I think, and we should look into that company. Because I mean, this is actually that’s being marketed openly. It’s not that someone found this in the dark web and, you know, through a hacker or someone. So what the Privacy Authority did was make an appointment two months after the first report with the. The lawyer is. And the rest of the staff at the company. In the meantime, of course, the offices were empty because they were working from home. And that meant that this time, these two months that were lost demand, that the developers, the sellers of the product could not be questioned as to who the clients of the company were. And, uh. Even. During this late control that was carried out. They did not control a lot of important issues, nor did they control the bank accounts of this company or other related companies. Despite the fact that. Pharmacist Koukakis had mentioned those bank accounts. At the same time, the injustice and injustice does not seem to move. As fast as I would like as a citizen. Meaning that they were very quick into looking into the leaks. Uh, and this is being run by Mr. Dukakis, who is the prosecutor of the highest court in Greece. But on the substance of the case, that the research is, you know, just moving along rather slowly, but if at all. So what we said from the first the very first moment, I mean, when we say we, I’m talking about the inside story. And Mr. Taylor blew. What we had said from the outset. We looked into the domains that the matter had made public. We had seen that a lot of these websites were Greek websites. And actually, they didn’t even mention the website that was used for Mr. Koukakis and Mr. Andrew Lucas. We found out later the 43 initial Greek sites that turned out to be 50. Now they are very popular sites, they are media sites and they usually contain a small typo. So they’re not the actual site. And they have also specialist sites like grandmas dot zero. It’s called the helmets dot. We thought it had to do with, you know, bike helmets. But in the end in the end, it turns out that it has to do with security forces in the army. So someone wanted people that had this kind of profile. So they were not only looking for journalists or politicians, so there were other targets as well. So indeed then we had the case of Mr. Androulakis, I guess, where, if I’m not mistaken, the prosecutor of the Supreme Court said that, uh. The Electronic crimes unit of the police should know should look into that. Where I’m talking about a company that has actual officers, personnel, I mean, they’re not some were. Over the Internet. It’s not some unknown hacker. So the government keeps repeating that they have not purchased this spyware. So it is not they that are using it. But of course. I say to that that you don’t have to have bought it in order to be able to use it, because they could have outsourced it to someone, to a private person that was working on orders and the many ways in which the information from this spyware could end up in the hands of even the government or services of the government. Following the case of Mr. Andrew like this a couple of days ago, we had a report in the Americans Electronic the newspaper where two employees of the National Intelligence Service also said that they had been targeted with these suspect URLs. So we have so far four known persons that have been targeted, and we think that this number is going to grow as well. But we are losing valuable time. No one has really looked into this company. If they have audit logs or are there files in their servers, in their internal communications that could reveal who their client is if it is not the Greek government or some government services. And at the same time. Like Mr. Dialogue, Lew wrote today in an article based on the European Directive of 2021 that has been transposed in Greek and Cypriot law. And Cyprus is important because this company intellects started in Cyprus for the dual use products that includes spyware, and that dual use means that they can be used for civilian and military purposes. Then any company that exports those products, they have to notify the relevant authority in the country so that they will get the permission. We know that the intellect has actually exported this product from Greece and that we know that they have not asked for an export licence from Greece. From the relevant authority, which is a unit in the Foreign Ministry. So. As the story moves along. We see, you know, a lot of blind spots that are not being looked into. So that is all I had to say. Thank you very much.

Jeroen Lenaers (Chair): Thank you. Thank you very much for your contribution. Before I open the Q&A session of this panel, I have written down as members who want to take the floor, in’t Veld, Zoido, Heide, Thun, Bricmont, Georgiou, Kouloglu and anybody else? Mr. TudoracheI, Mr. Puigdemont, Ms. Kunkel And then I close the speakers list. Just to emphasise this. We have a three and a half hour timeslot for two panels with three guests each. So we are quite tight in terms of planning. I just want to ask all of you to really stick to the timing so that we can have sufficient time for both the panels and everything that we go over time will unfortunately go at the expense of other members who also want to speak or of our second panel. So that having said, please stick to the 2 minutes and I first pass the floor to our rapporteur, Sophia.

Sophie in ’t Veld (Renew): Yes. Thank you, Chair. And I’ll try and be very brief. But first, I would like to thank our guests who are not just willing to testify here today, but who are really doing an amazing job as investigative journalists holding power to account. And I think that also underlines why it is so important that journalists, but also politicians, lawyers, NGOs, can do their work safely and freely knowing that they are not being spied on. I mean, this is essential for democracy. I’m going to just fire some questions at you in random order. We learnt this morning that apparently the data from the file on Mr. Andrew Leykis are being deleted because the authorities say that they’re not relevant. It’s the same happening in your file, Mr. Koukakis. Are you aware of this? Secondly, on the investigation, I mean, I have to say it’s not entirely clear to me who is investigating and in what way, but I think the only way of finding any traces of who ordered the use of Predator is by going into the intellectual offices and confiscate all the material their computer servers. This has not been done so for months and months and months, INTELLECTS had the opportunity to erase all traces. Can you comment on that? Certainly there’s been a lot of and let’s say a lot has been said about the personal connexions, which in various steps connect at least Mr. Dimitriadis, the nephew of Mr. Mitsotakis, to somebody who is employed by intellect to repurchase United, who have reported on this, were then subsequently hit by some mega slaps by Mr. Dimitriadis. So apparently he disagrees with the revelations, but seems to me quite obvious that they are at least personally connected. Now that brings me to the topic of the government denying that they have ever bought Predator. It’s probably true. I’m inclined to believe them, but they might use their connexions to actually have somebody. Intellects are doing the job for them. Would you think that is possible? Has that question come up in the parliamentary enquiry in the Greek Parliament? On a short question to Mr. Malichudis. Just a technical thing. Were you living in Greece at the time your phone was hacked? You were living in Greece. Can you say a little bit more about the two NYP agents, which apparently have been hacked as well, or monitored? And apparently there was an internal note reflecting on their personality, saying that they were a bit difficult to manage, which apparently becomes then a reason to be monitored. And last question, can you comment on the rumours that not only opposition politicians have been hacked, but also members of the government party in order to collect? I don’t know, maybe compromising material. Of course, they all behave like angels. We all do. Thank you. But I would like to thank you.

Jeroen Lenaers (Chair): We’ll start with Mr. Koukakis, because you had the first concrete question, please.

Thanasis Koukakis (journalist targeted by spyware): Yes, I will allow me again to reply on Greek. Okay. Now about your first question as to whether the material. Well, if the wiretapping of Mr. on the legs has been destroyed today in the Greek press, there is an article that says that, uh, according to what the Telecommunication Privacy Authority has learnt from the National Intelligence Service, the file of the wiretapping of Mr. under the legs, that by law should be held for a period of two years. It is not available because there was a technical problem with the storage of the file. This is exactly the same excuse that was used for my wiretapping for that file as well. So we that have been followed for reasons of national security. For some curious reason, the file is not there. So it’s a technical problem, as it were. So that answers your first question. Now, concerning. What about the resignation of Mr. Dimitriadis, who is the secretary general for the. A Cabinet of the Prime Minister. A resignation took place when the case of Mr. Palmer like this came out. You mentioned some articles that. Say that Mr. Dimitriadis was also the nephew of the Prime Minister, had a relationship with the person that is the representative of intellectuals in Greece. The articles in the inside story and the report as United have proven this relationship. This is not a friendly or a social relationship. It has to do with money changing hands. And that took place sometime in 2021. Now, Mr. Dimitriadis says that all of these articles from Inside Story and the Reporters United are wrong. And this is why he has taken them to court. But not only them. I would like to let you know that. Because I retweeted the story of reporters united. Ask my letters. Thousands of like thousands of other people did. Mr. Dimitriadis also filed a lawsuit against me, asking me for €150,000 unless I deleted my tweet. Okay. What I would like to say now is the following. The journalistic investigation in Greece every day brings new things to light. And those things prove that the government has cooperated with some, rather. Dark people, as it were. So. Okay. This is. And this is in a realisation, but I cannot get into details right now because it will take too much time. So these persons have to do also with those systems, wiretapping systems that are used by the National Intelligence Service as well as with Intelex. So. We are waiting for the prosecutors to do their job and use the evidence that are in the press. And you can see those things in the articles Inside Story and Reporters United are actually demonstrating how we have. Transactions between the secretary general of the Cabinet, of the prime minister and the former representative of this company, Intellect in Greece. And the latter person has also been in the courts, in the Greek courts in the past. So that person brought this company from Cyprus to Greece. So, I mean, the relation is obvious. The government now is hiding behind the fact that the state has not bought the system. I mean, this is ridiculous. Let me give you an example. Today, the Hellenic Coast Guard has got seven boats, excellent boats that they are using for the purposes. These boats were not purchased by the Greek government. The Cabinet of the Prime Minister asked for the Union of Greek ship owners to buy those boats for the Coast Guard. So who will be? I mean. If you’re if you look for who purchased those boats, I mean, it will be the union of the ship owners. And then they made a donation. So. This is a you know, just to give this is just an example to give you their way of thinking. And I think that for the rest of the questions Stavros and Eliza can help.

Eliza Triantafillou (investigative journalist): Concerning whether Intellexa is. You know, deleting their fingerprints or not. I cannot know that, but I think that they would have good reason to do that before they were audited. It seems that they are moving in that direction because after the first revelations they asked the personnel to work from home. But I cannot know that I have no evidence for that. From what we have found out so far. But we do have some information and we are still trying to cross-check them about the transport of machines, servers, basically in some places that are, you know, out of reach. But this information is still being cross-referenced. Now, the good thing is that. We are waiting for the enquiry committee in the Parliament to start and then maybe the Government will seise the opportunity to do what the Privacy Authority didn’t do and actually invite people that the key people in that company, a Greek and Israeli people and, you know, examine them in that committee in parliament so that we will find out about some information that may not be available anymore. So I think, if I’m not mistaken, today, the parliament is deciding who they are going to call to testify. And of course, from those names who will be called to testify and who will not be, we will be able to understand a lot of things, especially us, that we are living in Greece. But, you know, judging from what has happened in the Standing Committee for transparency so far, the witnesses that came from the government so far have given us no information. And they all said that it was for reasons of national security. So I don’t know. We live in, we hope. No. If they are using it indirectly, I will not exclude that. I mean, maybe yes, it could be used on behalf of the Greek government through a proxy, through someone else. We have seen some Twitter accounts recently that brought out. Some documents of the company, and it seems that the company does not sell the spyware. There’s not only certainly spyware, but you could also rent it or they sell it as a service. And that means, you know, that it could be something that could be more economical, especially for a country like Greece. Now, as to whether they are collecting data that could be used for blackmail or, you know, compromising material. I. I cannot know that either. But it seems that in the case of Mr. Koukakis and Mr. Androulakis, I guess it seems that the, these, uh, you know, reasons of, uh, national security were just an excuse that is being abused. And the. Apparently there is no interest of national security when, you know, one of the persons asked the Privacy Authority and when the latter was elected president of a political party. So, you know, it could be a really serious problem for the National Intelligence Service to be listening in to a president of a political party and not just a simple MEP. So. We can see it from the statistics as well, that we have an abuse of the system of legal wiretapping. And why am I talking about legal wiretapping? So when we’re talking about threats. Because both in the case of Mr. Koukakis and Mr. Androulakis, we’re talking about two persons that have been targeted. And infected by the spyware in the case of Mr. Koukakis. Because spyware is illegal in Greece, there’s a there’s no excuse even for the security services. So they use the both methods, both the illegal method through predator and the legal method, which is. You know, old school listening into the coal. So. I don’t know. I think this answers your question about compliments.

Jeroen Lenaers (Chair): Anything? No, thank you. We move to Mr. Zoido on behalf of the EPP.

Juan Ignacio Zoido Álvarez (European People’s Party): But thank you very much. First of all, I’d like to thank you very much as experts for coming along to this committee. I’ll try to be very brief with my questions. My colleague Sophie in ’t Veld has already asked one of the questions that I would have raised. But I’d like to ask you something very specific to try to understand the situation a bit better. First of all, to Mr. Koukakis, I’m very, very sorry to hear about what you’ve had to go through, because no journalist in any democratic country should have their right of privacy violated in such way and your freedom to obtain and to disseminate information. So I very much regret that. Even if there are private entities involved or foreign entities involved, this is still completely unacceptable and is not outwith the responsibility of the Greek authorities. Therefore, I’m extremely concerned about all this, and I’m also extremely concerned about the implication for Mr. Andrew under cookies of his for his mandate. I’d like to ask a question now to Mr. Malichudis specifically. I wonder whether you’ve actually contacted the Greek authorities specifically and whether you have actually had any response from them. I’d also like to know whether you have any confidence that the Greek authorities will actually investigate your case. I wonder whether you think this has an impact on your work and will have going forward and whether you feel that you were under threat. If your case becomes high profile in your country, whether it will have a further adverse impact on you. To Ms.. Triantafillou, I’d like to thank you two very much for all the work that you’ve been doing. You’ve been doing excellent, very revealing investigative journalism, and I think you have actually revealed a number of possible reasons for what has happened. I think this is very interesting, and I’d like to know if you can say any more about the situation of the Committee of Enquiry. I am very, very concerned about the fact that there have not been adequate responses from the government. And to hear what Mr. Mitsotakis appears to have done when all of these issues hit the headlines, it seems to me that Mr. Mitsotakis is behaving in a certain way. But the question arises also with how other governments in Europe would have responded and what will happen more widely in terms of evidence to this committee. I think that it is important that the government realises that they are guarantors of the freedom of expression and freedom to work of journalists. As professionals as well as individuals. Obviously you should be able to present your ideas freely. And I wonder whether you feel that you have been restricted in any way in your freedom of expression.

Jeroen Lenaers (Chair): Thank you. Thank you very much. We’ll take those questions in the order. So first, Mr. Koukakis.

Thanasis Koukakis (journalist targeted by spyware): Thank you very much for your questions and the way in which you ask them. I would like to say the following. What? It is being described here as the wiretapping scandal in Greece is yet another indication as to how much the rule of law is being violated in Greece. What is problematic is that, unfortunately, during these past three years, we have seen a constant deterioration of the quality of legislation in Greece, and that does not serve neither the public interest nor the rule of law. The fact that my country is so low in the list of press freedom is not by chance. And I am really sorry that this is also confirmed in my case. But all of these things have been done by political decision every time the government, the press is. Turning against the government. The government is historic. I mean, it’s what has been happening in the past few weeks is that, you know, the government has attacked half of the journalists in the foreign correspondent. So there’s no criticism against the government as well for those decisions. And they are really violating the rule of law. Very widely. I mean, I know this is not the object of your committee, but I know that you have members in other committees as well. We know that a basic precondition for European funds and the recovery funds to be given out is that, you know, the country applies the rule of law. Maybe this initially concerned some other countries, but maybe I’m just thinking aloud here. You should also turn to the Greek government for this exact reason, because a country that does indeed get money from the recovery fund, at the very least, should uphold the rule of law. Now, my colleague here, Ms.. Triantafillou, said that there has been an abuse of this excuse or reason of national security. You know, Greece is a country when in 2021, a single prosecutor that is in charge of the National Intelligence Service, signed within one year, 15,975 decisions to wiretap people for reasons of national security. So every single day, she approved 42 decisions to wiretap people for reasons of national security. That is a single prosecutor. And they are not controlled by anyone else. Why am I saying that? I’m just trying to point out. How? The system works. I mean, it is really institutionally weak. If through your visit in Greece, you could help us deal with this problem. And through the power of your committee, you could improve the situation of the rule of law in Greece. I would be personally grateful to you.

Stavros Malichudis (journalist targeted by spyware): Thank you as well from your question. I would like to be honest, when my case came out almost a year ago in November 2021. We do not have this whole framework, this whole. Story. So you talked about repercussions. At my job and where I work. Yes. And indeed, indeed there were percussions. The first thing you realise is that your sources are exposed and these are people that are maybe more vulnerable than you. I mean, in my case, it could be officials that took the risk and talk to me in confidentiality about an issue of public interest. Or they could be people that whose asylum claim is still being examined. So you realise that you have exposed those people that have trusted you without knowing. But I have exposed them and of course you start the work in a totally different way. So we went to the prosecutor. With my colleagues from Solomon and the. The issue just comes out and we can see that now is that the National Intelligence Service is a service that answers them. No one and their officers know that they will not answer to no one. So our information is that if we go to court, then all the officers have to do is say that there are reasons of national security and that will be the end of that. They will not have to explain why. Uh. Arrived and established right in my case has been violated. And we need to remember that wiretapping should be something that is rare and should be grounded and it should be, you know, a special case. I mean, in our case, you heard the number from Mr. Koukakis. This is not something rare. This is not something exceptional. And I think that in our societies, we have decided that, you know, have some rights and some obligations. And it seems that the way we are being treated by the independent authorities is that they cannot stand up for our rights. We have told those things to the independent authorities, the Privacy Authority and the answers we have gotten in some cases over the phone was that they do not think that these are within their competence. And when we asked. We ask them to give us that thing in writing because, you know, I’m not. I’m not on the phone with a friend of mine. I turned to a state authority and then they told me, would you not want to put that in writing?

Eliza Triantafillou (investigative journalist): Thank you as well. No concerning the freedom of expression of journalists in Greece. I would like to clear something up. Because maybe it’s not so clear and it’s not clear to the government. I think judging from the fact that Mr. Mitsotakis was, you know, pointing out some newspapers that were saying very bad things about him as a proof that there is a freedom of the press. I have been working in the media for quite some time now. We have this thing that, you know, sometimes is called self-censorship. Sometimes you know that the media you work in. Has, you know, some business interests, the owner has some business interests. And those interests would not be served if you wrote some story. And I’m not even talking about, you know, investing, investigative reporting. It could just be a newsroom that is just uploading 30 news items for an hour. Some of those items will not be uploaded because I don’t know, some advertiser will be hurt. So there’s this basic limit on freedom of expression in Greek media. Now concerning the case of a predator. Hmm. Personally, in the inside story where I work, I have not felt any limitations or censorship at all, nor have I censored myself. But that does not mean that I was self-censoring in the previous media that I was working at. But, you know, I’ve worked and I’ve been around a couple of years, and I know the market, as it were. But a very distinct feeling we had from January until July, when the case of Mr. Downer next year was this feeling of loneliness, because we were the only ones writing about it and maybe, you know, some. Opposition media, but they were basically repeating our stories. They did not look into the actual story. So for seven months it was just us, two very small media with very few resources and all of the big media, you know, radio stations, TV stations, the issue was non-existent. And then they had to report on it. They were forced to report on it due to Mr. Downer. Like, I mean, they couldn’t hide it. So now. Mr. Koukakis is not so much. Mr. Koukakis name is not so much on the agenda. The Predator is not so much on the sideline. And it’s basically, you know, Mr. Andrew, like it sounded like this case and the legal wiretapping. Because, you know, I suppose they think that, you know, if the government says so, it must be so.

Hannes Heide (Socialists and Democrats): To our panellists. Thank you for your journalistic work and the information you gave us this morning, and it shows how urgent this was to do this hearing this morning and how urgent it is to make the mission to Greece. And I once again want to state that I don’t understand that it’s not possible for colleagues and Awlaki’s to have the opportunity here today to answer questions and to give a statement to us. My question goes to the legal framework for the use of spyware in in in Greece, because it’s obvious that it’s very easy to spy on people. The second question goes to Eliza Triantafillou. You worked very hard and you did a lot of research concerning companies around potato in Greece and the connexion with business people and the environment of the prime minister. Maybe you want to add something, study something to the information Mr. Koukakis has already given to us. And I also want to have your views and your expectations on the enquiry committee in the Greek Parliament that has started work already. And the final question, I think that is India here, is Greece becoming a autocrats state? Thank you.

Jeroen Lenaers (Chair): Thank you, Mr. Heide it or we will also take those questions in the same order. I would like to ask also to try to be brief in the responses, because we have a limited time. I could, with all pleasure to be here the all day and tomorrow as well, but we don’t have that opportunity, unfortunately. So we’ll start with Ms.. Triantafillou, please.

Eliza Triantafillou (investigative journalist): Thank you for your question concerning the legal framework. It is clear from the Greek constitution, as well as a relevant law that has been in place for a lot of decades, that, uh, the privacy of telecommunications is enshrined in the Constitution and it can only be lifted in the cases of serious crimes and for reasons of national security. But in order for that to take place, there is a very particular process in place which requires the ascent of a prosecutor and the authority, the requesting authority has to make a request and so on. So there are some. It’s checks and balances in place so that the. We can see if this mechanism is being abused or not. So the Telecommunications Privacy Authority can at any time go to the telecom providers and ask for the names, the numbers, rather, of the targets of wiretapping and compare it to the list that they have in their own hands. So that is not something that can be done through spyware because, you know, spyware just infects peer to peer. So the independent authority cannot do its job through this mechanism. Let’s say that, you know. If the National Intelligence Service had this spyware, there’s no way to control. There’s no technical way to control if they use it properly. So it is clearly illegal. The use of spyware is clearly illegal in Greece. I said that before as well. Now concerning. The expectations from the Committee of Enquiry in the Parliament. As I told you, it will depend on who will be called to testify as a witness and if they are going to include the businessmen, employees, the lawyers of these companies. I think that’s all. I don’t know if you have anything to add. Thank you for your question as well. No concerning the question as to whether Greece is turning into an authoritarian state. I couldn’t answer with a simple yes or no, but at least I mentioned this feeling of loneliness when these revelations came out in those two media reports as United in the Inside Story. When the my case came out, I had the hundreds of messages on Facebook from a lot of colleagues as well, a lot of media. And, you know, they encouraged me and they told me to, you know, keep going. And we decided with my colleagues that we are not going to give an interview to any media that is, you know, in an opposition media or a left wing media in order to give the opportunity to other media to take up the issue. I don’t know if Mr. Koukakis has spoken to the state TV, but I have spoken to television stations from other countries, but not from Greece and you know, from those media that put up 25 or 30 stories a day, there was not, you know, a single word about the wiretapping of a journalist that I think is working honourably. So we have, you know, this framework where we’re talking about, you know, internal enemies. People that talk about the bad stuff in Greece are accused of being, you know, used by foreign governments. And the when we have really relations for issues of public interest instead of trying to see how we can improve things. The people that are making the revelations are, you know, are facing attacks. About the you know, about how professional they are. And so. So I don’t know if we’re an authoritarian state, but this is not a good direction we’re on.

Thanasis Koukakis (journalist targeted by spyware): What I would like to say is that for authoritarians, authoritarian regimes not to exist, the institutions should function correctly. When institutions are weak, then we have authoritarian regimes. What we want to do. Through our work as journalists is. To. Control the powers that be. And protecting institutions. So. If we are successful, I don’t think that Greece will be an authoritarian regime. Thank you.

Jeroen Lenaers (Chair): Thank you very much for Renew Róża Thun.

Róża Thun und Hohenstein (Renew): Thank you very much, Chair, and really great thanks to all three of you who came on such a short notice and for sharing with us all your experience and your knowledge. This is for our committee and not only for our committee, for the Democracy in Europe. Extremely important. What you do. I’m very sorry that you had to and you have to go through this ordeal, which is being bugged, is supervised illegally, of course, and then deal with courts and media that are not necessarily friendly and the government that is not very happy about your disclosures. So thank you. Again, when I listen to you, I have a little bit the impression of déja vu. I am Polish and those practises somehow are extremely similar. And the aim is also, I think, similar, namely the aim of this bugging and supervising. Like in Poland. Also, journalists were supervised politicians, the head of the electoral campaign of the opposition party, also business. So the aim is probably to win the election. So overuse continue overusing power and reaching oneself the government on the costs of of the society. And we have such cases here in Europe. So my first and even you know technical solutions like this technical problem with the data of I understand Mr. Andrew Locascio we had the same thing who the Prime Minister, ex-prime minister had a car crash and the technical data when the when the other part of this car crash complaints, technical data, I mean, that has disappeared. There was a technical problem and all that are disappeared. So, you know, I have an impression of this of you and I listen to you. So I wonder you said that you feel that you felt so lonely or you feel so lonely, but do you cooperate with journalists or organisations that struggle for freedom of expression, for rule of law, etc. other countries? Do you have do you feel support? I mean, I hope you feel support from our side, from this committee. But do you cooperate with others who are often in a very similar situation? And this is one question and the last one. The second is you were stopped, Mr. Koukakis, much earlier than our colleague, Mr. Andrew Luck is. I’m also very sorry that he’s not here and there was no reaction until the case of Mr. Andrew Lucky was disclosed. You conclusion is that there was a certain influence of the fact that the European Parliament got interested into the case. But are there also other issues? How would you they manage to be so quiet about your case and suddenly when the politician was bugded….

Jeroen Lenaers (Chair): Thank you, Róża.

Róża Thun und Hohenstein (Renew): …the investigation was.

Jeroen Lenaers (Chair): I think, we’ll start with a question to Mr. Koukakis.

Thanasis Koukakis (journalist targeted by spyware): I’ll try to be brief my case. Uh. And then fixing with the spyware came to light in April 2022 and up until July 2022. The Greek political parties looked into the issue, but it was the opposition parties, of course, that looked into it. From the moment that my wiretapping became known, I mean, the union, the union of Journalists as well as. Foreign Journalists Union came out and supported me, and I thank them for that. What the government systematically wanted was that. There would be no reference in my first wiretapping that took place in 2020 from the National Intelligence Service. So you will see no official mention of that either from the government representative or from the Prime Minister. The Prime Minister himself has never mentioned my case. Of course it is not something I would like. What? Matters. Is that the case of Mr. Androulakis, like he’s confirmed that. Predator was not used just once in Greece. It was used widely. And I would like to repeat something that maybe was not understood before. If it was not. For your committee. And if this committee had not alerted the MEPs and the if the phone of Mr. Underwood, like I said, not being analysed by the Citizen Lab of the University of Toronto, would still be. At the same point where we were up until the point where the under Lex case was revealed. I don’t know if that answers your question. There would be no progress at all. It was you. That basically helped me unknowingly. Thank you very much.

Jeroen Lenaers (Chair): Miss Triantafillou, about the level of support felt and the cooperation with journalists in other countries.

Eliza Triantafillou (investigative journalist): At a personal level. We had a lot of support from Greek colleagues as well. We have to say that even, you know, if they could write about it or if they couldn’t write about it in their own media, because a lot of those as well. And obviously we are in contact with colleagues from abroad for the story as well because they contacted us for this story. So I have no complaint. On the personal level or the union level as well. The journalistic union. The problem was with the media business is that these were loneliness was about we were the only ones writing about it. And in my case as well. So from the first moment, the colleagues and the journalists unions, international journalists, unions were by our side. And there was a lot of support, not only in this case, I think they have a special interest for Greece during these past few years. And the by our side, when we are, you know, facing trials and court for stories we are doing when we are. When we faced personal attacks, the international unions and their colleagues always supporters.

Jeroen Lenaers (Chair): Thank you, for the Greens, Saskia Bricmont.

Saskia Bricmont (Greens): Mostly because it doesn’t make me feel often. Thank you, President. I’ll speak French. I’d like to thank all three of you for your statements and for shedding light on what’s been going on and the attacks that you’ve been subjected to in Greece. And I think it just goes to show the scale of this attack and this threat to freedom. Freedom of expression, freedom of the media. And yes, it’s the rule of law and democracy, too, that’s under threat here. And that’s the very purpose of this committee to try and shed light on what’s been happening and ensure that we hear the explanations from the Greek authorities as well. And we will hear them at a later stage. But we will be working on the general deterioration of of rights and liberties in Greece. So you’ve talked about this scandal in Greece and the claims and complaints that you’ve made. I think we know that this is just the tip of the iceberg. We know that this problem is much bigger than this, these isolated cases. Now we know that your rights were violated and we wanted to hear a bit about your rights as victims, whether you have you been able to get any legal recourse as victims? And I think we as Europe and our states need to follow this process and to ensure that that some sort of remedy is granted. Now, you’ve given us a great deal of information to help us in our work, but I do have questions for one for each of you. What are your recommendations for our enquiry committee so that we can move forward on the legislative side? Thank you.

Jeroen Lenaers (Chair): Thank you very much, Mr. Koukakis.

Thanasis Koukakis (journalist targeted by spyware): Thank you very much for your question. Today in Europe. My experience through my wiretapping has shown to me that Europe today has a very weak legislative framework against the spyware. I mean, I could compare it to the old time modems from the 1990s we used to connect to the Internet. So I would say that the legislative framework is running at, you know, some speeds, a speed of certain kilobytes, whereas spyware is a 5G technology. So institutionally, we are unprotected in all of the countries, not just in Greece or Cyprus. So. We need to have with your help and the help of the European Commission and the European Council, we need to face this issue seriously so that if those things are to be used, they will be used in a certain way. Let me make a proposal. If we have a company that is selling spyware and they want to sell it within the EU, in a country like Greece, then the Greek supervisory authority. Should be informed at any time, at any point in time as to who the final user of the spyware is. For example, in the case of intellect, the intellect in this hypothetical scenario that I am proposing, they should have notified the relevant authority, but I have sold the spyware or my services to the national intelligence services or to Mr. Koukakis or to whomever. So that would be a good start to know who the final user of the product is. So you know that we can find who is responsible for the use and not just. Look around in the dark trying to find the bank accounts of bank accounts in tax havens. And you just have to fumble around for some things that can be regulated institutionally.

Eliza Triantafillou (investigative journalist): Following, the same line of thinking. I think. What should be done is that, first of all, they should not be sold to private persons. Besides, even the company, as opposed to what the government press secretary said, the company says that they do not sell to private entities. They only sell to law enforcement and such services. So. Despite that, it should not be allowed by law for private entities to use this spyware in any member state. Also, it should be clear that. National security or no national security? This should be regulated centrally at the member states because. Again in Greece. They have tried to devise this case. You know, it’s not just us. It happens in other countries as well, in other European countries. It could be some other country. Besides, we’ve been living in a globalised economy and indeed the company may be based in Cyprus and they can infect targets in, I don’t know, France. So. Yes. We do need a framework that will be will extend beyond the national borders. And we have to know. At any time, which companies are selling, what products and to whom. I mean, this is clear. The. The codes that they get from the tax authorities. They should be about those products, not just, you know, general software companies that mean nothing. And then it’s up to the company to notify the member state or not as to what software they’re actually selling. In this case, spyware.

Jeroen Lenaers (Chair): Thank you then for the lesson. Mr. Georgiou.

Giorgos Georgiou (Left): Thank you, sir. Just some sort of questions to Mr. Malichudis besides you and Mr. Andrew, like you said. Do you know if political parties were barred as well? Again, Mr. Koukakis, you recently said that the trial concerning this black van that was moving around in Cyprus was a parody. Mr. Julian was a fugitive in Cyprus in the years he went to Greece and that this spyware infected from Cyprus infected Greece as well. I mean, can you actually prove those allegations then? Mr.. In the field who as well said that the intellects were. Started out in Cyprus, in Europe, at least. And then you mentioned that the institutional framework in the EU’s week. I ask you, Mr. Mubarak, do you think that this is something that is the result of ignorance or is it the political choice? And finally, in 2018, when we were looking into the case of this black van in Cyprus, the. Police detective said that there was indeed an export licence for Mr. Dylan. However, the Cypriot government denies that the EU forbids that and the Greek government denies that as well. But apparently those export licences were given. The EU says that everything is okay. So I would like to know what you think about it. Thank you for your question. Now, as to whether other parties are being wiretapped and members of other parties, we cannot know for sure. We know that the Communist Party of Greece has also said that the switchboards was being wiretapped. And for the case of Mr. Androulakis, I guess I would like to remind you that we’re talking about the period when he was. A candidate for the presidency of his party. And you know the processes better than me and. Through me sounded like, yes, they were listening into tens of others, members of the party, and that should concern us as well. I mean, this is something also that we should talk about. I mean, when they’re listening in on us, they’re listening in to a lot of other people. Now, Mr. Koukakis, let me just say a couple of words about the thing that Staveris said. When the National Intelligence Service listens in to Mr. Androulakis, I guess he’ll listen to him talking to you on the phone. His colleagues, the other MEPs. He’s assistance at the European Parliament. So you have another reason to look into that and not just, you know, let this thing fizzle out. Now, concerning your questions about what I said about Cyprus. Indeed, I gave the interviews to Cypriot newspapers, politician Karadzic. And what did they say based on what has come out in court in Cyprus and the based on the fact that the company used by Mr. Dylan in Cyprus. Has now been proven to wiretap a lot of persons. First of all, they were prosecuted. He was prosecuted personally as well. Then the prosecutions. As we read every day now in the Cypriot media were withdrawn. And then the company just paid the Final Four €1,000,000. So Cyprus, based on its legal framework, had the possibility to fine the company of Mr. Dylan with €1,000,000 in Greece. There is no such possibility. There is no legal framework in place to do that. So even if they find him responsible, the authorities, the relevant authorities cannot find Mr. Dylan because they lose him for their. No concerning the European framework. You know, these technologies are. Really moving at breakneck speed these past few years and they are moving along with the smartphones. That is the point. And those are the targets. So. At that point. It’s. Normal for the EU, do you know, just only now start to wake up to these threats. But it’s never too late to do something. So now is the time to close this legal gap. And I hope that you will do it.

Jeroen Lenaers (Chair): Do you have to add something quickly?

Eliza Triantafillou (investigative journalist): Yes, it is a fact that Mr. Delian started his business in Cyprus and after the problems he faced there, he. Became active in Greece. It is also a fact that he resides in Cyprus and it is also a fact that he had the contacts with politicians in Cyprus. It is also a fact that the criminal court did not rule on persons, but they made a judgement on a company.

Carles Puigdemont i Casamajó (Non-attached): President Thank you. Let me speak in French and I’d like to thank you for the statements you’ve given. It was very useful and insightful for us. And you described a modus operandi that we’ve seen elsewhere in Europe, in the Spanish case, to be precise, with wholesale spying and activists, lawyers and others being subjected to this. Now, first of all, the state has responsibility. Secondly. This mentioned involvement of national security. And thirdly, this lack of interest. So there’s a lack of transparency, lack of desire to shed light on things. So I wanted to ask about your cases specifically. And we’ve seen a repeat of what we saw in Spain. We saw a rerun of the same events. The Citizen Lab in a Toronto University was being undermined in its credibility because they were uncovering the spying. So I wondered whether in the case of Greece, that was the case as well. But we know that it was the citizens lab that became a target and it was discredited and people were talking about suspected espionage as opposed to actual espionage. Is that also the case for Greece to stop?

Jeroen Lenaers (Chair): Mr. Koukakis.

Thanasis Koukakis (journalist targeted by spyware): They would like to say, is that the technical competence of the citizens lab is not being questioned in Greece and. It could not be questioned anyway. They have a great track record. But let me point out a difference. When? Recently in Spain. We had this revelation about the. Biggest spyware on the smartphone of the prime minister. But he asked directly for the resignation of the head of the secret services in Greece. When we had this confirmation that Predator was in place, it took seven months and we had to have this confirmation that Mr. Andrew, like his, was indeed being wiretapped by the National Intelligence Service for their heads to resign. So what’s my point? The Greek government is. Pretending that this has not taken place. This is a predator scandal. You will see that when you come to Athens. So politically, for them, it’s something that they want. They just want it to go away. Why? Because the wiretapping the official wiretapping from the intelligence service that, you know, are taking place with the approval of the prosecutor. Our legal. So any wiretapping that starts from the National Intelligence Service. That uses an illegal spyware like predator. Is, by definition, illegal. So the Greek government. Could not. Appear to could not actually do something illegal. And this is what they’re hiding behind. But I do not want to prejudge. Your conclusions. So I would like you to come to Athens and come to your own conclusions as to whether the things we’re talking about today, you know, are exaggeration or it’s because we are personally the targets or if this is the reality.

Eliza Triantafillou (investigative journalist): In my mind, the Greek government is fully responsible for the use of spyware within Greece, especially since it was done by a company that is active in Greece. And they have. To see who is using it and against whom. It’s not just who used it against Mr. Koukakis and Andrew, like you said, but we don’t know who is using it right now and who are the targets. So the fact that the government has not done something like you have done, for example, take the smartphones of all the Greek companies. This is a problem.

There was a question you did not exactly reply. It was a question from a colleague. So I understand that your case is not clear enough. The question was, if you how you are not sure that you were not spied with predator by the Greek government. But probably. But a foreign entity or a government. So I would like first to explain the sequence of events, how it happened with this Greek psycho services and then predator, you know, this kind of search. Then I would like to be more specific on the main actors of the scandal, the main actors, the political actors, as well as the businessmen in the lecture. The companies, the actors, the government, the other question is that you, both you and Mr. Androulakis received the very same measures to end the predator mechanism of spy. It was the same exactly the same message. How you explain this, the government appointed chief prosecutor of the country of Greece started an investigation not for the scandal itself. But how the scandal was revealed and was made public. This is quite unusual. You know, I mean, the chief prosecutor of a country. When a such a scandal erupts with a political leadere ing spied starts to investigate this culture itself. But you you have been persecuted. The chief prosecutor started to investigate who made the scandal public. And you were invited to testify in this investigation. Will you please explain us a little bit more about that? Just one question for Mrs. Triantafillou. Is this easy to find out the economic transactions between secret services or evasion? There is a place where everything is secret and nobody can touch. So, I mean, so it is possible that the secrets of his boat or indeed the predator. And the final question for Mr. Malichudis, you were you were working, investigating, reporting on the refugee issue. So why the Greek government was so much interested to find out what’s going on with the very first question.

Jeroen Lenaers (Chair): Thank you very much. We’ll start with Mr. Koukakis.

Thanasis Koukakis (journalist targeted by spyware): Thank you. No. Maybe I wasn’t clear when I spoke before. I have been worth up to twice. Within this space of a year. The first one was done through the official channel of the National Intelligence Service. So the service sent an order to my telecoms provider and they were listening in. That was in the summer of 2020, a year later, in the summer of 21. And after I had realised that I was being wiretapped by AIP, and I had said that to the authority because there was no more the possibility to listen into me. Officially, they used the Predator. Why do I believe that this is the government? Because on the one hand, the cost of these services from intellect to according to what Citizen Lab has told us, as well as to the price lists that have been found in the dark web, cannot be borne by a private person. Could they use a private person as a go between? Yes. The answer is yes. I already gave an example. Now, concerning your question as to who the main protagonists are here. Now I’m only talking about things that have become public with evidence. I know the following. In 2019, when Mr. Mitsotakis was elected, one of his very first decisions was to make the National Intelligence Service answer to him directly. So Mr. Mitchell Takis is definitely aware and is responsible of these wire topics because he is the political head now. The head of his cabinet, which is also his nephew. He resigned for this scandal. He is also responsible. No. Also the head of the National Intelligence Service. He also resigned. He’s also one of the main persons here. Obviously, also the former representative of the intellectual company that brought this company to Greece is included as well. And another name that was not mentioned. Now we have the legal provider of the National Intelligence Service, a company called Critical. And I would like you to look into that, especially if you come to Greece, because they supply the legal wiretapping software to the National Intelligence Service. For me. The list from what I learnt from the research that is going on, these are the five. The main actors in this case, and they are connected. With other transactions as well. We have family connexions. We have financial transactions. And this is especially problematic because it demonstrates that wiretapping in Greece. I have little to do with national security. And up to a degree, they are executed by a small group that have some common interests and they are, you know, serving those interests. This is not a state. This is a para state.

Eliza Triantafillou (investigative journalist): No. Concerning. The. Purchase by the National intends to service. The problem, as has been demonstrated by the Transparency Authority, is that the AIP, basically the National Intelligence Service, basically is answerable only to itself. I mean, the funds are top secret. I mean, obviously this is correct because we cannot have that made public. However. An idea that has been proposed by one of our sources is that, uh, they could have, uh, a system of transparency like the one we have for the rest of the public sector, where all of the public sector tenders are made public for everyone to see. So they could have something like that, uh, in a platform, a platform that would be only accessible by the people. Uh, I don’t know, the, the employees, for example, that are members of the relevant Parliament’s committee because they are also bound by the Secrets Act. Because. If something is uploaded, for example, in the normal portal for public tenders, it stays there forever. And the same thing could be done for the expenses of the intelligence service. But besides that, that could be other ways in which this could have taken place. I’m just going to focus on the legal ones. For example, they could buy the information that is produced by the Predator system. For example, let’s say a state service could buy some information from someone about drug trafficking and they did not want to know how they came about this information. So in the same way a company could sell this information regardless of whether they were obtained illegally.

Stavros Malichudis (journalist targeted by spyware): Yes. Thank you for your question. Now, the question you asked is something that we’re asking ourselves as well. I’m. Now my words are being. In a way. As you know. Does have a reason because I work on the refugee issue and you could say that there is a link with national security due to the relationship with Turkey. But what I would like to say once more is that, I mean, you saw the internal correspondence in my case. This was purely journalistic who I am talking to and what I am going to write about in the article. So. I mean, if I had some, I don’t know, suspect relations, I’m not aware that I was wiretapped. So, you know, if there was something suspect, it would have come out if I were a danger to national security. But we can see from their internal correspondence that their interest was purely journalistic. So we can come to the conclusion that, you know, some people here have not done their duty because the officers of the intelligence service are not being paid from the taxpayer in order to, you know, carry out damage control for the government. And you know, because I mean, this information. As to what stories journalists are working on went to someone. So someone actually here has committed dereliction of duty or. And I’m aware of what I’m saying. So we need to have here some. Checks and balances so that this will not happen again in the future. And again, you know, wire tapping should be out rarely and with. Some, you know, some reasoning. And if some of my relations were suspect, I would really like to know about it.

Dragoș TudoracheI (Renew): Thank you very much. And a big word of congratulations and encouragement for for your work. I do understand that it feels lonely. It always does when you do this kind of work. But at least I’m hooked. I’m sure you feel that we are behind you and support you. Many questions have been asked, but I want to be very clear, because there’s also work that we do with Europol since the last hearing that we’ve had there. And I want to be clear whether at this stage there is actually any investigation in the crime that was committed as far as you’re concerned, because effecting a phone is a crime, is a crime that also would fall under the competence of Europol to actually activate the right of initiative. So I want to know whether at this stage there is actually any criminal investigation done by the police services in Greece or by the prosecutorial services in Greece that looks into the crime committed against you. That’s number one. Number two, if I understood correctly, there is no judicial remedy whatsoever against the decision of the prosecutor. Specialised for giving the orders on national security. Is that the case? So, for example, in the case of Mr. Ancelotti, or in your case early in 2020, there is no judicial remedy to look into the reasons for that sort of wiretapping and said very quickly whether there is any investigation in parliament right now in the Greek parliament following the money. So whether they were addressed as services or as anything, anything else, there must be a money trace. Is there a committee or maybe this committee that is delicately dedicated to this, looking into also the financial aspects of of this scandal? Thank you.

Jeroen Lenaers (Chair): Thank you, Mr. Koukakis.

Thanasis Koukakis (journalist targeted by spyware): Thank you very much for your questions. Now, concerning your first question, when in April 2022, my case was made public. We had a number of articles in the international press as well. And following those articles, the prosecutor of Athens said that there should be an investigation. They ordered an investigation into the case. A few months later, when there were even more articles, I actually filed the suit against the persons responsible. So what happened? With the prosecutors reset. What we do know is that the. Until a few weeks ago. We had two cases, the first one that started by the prosecutor partners, and the second one was my lawsuit. So they were given to one prosecutor, but they were taken from him and they were given to the prosecutor that was looking into the case of Mr. Malichudis. So instead of having three prosecutors looking into. The order that was given by the head prosecutor of Athens and then my lawsuit and then Mr. Malichudis case, we have seen. But all of these cases were rolled into one and then they are being examined by a single prosecutor. So I had the opportunity a few weeks ago. To inform the head, the prosecutor of the Supreme Court, about all of those issues. He told me that he’s not going to take up my case because already the lower ranking prosecutors have started on that and he cannot take the cases away from them. Okay. That is his decision. I. Cannot evaluate it now. Concerning. But the point you made, I think that Elisa is best placed to answer about the second question.

Eliza Triantafillou (investigative journalist): Like I said before. The National Transparency Authority already had the bank accounts. Mr. Koukakis had given them the bank account numbers and they did nothing, whereas they have the possibility to look into people’s bank accounts. But that could also be done in the Committee of Enquiry and they could look into all the transactions, not only just the ones from the intellect to. Were mainly the transparency authority focussed, but also the related companies, which are at least three. There are some companies in Cyprus that, like Mr. Koukakis said, they helped. Uh, intellects are to come to Greece. And then. We have the we have cricket. Lecouffe is also a preferred supplier of the Minister for Public Order. So there’s a number of companies and a lot of bank transactions. And if we look into them, I think we will get some answers.

Jeroen Lenaers (Chair): One quick follow up question.

Sophie in ’t Veld (Renew): Yes, very short question. I would just like to confirm something you mentioned, Mr. Koukakis, at the start, a legislative change introduced by the new means for Turkey’s government at the time, which would allow the the more rapid unfreezing of assets. If I understand correctly, the proceeds of crime.

Thanasis Koukakis (journalist targeted by spyware): Yes, let me clarify that. In Greece, we have this unprecedented legislation that allows to the criminals to regain access to their assets after 18 months, despite the fact that their case there can be nothing judiciary. So imagine that you are a money launderer and the prosecutor can prosecute you. You and they froze your assets. If there’s no any beginning of the trial, then you can reclaim and take back the frozen assets.

Sophie in ’t Veld (Renew): But can I? Because I would like to zoom in on particular personalities, because some personalities have benefited from this law. Is it correct that there is a person who benefited from this law and who was also connected to Intellexa and to Klitschko? Have I understood that correctly? By the name of vitreous?

Thanasis Koukakis (journalist targeted by spyware): That’s correct.

Sophie in ’t Veld (Renew): Thank you.

Jeroen Lenaers (Chair): I thank you. Thank you all very much. That ends our first panel off today. Thank you very much once again for your willingness and flexibility to appear before our committee on such short notice. And, you know, I think who you said of Mr. Koukakis. The Koukakis with the current legislative framework in Europe, it’s like fighting 5G spyware with five key by CFPB legislative framework. So it’s up to our job, up to all of us to do to balance the odds a little bit better. And all of your contributions here today have helped immensely in that. And I think somebody else said it’s not too late. So that’s the optimistic and the positive message that we can end this discussion with. We will take a quick break of 2 minutes so we can clear the podium here and then we will move to. I’ll do a second and I’ll thank you very much.


Panel 2

Jeroen Lenaers (Chair): Okay. Dear colleagues, if everybody could take their seats again, we will continue with the second panel because the clock the clock is ticking and we still have another penalty. Go. Please, colleagues, if you could all take your seats. It’s the first time I’ve used that hammer and it felt very good. We will continue with our second panel of today where we have invited representatives of the Greek authorities. And we will welcome Athanasios Staveris, who the secretary general of the Ministry of Digital Governance for Telecommunications and Post. We will welcome Thanos Alexandris, who was the Secretary General of the Ministry of Justice and Human Rights. And we will welcome Christos Rammos, who is the President of the Hellenic Authority for Communications, Security and Privacy. Also to these speakers, I really want to thank you for your willingness and flexibility to be with us at such short notice. And we look forward to what you have to say. We have we’re running out a little bit out of schedule. So also, thanks for your patience. And without further ado, I would like to pass the floor immediately to our first guest, Mr. Staveris, the Secretary General for the Ministry of Digital Governance for Telecommunications and Post. You have 10 minutes to make your contribution, and then we will have after all three speakers have finished, we will have a Q&A. So please.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): Mr. Chairman, distinguished members of the committee, I will be brief and comprehensive with political developments and the rapidly increasing volume of data present in Member States with significant challenges for the protection of the citizens over the speaking, the conditions for the free movement of data within the security itself.

Jeroen Lenaers (Chair): Can you…One second, Mr Staveris. Just to and then to the colleagues and I did announce this at the beginning of the session. Unfortunately, because of the limitations, we haven’t interpretation. The panel, at least for the part of the remotely connected speakers, will be English only for the questions, any questions you might want to ask. You can speak your own language, which will be interpreted from the room here, but the contributions from the guests will be in English only this afternoon. And I do apologise, but it’s under the circumstances, it’s the best we could do. So you have the floor again, Mr. Staveris.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): Thank you. Greece is systematically trying to respond to these challenges, not only through the international participation in the EU bodies that deal with these issues, but also giving great importance to informing citizens, the public and private entities about cybersecurity issues. The Hellenic Administration, since July 2019 moved rapidly by establishing a new national cyber security authority under the General Secretary of Telecommunications and posts with the Minister of these Governments as a first step, the National Cyber Security Authority was reinforced with experts from the public sector rating the number of 25 from five. That was until 2019. The Hellenic Administration in September 2018 defined the list of assistance services by importing the EU directive. 2016 does 1148 concerning the common level of security of network and information systems across the Union. Is that equipped with a 1007 thus 2003 ministerial decision? The framework of obligations for the selection of system services in cities was defined, including the security requirements that must be achieved. Furthermore, the organisation participation of responsible authorities in preparedness exercises was established, enabling the use of advanced prevention systems. NTSA has identified operating apparatus operators of essential services in all six sectors, according to Non-attachedS and its transport, banking, final settlement infrastructures, health sector drinking, water supply and distribution, and finally, digital infrastructures. In December 2020, the National Cyber Security Strategy 2022 2005 was finalised and communicated to banks of assessment services, governmental organisations and private sector. In addition, and in order to efficiently implement the strategy, Ncsa designed and implemented a monitoring mechanism of the implementation of these targets of National Cyber Security Authority. Acknowledging the cyber threats, Army participates in all processes that take place in the European institutions and shape our common European policy. Sets out the horizontal working party in nine years, cooperation group and others already in the framework of the European Cyber Security Strategy. Very important initiatives are taking place, which our country also supports since what it knows that the European Union has another option but not to make progress on all fronts. Legislative, operational, investment related and diplomatic are set out in the European Union strategy. In this context, this fully supports the need for the amendment of an ACE Fund Directive and the proposal for a new Directive on measures for high common level cybersecurity across the Union. This is a so-called enhanced tool that it is all believed that the United School provided. The adequate response to the deficiencies recognised by this one sets out the low level of cybersecurity resilience of businesses in several sectors, as well as the consistent resilience and level of situational awareness, increased response in and between Member States. I would like to highlight the significant efforts of National Cyber Security Authority of Greece by mentioning that during the negotiations for the proposal for nine year school, NCC provided 20 proposals that were accepted from the Kosovo Working Group. The Hellenic Administration, through NCC, is supporting the need for effective implementation of the Cybersecurity Act and the National Coordination Centres under the NCC Regulation. The proposal for a directive on the resilience of critical entities and the proposal for the Digital Operational Readiness for finance and services. Furthermore, National Service Security Authority, within the context of Cybersecurity Excellence Monitoring Framework, proceeded for the following actions. The publication of the first cybersecurity bundle in Greek public sector in June 2021 provided the first security self-assessment tool in February 2002, which was completely obligatory about vagueness of assessment services in Greece and on a voluntary basis by all public sector entities. The Service Security Self-Assessment tool was presented to ENon-attachedSA. It was characterised as an excellent initiative that should be communicated to all Member States National Cyber Security Authority being responsible for operators of assessment services. But specific to the following actions the provision of services against cyberattacks to public websites, the implementation of a real time control system, availability of papers for social services and main public organisation websites to the notification of operators by civil services and governmental authorisation about potential vulnerabilities for their websites, followed by. The actions on how to resolve security issues to the coordination of all responsible authorities during and after any cybersecurity incident, during installation and operation of a building ability assessment platform to the active participation of the Soviet Press Liaison Officers Network signal with the responsible for causing SAP advances in EU level to the active participation in all EU services duty exercises. The cooperation with ENon-attachedSA on EU initiatives and the preparation of the sectorial survey security handbooks, which will soon be published of that note here. But the major pillar of the National Cyber Security Strategy that was included in the 2005 in-service digital awareness of citizens and capacity building to this purpose. NCC Coordinating with ENon-attachedSA, but positive through initiatives towards the awareness of public sector servants and the University of Piraeus support the participation in European Cybersecurity Challenge 2021. I will conclude my intervention by noting that the NCC publishes on a regular basis instructions and simplifications to all citizens through the office of the website of the Minister of Digital Governance on how to protect from phishing, dismissing the malware attacks and on information instructions on how to work remotely with safety. NCC Under General Secretary of the Telecommunications Symposium or the Minister of Data Governance. He is taking all the necessary steps, according to the Hague Law and regulations, to ensure a cyber safe environment for citizens, businesses and the public sector. Thank you for your attention.

Jeroen Lenaers (Chair): Thank you, Mr. Staveris. We will move to Mr. Alexandris. This was the Secretary General of the Ministry of Justice and Human Rights. And if you could also maybe reflect a little bit on the morning panel, the things you heard and the developments in Greece over the past summer. Thank you very much. You have the floor for 10 minutes as well. I think the micro is off. Thank you.

Panos Alexandris (Secretary General of the Ministry of Justice and Human Rights: For the extremely important work your community has been undertaken in view of safeguarding fundamental human rights across the EU and ensuring respect for EU acquis. It comes as an undeniable fact that in today’s digitalised world, where communications transactions, public debate and private lives of citizens, if to a great extent moved to the online. It is more important than ever to safeguard and promote human rights. Without a doubt, this new reality creates unprecedented challenges for countries all around the world. Therefore, this welcomes the European Parliament’s initiative to create a committee tasked with investigating the use of Pegasus software and other Google spyware in the EU area. And since and indeed to work with the Committee to ensure respect for individual rights. First of all, these are surveillance technologies such as the ones investigated by your committee infringe, amongst others, the fundamental right to place the importance of the right to privacy as recognised under Article seven of the Charter of Fundamental Rights of the European Union and Tactical Aim of the European Convention on Human Rights is growing in an increasingly datacentre world as it enables the enjoyment and exercise of other human rights. Online and offline. It is a long standing democracy since 1974, after the uniform recognises that the right to privacy also plays a pivotal role in the balance of power between the state and the individual. It is a common benchmark for democratic society. For this reason, it has adopted a robust legislative framework which restores full enjoyment of the right to privacy in accordance with international and European human rights law. First and foremost, the Hellenic Constitution, animated by the principles of the rule of law and raising the respect to the value of person is the primary obligation of the state, protects the right to privacy in a manner who you call responding to the demands of the democratic state. In this way, it entails a set of important provisions which protect each individual from unlawful surveillance and intrusion of the private sphere. More specifically, Article nine of the Chilean constitution provides that the private and family life of the individual is inviolable as regards to the personal data. Since digital surveillance technologies use and exploit personal data in order to cooperate, it is more important than ever to also have in place a complete data protection legal scheme, according to articulate of the Charter of Fundamental Rights of the European Union. Everyone has the right to the protection of personal data concerning him or her. Compliance with these rules shall be subject to control by an independent authority. The Italian constitution, however, provides in Article nine eight that all persons have the right to be protected from the collection process you can use, especially by electronic means of their personal data as specified by law. The protection of personal data is ensured by an independent authority which is constituted and operates as specified by law as a critical supplement to Article nine eight of the Hellenic Constitution. And following the first time in the Greek history, the absorption of general data protection regulation with the law, Greece has adopted law for 624 of 2019. This was implied to Parliament by this government after the elections, which took place in July 2019. The aforementioned legislation implements the GBI provisions within the Greek legal system and states in that area. That supervision of application of the General Data Protection Regulation lies within the competences of the Hellenic Data Protection Authority, a constitutionally established, independent public authority whose members enjoy personal and functional independence in the performance of their duties. At the same time, the Greek government has taken a series of measures to effectively monitor the implementation of the legal framework and implement interventions where appropriate. In this context, the review. In April 2020, the Ministry of Justice established a permanent scientific committee on personal data with the objective of monitoring scientific developments and the legal. The framework for the protection of personal data in submitting proposals for legislative initiatives in view of new technologies. Moreover, the Greek government has taken legislative measures for the security of Internet of Things applications. It has established the rules for the use of video surveillance systems in public places and is in the process of concluding an international open tender concerning the sample to public bodies to fully comply with the European GDP data protection regulation. As regards the safeguard of the secrecy of private communication, Article 19 of the Constitution stresses that secrecy of letters and other forms of frequent respondents or communication shall be absolutely invaluable. Matters relating to the Constitution, the operation, and the functions of the independent authority ensuring the secrecy of paragraph one shall be specified by law. The Greek government has in place a particularly strict physical and procedural framework regarding such waivers of secrecy in order to ensure the protection of the fundamental right to privacy and secrecy of communication. In fact, in line with the constitution and EU law principles of equal employment and non-discrimination, the aforementioned legal safeguards apply only to all individuals inside the Greek people. To conclude on behalf of the Greek government, we would like to reiterate our commitment to the rule of law, transparency and the protection of human rights. We underline the fact that the Greek state is not involved in any kind of illegal surveillance. On the contrary, full respect to the European Convention on Human Rights and to the Charter of Fundamental Rights of the European Union. The Greek government is consistently fighting for the upholding of democratic European values. We sincerely hope that this hearing and I’m sure your presence here in Greece will politically assist the committee in its efforts to promote a safe and open space for all persons within the EU and do look forward to today’s discussions and also for any alterations. Proposals may be accepted in the European legal framework if also the European authorities are convinced of the need for such an extension. Thank you very much.

Jeroen Lenaers (Chair): Thank you very much, Mr. Alexandris. We will move now to Mr. Rammos, who is the president of the Hellenic Authority for Communications, Security and Privacy already. Also, during his contribution, I would like to collect those who would like to speak. I have noted down the coordinators and the rapporteur in the room. But if anybody else would like to take the floor, please indicate so we can close the speakers list and then I will pass the floor to Mr. Rammos for 10 minutes, please.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): Good morning. Thank you for the invitation. I was expecting. I expected to speak in Greek, but now I realise that we’ll have to speak in English. So my preparation of course in Greek I will do it in English and hopefully at Google all understand what I want to do to stress. First of all, I am not the President of the Chairman of the Hellenic Authority for personal data. As it was said before, I am president of a separate authority, independent authority established according to the Greek constitution, Article 19. You have that before Hellenic Authority for Communication, Security and Privacy. This is the correct title of ADA, of which I am the chair. So you listen before me, the speaker before me. I told you about the Greek constitution, article 19, which stresses the inviolability of the of the secrecy of communication, which is a personal, a human right established firmly in the Greek constitution. There are exceptions in this guarantee. The constitution itself provides an exception for illegal interception in cases of national security and for the for the fight against criminality. This is a criminal procedure. The what is the role of the other in this in this procedures? Are they first of all, have to say has their has the competence to control only providers of telecommunication services, not general agencies or private corporations generally? First of these is the first limitation according to the law and which is governs our activities. Second, we all we can only control networks of the of the providers. This will be useful. I will explain to you later. Speaking about spyware, our intervention in cases of legal interceptions is limited, strictly limited by law in the procedural procedure. We are not allowed and we are not, uh, cannot assess the merit or the judicial assessment if the person was rightly or wrongly put into, into legal interception for, for reasons of national security or for a criminal procedure. This task is a given by the Greek by Greek law, according to the constitution, to the procedure, to the authorities, to by public prosecutors in cases of national security, mainly, but not exclusively. I would like to stress this to the National Security Service via the National Intelligence Service. But there are also many orders coming from other institutions like of the Greek police or other administrative entities. The order comes exclusively by the prosecutor in cases of national security. If there is no provision for a specification or for motivation of the reasons of national security, it is only a general in order which provides that there is a reason for national security not specifying anything more than that. And there are some procedural details which I will not bother you, like the protocol number of the administrative the entity which asked the prosecutor or the protocol number of the prosecutor, etc., we are supposed we are allowed to do to control all this technical this these is a procedural details but the not the merits as I said before. So these are those are not your fights to us to evade. And we can make controls a for a for the guaranteeing of the legal the procedural aside into this case, I would like to court to correct a number which was heard before, which is not correct. We heard before that 15,000 orders came in 2021 for reasons of national security by the National Intelligence Said Service. This is not correct. The orders came not only from the national security, the EP, the national intelligence entity, but also from other police sections. So as I say, as I said before, it controls only cannot can make technical controls and audits to the for the networks of the of the Internet of the telecommunications providers. And the spyware does not circulate, as you have heard before. There’s not a let me say the word travel, but through the network. So it is almost impossible, if not impossible for the other to discover if spyware was included by a private man or by the state service in the in the networks, we have to complaints. We have many complaints, but to which we are heard before from we we have heard from Mr. Koukakis and Mr. Andreu like it. We are examining we are making controls. They are in course they are now evolving that and uh, we are making audits to the providers and to state services. And as soon as we will have our final result, we will notify the persons who asked us to what we the control led to, what was the result of the controls. And we make also audits, the controls of any of the the National Intelligence Agency and the other police. We are going to make calls to other police section and such entities who have a Prosecutor-General who meets orders of leave in interception for reasons of national security. And as soon as we will and controls will and we will make a protocol which is secret protocol, I can understand and this will be submitted to any judicial authority or to any parliament parliamentary examination committee of the Greek parliament, a military or state, something which was incorrect. From what I heard before, we never asserted to anybody making a written complaint to complain to us that we refuse due to us or to you. Uh, in a by written, written statement, we always, always give given as a written answer to everybody who is asking us. This was I was obliged to clarify in order not to have misunderstandings. So again, as regards to the illegal interceptions are a legal possibilities are limited by law. And as regards the spyware, we have not the competence, not neither the competence nor technical impossibility according to law, to go to find out this spyware. If there is a spyware introduced into to into a line or to into a smartphone of somebody. In spite of this, we are still continuing our conference. And the last but not least, Greek law was changed last year and it prohibits a I under a it will be a criminal offence if there it does not. Comply to this legal obligation. It prohibits us to notify anyone in Greece. If his phone was legally intercepted by legal I mean, I mean, according to the law governing this procedure, if this interception had been made, has been made for reasons of national security. This is a formal interdiction and it is valid for a since April 2021. This is for my introduction. I am ready to answer to any questions or clarifications and thank you for the invitation.

Jeroen Lenaers (Chair): Thank you very much, Mr. Rammos, for your contribution and for your flexibility also to switch to English at the last moment. So far on the Speaker’s list, we have in ‚t Veld Zoido, Kohut, Thun, Bricmont, Kouloglu, Riba i Giner and Solé. Unless I’ve missed anybody, I will close the speaking list for our three speakers. All remotely connected online. You can listen to the questions in Greek if you make sure you select the right channel in the online system so you can listen to it in Greek. And we have received confirmation that for the Q&A session of this meeting, there will be interpretation from Greek into English. So I thank very much the interpreters for their willingness to help us in that. So if the guests, our panellists are more comfortable in answering questions, it will be more detailed in answering in Greek. Please take that opportunity. And then we will start with our rapporteur. We have about 15 minutes left. We have eight speakers, so we have time. But please try to stick to the 2 minutes. Ms. in’t Veld.

Sophie in ’t Veld (Renew): Thank you, Chair, and thanks to our three guests. I will fire a series of questions at them, and I will ask each of them to respond to the questions that are relevant. First of all, it is true the spyware is not travelling via telecom networks, as Mr. Rammos said. But I understand that Predator does need to seek the help of telco providers to carry out their operations. So does that mean and this is particularly for Mr. Staveris and Mr. Rammos, doesn’t that mean that you that you are competent, you are responsible, you can investigate what the role of the telecom providers is here, then in particular to Mr. Alexandris and also Mr. Rammos. I understand that the Greek constitution foresees special protection against surveillance for politicians, which is not uncommon. And that means that the hacking of the cell phone of Mr. and like is a particularly serious crime because it’s a violation of the Constitution. So don’t you feel that that merits a bit more than just verifying whether there is a violation of GDPR? And that also goes for the case of Mr. Koukakis, because even if he doesn’t enjoy the same special protection as politicians, hacking in Greece is a crime and therefore it’s not just a GDPR violation and the merits enough minster TIFF investigation. So I would like to hear what you’re doing then to add a you stated, I believe this morning or yesterday after you have visited the offices of NYPD, the secret services that the data contained in the file of Mr. Andrew like his had been accidentally you know technical glitch can happen delete it and the same has happened to the data of Mr. Koukakis. And I understand that you made that public after visiting Ethiopia. Can you say a little bit more about that? Thank you.

Jeroen Lenaers (Chair): Thank you very much. Sophie, we will start then with Mr. Rammos to answer both those questions and then we move to Mr. Stavros and Mr. Alexandris. Mr. Rammos, you have the floor.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): First of all, I never made any declaration of that kind. This is invention of the press. I never said that the data of Mr. So-and-so. Mr. SO or Mr. in other era were lost because of a technical problem. I, I heard that this morning and I deny having said anything which would be impossible, because all of these controls are top secret. You understand, when you are making a controlled audit, audit in a in a national intelligence service, you are not supposed to speak to the press. And this I with the religious scruple I, I am doing when from the very beginning of my presidency here, please I protest that this this and not this new has been heard in in the European Parliament. Second. Yes, yes, Mrs. in ‚t Veld, we have a competence to control the providers, but so solely the providers, our technical staff is examining these technical details and these technical details which who are not who even specialised laboratories are not in a state to find out, well who was the initiator. Because even citizens lab, the only thing they can discover if is if the fault the euro smartphone was infected but not infected you. And so by governing by controlling the networks, we are doing all our technical possibilities. We are exhausting them and we will do it. And furthermore, second, the our control, as I said to you, is limited to providers. And we have not police or police competences. According to your question about Greek politicians, Greek constitution, this is a contract, a contradictory legal argument. And there are many, many opinions heard about this. I will not now go into the details because this is a very complex question. But there is a special article in the Greek constitution governing the telecommunication and communications, security and privacy. This is Article 19. And there is a special to special laws to 22, 25, 94 and 31, 13 of 23. This is for all Greek citizens. They are protected to the utmost, according to the words used by the constitution, to the utmost level. This is absolutely inviolable. There are some arguments who say that from Article 61, three, paragraph three or 62 of the Greek constitutions, there are some argument that some are more a guarantee save guarantees for politicians. I cannot I am not sure if this legal opinion is true, because this these matters are discussed recently in Greece. This there was no such discussion before. But they can say I can tell you that for us and in my personal opinion, there is a there is no possibility to intercept a smartphone and for any citizens without the guarantees of rule of law. I mean, as they are prescribing the Greek legislation, which we cannot of which are obliged to observe and to respect. But there are many may be some arguments saying that in order to have an interception from a parliamentary forum for a member of Parliament, Greek or European, to have an interception of his communication because he so suspected for doing something against national security in this case, in these cases, there must be a previous allowance from Greek parliament that the Greek. I must give a green light for that. This has never happened before. Maybe it will. It is a big discussion going on in Greece. Maybe it will be found out that it is the right opinion. But Greek the Greek law, the special law, which is a is the constitution in Greek law, commonly, I mean, parliamentary statute does not make a difference, does not make any, say any specific for political persons. Well, I apologise if I have forgotten a question. I’m at your disposal to come back if you. If you need to. If you want. Thank you.

Jeroen Lenaers (Chair): Thank you. Mr. Rammos, I think both the questions that were addressed to you are answered, and we pass the floor to Mr. Staveris and Mr. Alexandris, if you have any, to add to the commentary made by Mr. Rammos.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): Hello. First of all, I’d like to comment that the telecom providers in Greece, as well as in other member states, they follow strict rules in order to protect their customers. They follow the same rules as the other telecom providers. That is the European Union follows. Furthermore, to this, I would like to remind you that customer services therefore appeal on a frequent basis. Please inform the citizens on how to protect their what measures they should take in order to avoid facing smishing attacks. Another malware software that the part of their business or their private lives. So this is the only thing that I would like to thank you.

Jeroen Lenaers (Chair): Thank you. Then we move to Mr. Zoido on behalf of the EPP.

Juan Ignacio Zoido Álvarez (European People’s Party): Chairman, thank you very much indeed. Let me begin by thanking Mr.. Mr.. The Turkish government for its cooperation with this committee and the full transparency that we’ve seen with the presence of members of government and their willingness to respond. Now, if we can, we can compare a number of different cases that we’re seeing cropping up across Europe, all the way from Poland, Hungary to Greece. And I think if we. Compare these cases with the very flagrant cases that we’ve seen elsewhere would be wrong. You know, there’s mention of Greece as an autocratic state, I think would be misplaced and ridiculous, bordering on ridiculous. Now, I think the European Commission stated this. And so the rankings of Freedom House, another end use when it comes to Greece’s standing with three other countries. I think I’d like to now move onto the question. Having made my opening comment, Mr. Staveris. Has the government opened an investigation on the surveillance cases that have come to light? And if the answer is yes, then who has been charged with leading this investigation? And what guarantees can you give with regard to independence? Have independent bodies been asked to get involved? And what are the competencies that you have for this type of investigation? And what are the legal frameworks for this type of investigation in the digital age now? Alexandra Kirk Mr. Alexandris, can you give us some information about guarantees that the government can give now to people to ensure that European standards and international human rights standards are upheld? And what action does the government intend to take in the coming period? How does the government intend to strengthen these WHO provision and control checks and balances within the intelligence services? Thank you.

Jeroen Lenaers (Chair): Thank you very much. A couple of very concrete questions to Mr. Staveris and Mr. Alexandris. So I pass the floor first to Mr. Staveris.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): But regarding the first question, I would like your permission to give up the risk currently faces and increase especially my word. Unless one would substitute their box with say target, they won’t get a cooperation operator sufficient services. From the initial analysis, it seems that this phenomenon does not exceed the utopian of it at the moment, and it seems that it is the result of common cyber crime behaviour in the relevant cases currently on this topic. Furthermore, regarding to the part of your question of the investigation, the Independent National Spanish Authority has made this investigation and although there is no evidence, there is no evidence that the aim is power illegally legal that has been perpetrated by the Greek government. Now go to your second question. The respect of fundamental rights of the rapporteur from the European area through the Charter of Fundamental Rights, the European Convention on Human Rights. And secondly, EU legislation is a priority of the Greek government. The protection of personal data and privacy are crucial rights in the modern European states. There is no specific domestic regulation of personal data protection and cybersecurity. Criminal sanctions apply for improper use, violating personal data and communications security. In any case, for a country examining the possibility of launching a new regulatory framework, we will also encourage the initiatives for new European led state regulations. Thank you.

Jeroen Lenaers (Chair): Thank you. Mr. Alexandris, do you have anything to add to that? Because the second question was also addressed to you.

Panos Alexandris (Secretary General of the Ministry of Justice and Human Rights: On the judiciary, which is totally independent. And it happens in all the European countries, according to the European Convention and also their constitutions. The judiciary has the right and the summons. Now, the case, it would be not very good for the general secretary of the Ministry of Justice to express opinions. If a case is now pending in the judiciary, goods is completely independent of the authority. This means that the judiciary has to end its tasks, and after that the judiciary has to decide if action has to be undertaken. So far as the judiciary examines the cases. I have nothing to hide and they must not act otherwise aimed at way to the independence justice system, which I think that is very political for the European Union to exist. Secondly, everybody, because I cannot control about publications and other words, everybody can express his own opinion about everything but the results. They come only through the independent authorities and through the independent judiciary system, which are the only citizens who can provide the long form answers to the questions which had been said about. Thank you very much.

Jeroen Lenaers (Chair): Thank you very much. Mr. Kohut.

Łukasz Kohut (Socialists and Democrats) Thank you very much indeed, first of all. Thanks for being available to us and that’s not something to be taken for granted. We know that from experience and we know that it’s not always the case that people take an invitation from Brussels seriously. And I think that was the case with Warsaw, for example. And there’s all sorts of propaganda activity that can happen as we see in Hungary and Poland. So and that’s not on now in the European Parliament. We are interested in the fundamental principles and we we feel unsettled by what we hear coming from Greece. So I wonder about the systemic changes that were brought in by the Greek government and what how things will develop in English. Since ADP visited the National Intelligence Services looking for evidence and files on the wiretapping. So what have you found? Is this true? And what we can find today in newspapers that all the records from the wire taping of Andrew Lucky and Koukakis have been destroyed? Or I would put it in more diplomatic language. They are not kept for two years as it is normally interpreted. Thank you very much.

Jeroen Lenaers (Chair): Thank you. It’s a follow up of the question of Ms in’t Veld to Mr. Rammos, so if you would like to elaborate on that.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): Thank you. Can I reply? In Greek? In Greek? Maybe if I could do it in English, I will do it in English.

Jeroen Lenaers (Chair): But there is a possibility to do the Greek. Should you like to do it?

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): Well, I will do it in English. I repeat what they said before answering a question of Mrs. in ‚t Veld. I would like to inform Mr. Kohut that I never said that, that the all of the findings, all of Mr. Andrew Lachish or Mr. Koukakis or whoever else have been lost, have been not been conservative consulting the National Intelligence Agency or anything at all. I didn’t say anything and I am not supposed I am not allowed to tell anything about an audit, any control, so, so important as when it regards a national intelligence agency. Our control is going on. It has not ended. I cannot say anything about it. I cannot give you any detail. It’s clear. This is clear. And we are making controls and audits also. We will we are in course we will making to providers and we will do it. We continue to do it in other public services and as soon as we will and we will inform Mr. Koukakis and Mr. Androulakis according to law and we will make a secret protocol which will submit it can be submitted only according to Greek legislation to the judicial authorities or to the Examiners Committee of Greek parliament. So let me stress that again. I never said and this is not true, that I mean, that is that I made an announcement about anything which was found it in our controls. So and I repeat also, you can you can understand, I think that I cannot tell you what the findings are before the conclusion and taking you should take into account that all these controls are covered by top secret classification. Thank you.

Jeroen Lenaers (Chair): Thank you very much. On behalf of Renew Róża Thun.

Róża Thun und Hohenstein (Renew): Yes, thank you. Thank you, Chair. So, Mr. Rammos, I understand that we all know that you never said anything. We despite the fact we would like to know if this information about the destruction of the data is true. But I will not ask this question because I understand that you will never answer that, because you never said then. Because you cannot because the investigation is not terminated. And that’s more or less our discussion today is as transparent as that. We also never said the which institution because there are many, of course, and we are not all experts on the Greek administration gave those loans, those banks shithole loans, those bugging against the journalists, politicians and others in Greece. But we heard the number 15,000 more or less. And I would be very interested if the investigations are on the way you are launched, if anybody in Greece has any information about who sold the system, reported, who was the end user, if there is anything going on, it’s finally about our European democracy. The questions are very heavy and Greece, as you yourself said, is not the only country I am Polish. We have similar cases and we care here about free elections, freedom of the countries, corruption, struggle against corruption, etc.. And my last question is it was very clearly said here that the Prime Minister has links with those people who seem to be partially at least responsible for the surveillance have worked in Intellexa, his nephew and the. And the companies that use the bugging system, etc.. So do you look into this if the powers of the highest authorities were somehow not overused and. And who is doing this in the case of Greece? Thank you very much.

Jeroen Lenaers (Chair): Thank you very much. So we first give the floor to Mr. Staveris.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): Hello. Thank you for the for the question. But I was in the store. And so because this is an investigation that’s taking place by the independent killing board for communications, security and privacy. I was a secretary general. I know every secretary didn’t come on the fair with an ongoing investigation of an independent organisation in Greece. Thank you.

Jeroen Lenaers (Chair): Thank you very much, then Mr. Rammos.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): For Mrs. Thun and Hohenstein. I told you before that this is what we are doing right now for the beginning of August. This is a there are a lot of controls we have began and with are complicated controls, with administrative procedures that are complicated. We are following scrupulously, scrupulously all legal procedures and with difficult and sensitive technical problems. This is our duty and this is what we are doing. As she regards your questions about Intellexa or spyware or connexions or, I don’t know, corruption in all this. We are not the competent authority about that. We have only limited to the secrecy and confidentiality of communications. I speak you in that title. No, I am not supposed to do it to speak to you about general corruption or any kind of other different problems. There are other authorities who can give you these answers. And I told you in the beginning, maybe it was not some it was not very clear from the beginning. We are limited by law to the control of providers of telecommunications, and you can think else is not allowed to us according to law. I will give you if you want the numbers, but I don’t want to bother you with details. And us. That’s the European democracy. In Greek democracy. We I do I love as well as you do Greek democracy. And I am very sad listening to these to these events. But here I am not speaking to you as a private person. I am speaking to you as president of these of the are there, I assure you and assure every everybody that we will do our best to help uncover all this history. Thank you.

Jeroen Lenaers (Chair): Thank you on behalf of the Greens, Saskia Bricmont.

Saskia Bricmont (Greens): Thank you very much indeed. Thank you for enabling me to speak French. I would like to thank all the speakers in the second panel. I’m glad to hear that there’s some guardrails in place. I’m interested to hear what you said about the protection under the Constitution. It covers journalists, inter alia. We should, of course, be reassured by the fact that you assured us that the requisite safeguards are all in place. However, it does seem to me that some of these legal safeguards have not functioned in practise. You knew why we requested you to participate in this hearing, and yet you all seem to be falling back on saying that you were unable for various reasons, to respond to the questions that were asking. You invoked the principles of the rule of law, which hasn’t been breached. Provisions and principles of transparency. But it is vital that there is more transparency. Your citizens citizens of the European Union deserve no less. So could you please give me an outline of what you can and will do to avoid such a scandal recurring? Secondly, are you actually investigating the surveillance scandal in tech leaks and other instances? Are you looking into what the surveillance authorities have been doing and democratic surveillance over their activities most specifically? Could you tell me in more detail what the. Criticism of it is a Triantafillou is based on apparently some journalists have been placed under surveillance in the interests of national security and they can be both threatened and have further surveillance imposed on them. Do you do this to be compatible with your Constitution? Thank you.

Jeroen Lenaers (Chair): Thank you, Ms Bricmont, then we move to Mr. Staveris first. You have the floor.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): Hello. The question posed in this situation was mainly the fact of whether the. Can you hear me?

Jeroen Lenaers (Chair): Yes, we can hear you.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): Can you hear me?

Jeroen Lenaers (Chair): Yes, we can hear you. Can you still hear us? Yes. Yes, yes. Excellent.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): So the regarding the investigation, is it purely a matter of the Independence Hellenic Justice System? So again, I cannot defend the secretary general and expose any opinion or because I do not have any of them. No. Regarding the. That is what we can tell you, that the National Cyber Security Authority is following the law and we are in cooperation with the European Union and our friends in order to investigate new forms of law and necessary steps that should be made for the future in order to improve the current structures. Thank you.

Jeroen Lenaers (Chair): And Mr. Alexandris, if you would like to add to that also, maybe on the first question on what is currently happening in order to prevent this happening in the future again?

Panos Alexandris (Secretary General of the Ministry of Justice and Human Rights: Who are the very few words about it? I heard about a scandal. I don’t know why it is a scandal because it is so expressed to the press. Because some people believe so. So we rely our selves of what said in the press of what is the same state. It is personal opinion and we don’t want to follow in the way of the official results, also of the independent authority and of the judiciary, which is completely independent to decide. Indeed, we decided that we have a problem. The criminal actions will be undertaken by the judiciary. So we come always to conclusion that there is not the transparency rights, not the transparency. Because before we have the final results of the independent institutions, we have to believe whatever it said. I’m very sure we have to wait. We have to be sure the something catch them. And after that, we have the safeguards for the country and for the rule of law. And believe me, this is a country who suffered in the past very much. What are the violations of privacy during the Hugo regime and the previous stance? And we are very proud that we did democracy, which is now for 30, 48 years. It’s a very stable democracy, and it can give all the appropriate answers of everything, which would be an easy thing to announce.

Jeroen Lenaers (Chair): Thank you, Mr. Alexandris. Sir. Mr. Rammos, as much of you, if you want to add anything to the previous two speakers on this point by Ms Bricmont.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): Yes, I would like to add that what is important after these sad stories is not only to find out what happened, but also to make sure that this will not happen again in the future. But the initiative must come from the Greek legislator. I think some have some personal proposals who are not strong, in my personal opinion, and they are not engaging any anybody else. The orders for illegal interception for national security must be admitted by collegium of judges and not by a single judge. This is a better guarantee that the national security issues must be specified more specified in law, not give to any judge the possibility to think that national security, whatever he thinks or whatever police authorities think it is. And there are also a lot of changes which I am in the disposal of the Greek authorities to propose in order to make these all the system better. In this proposal, I would I will also ask to give greater competences to our authority. I’m not I don’t know if we are going to be heard about in this, but I think that things must change and this changes. The initiative belongs to Greek lawmakers, the Greek parliament. Thank you.

Jeroen Lenaers (Chair): Thank you very much. On behalf of the left, Mr. Kouloglu.

Stelios Kouloglou (Left): Well, Mr. Alexandris, in another hearing on the 27th of April this year, you were asked why the Greek government is not implementing the European directive for the protection of whistleblowers. And you replied, you said tomorrow. Literally tomorrow we’ll do it. Sure we have. April, May, June, July was five months and nothing happened. I hope this time you will be more accurate in your answers. I’m going to ask you. Well. The first answer is why the secret services were following a member of the European Parliament. Why you have to tell us whether we are welcoming her or why. What happened? She was a criminal. She was a spy. Her second question through Mr. Androulakis, the Greek secret services were spying. All of us here, all the people, all the deputies, also, they are sisters. Everybody there was spying. The deputies.I was talking to them. All right. So you are coming here. You don’t feel any kind of remorse of what happened? I mean, you know, why should I be followed or another guy from Poland or I don’t know from where. Because of you, because of your secret services. And you don’t feel you need an apology to the deputies here. I’m surprised. I’m surprised with your style. Nothing is happening. The Justice Department bullshit. Another question. So I think the question is clear, don’t you? Don’t you feel you need an apology to the deputies that were followed without their knowledge? All right. So, Mr. Rammos, I’m coming to you for a question. You said that you never said about the, you know, the date of Mr. and the election. Koukakis never said that we understood that. You said also that you cannot tell us whether this happened or not because there’s an investigation going on. When do you think this investigation will finish? Because it’s not a it’s not a big deal, I guess, to go to the secret services and see the files of Mr. and the election Koukakis. It does it does not take months or years. So when do you think this will follow? So to inform us about the results and are you going to inform us about the results? You will find all you have already found or not. Or it will always be a secret then.

Jeroen Lenaers (Chair): Yeah. Last question.

Stelios Kouloglou (Left): Last question. When Mr. Koukakis realised that she was under surveillance, she. She asked your authority her to confirm it and you were obliged to do according to the law. Then in one night the government says the law for forbidding you to give the information. At the time you have stated that this was against the Constitution’s constitution of the Greeks. Are you standing by?

Jeroen Lenaers (Chair): Thank you for the declaration. We will first move to Mr. Staveris and Mr. Alexandris and then to Mr. Rammos. Mr. Staveris.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): Excuse me. Hello. I believe that this question was addressed to second opinion of justice, Mr. Alexandris. So I will passing by.

Panos Alexandris (Secretary General of the Ministry of Justice and Human Rights: First of all, I am very grateful that Mr. Kouloglu made all these very, very beautiful questions. First of all, I have to reassure him that he must not be so much hostile because there is no need in the democracy by exchanging views to be hostile between each other. But if he needs to express himself so of course, his very well respected production and whilst I am, first of all to remind to keep and look responsible for the secrets head of justice in Greece, unfortunately, they both belong to the Ministry of Justice. So he has got them. If you want further explanations and declarations to the people who have the competence. Unfortunately, Mr. Kouloglu added nonsense. You said the cause of whistleblowers. Don’t worry, Mr Kouloglu, It will be like sometimes it happens if you have to make legal case law to be a little late or to not be so much precise to the time. Of course I have and I believe that I didn’t hear it, that it’s bullshit that justice is dependent. So a Shia former congresswoman from the European Parliament who is a member, of course of the Greek side, that’s bullshit. And we don’t have an independent judicial system. And they all asking, well, did she discovered this after 2000, maybe, or before when it was the problems mostly also criminalised what behaviour was not so much appropriate to the justice system? And I believe that they gave her an answer. Of course I respect very much Mr. Kouloglu and also opinions and also his views, but he has also the ability to respect mine. Thank you.

Jeroen Lenaers (Chair): Thank you, Mr. Alexandris. And then we move to Mr. Rammos for the timeline of the investigation and the previous statements made in that regard. Mr. Rammos, you have the floor.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): Okay.

Jeroen Lenaers (Chair): Well, I think you’re muted at the moment. Could you? Yes. Now we hear you. Thank you.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): Now. Can you hear me?

Jeroen Lenaers (Chair): Yes, we can hear you loud and clear now. Thank you.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): Well, to the question of Mr. Kouloglu. First of all, the controls are there are a lot of complaints. This is not just one complaint. Many people see just the complaint of Mr. Androulakis and Mr. Koukakis. This is not the case. There are a lot of complaints, and some of them must be examined together because there are some common characteristics. We are doing our best to make do as soon as possible, but not the soonest possible, but not be in spite of the of the of going to the to the depth of the question. We have to examine every possibility. And, you know, our technical personnel I’m not I am a former judge. Our technical personnel are going visiting places and trying to find out if something defame something and they have an idea to go furthermore. So I cannot give you a specific term for the end of these controls, because there are a lot of them. Of course, nobody spoke about months, that’s for sure. It will be much, much shorter. But you can understand I cannot give you an exact date. This would not be serious. But from me speaking to you and tell you a deadline as far as the Article 87 of law and for around 4700 so on which prohibit which prohibits us from notifying any person who has whose connexion, whose communication has been intercepted to notify him after the end of the of the interception if this interception was due to was caused by a national security issues. And I have written in a personal as a as a private person as a judicial person. My opinion, which has not changed in my opinion, was that this article is not compatible with article with the Case Law of the European Court of Human Rights in Strasbourg and regarding Article eight of the European Convention of Human Rights. This cannot change at all. But here I am, a member of an official of a Greek authority, which is not supposed to not to apply a law as an intrusion. This is a privilege. And which of the Greek constitutions gives only to the judiciary? All administrative authorities, independent or not, are supposed to apply law. They cannot refuse to apply law by stating an eventual anti anti-constitutional entity or an international violation of a the European Convention of Human Rights of the European Union’s law. This is the answer, but I still believe what they said in April two, 2021. Thank you.

Jeroen Lenaers (Chair): Thank you very much. Then Miss Riba I Giner.

Diana Riba i Giner (Greens): Thank you very much. I’m going to speak in my second language, Spanish. Now, as the others have said, I’m a little bit in shock as well because I think that we’re losing the way in which we should be working. Some people say if it’s a scandal that’s happening in Greece. Well, we do believe that it’s a scandal. And if there’s a scandal, then there has to be investigations as is happening across Europe, Pegasus and other programmes as well. And it’s for this reason that we’ve created this investigative committee. We think that what’s happening is a scandal, what’s happening in Europe now we’re talking about Greece. And yes, we do think that what’s happening with the illegal tapping on journalists, political opposition leaders, political opposition members, etc., it is a scandal and we have to take it very seriously. My colleagues have asked a lot of questions. I don’t want to repeat them, but I would like to ask a couple of yes or no questions. One, The Greek government has the Greek government for its espionage programmes. If yes, then which have they used them to carry out investigations. General ones on journalists. Have they used them for to investigate MEPs. And finally. In all of the meetings that we’ve held under this committee, we always end up with the same conclusion. We need more transparency. We need greater levels of investigation, and we need greater levels of involvement from governments in all of the espionage cases. So my question is, it’s a couple of months now between this hearing and the visit we have to Greece during these couple of months. And when we arrive in Greece, will we be able to work in a more transparent way? And in this with this investigation, the potential investigation, in order to come to an agreement, a final agreement on what we have to do in Europe, not just Greece. I mean, Greece is part of it, but in general across Europe, so that we can live in a more safe way, so that we don’t have this clear violation of our political rights and also the rights of our citizens. And finally, to the MEP. You’re talking about national security, etc.. Now here there are some rules and all MEPs we have full immunity. So you can’t investigate an MEP if the European Parliament isn’t, it doesn’t receive a request for the lifting of this immunity. So I’d like to have the answers on the case of the MEP as well, please. Thank you very much.

Jeroen Lenaers (Chair): Thank you very much. And then we move. I’m not sure whether Mr. Stavros, as Mr. Alexandris, would like to answer the question by our colleague, but I passed the floor to both of you.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): So this is the easiest question made, and the answer is not so easy. According to the results from the Nelson of Authority, no, the Greek government or any public organisations because not just any legal software. Thank you.

Jeroen Lenaers (Chair): Thank you. Mr. Alexandris, you’d like to add anything to that?

Panos Alexandris (Secretary General of the Ministry of Justice and Human Rights: I don’t have anything to hide. They think that all the possible explanations have been provided with very good faith and believe that they will be very seriously and very quickly evacuated from your community. You are very relied on your opinion and we express again our sincere gratitude for this very fruitful dialogue, which will be fruitful also for government. It will be fruitful for the institutions, and it will be also very fruitful for the policies, which would be other aid that followed and making our life and privacy much more better, much more efficient, much more European. Thank you very much.

Jeroen Lenaers (Chair): Thank you, Mr. Solé.

Jordi Solé (Greens): Thank you very much, Mr. Chair. I really believe everyone. Everybody here should keep some minimum formalities when answering the legitimate questions coming from MEP. Having said that, I want to say that when Mr. Zoido mentioned the net, the member states where there have been spyware scandals because yes, they are scandals, he strangely forgot to mention Spain and me being a victim of Pegasus and being elected in Spain, I am happy to remind him about this. Having said that, we are seeing in this committee the pattern that when we enquire EU governments about hacking scandals that happen in their countries. The concept that immediate immediately a crisis is not of national security. But of course, many doubts pop up when these hacks have US victims, opposition politicians, journalists, activists. And one wonders whether the argument of national security is being misused on purpose in order to pursue other goals, actually completely unrelated to national security issues. All these legitimate suspicions make all the more evident and urgent the need to have diligent judicial investigations on all these cases upholding through throughout the whole process, the rights of the victims of this of this House. But all these cases also reinforce the need for having a clear legislation on selling, purchasing and using of spyware in order to uphold democracy and fundamental rights, in order to prevent the concept of national security being misused. And in that sense, I would like to know what is the opinion of our guest on an eventual you and I underline this EU wide legislation that would clarify and unify the conditions for the use of for the eventual use of the spyware technologies. Thank you.

Jeroen Lenaers (Chair): Thank you. Mr Solé, that’s an invitation to all three of our guests. We have a couple of minutes left. So I would invite all guests to reply to that and also make any concluding remarks that you would you would feel necessary. So we start with Mr. Staveris.

Athanasios Staveris (Secretary General of the Ministry of Digital Governance for Telecommunications and Post): Hello. I already mentioned in my initial speech Greece, the Greek government. Of course, we follow and help assist in any way possible in the form of a new regulation of the European Union. But when it comes to privacy, the protection of personal data of its citizens, it does remain because the security of businesses in the public sector are low amongst the European Union. So the answer is yes, that we want to participate in any action taken undertaken by European Union organisations and we are safe or at quality that we can in order to provide the best possible lives. Thank you.

Jeroen Lenaers (Chair): Mr. Alexandris.

Panos Alexandris (Secretary General of the Ministry of Justice and Human Rights: Yes, of course. We will fully assist and we think that there is a need for a more detailed legal framework which will protect much more of the privacy. Because in our times I think that we live in difficult and dangerous times. So we must do our best to support the democracy in Europe and control the freedom of speech, the freedom of exchange, and of the use of expressions of everything, so that to protect our citizens, we have to protect ourselves. So it is very, very, very welcome. As a conclusion, I apply in my previous comment and I thank you very much for the support of your views and for the exchange of views, which, again, I have to state that it was extremely painful.

Jeroen Lenaers (Chair): Thank you very much. Then Mr. Rammos.

Christos Rammos (President of The Hellenic Authority for Communication Security and Privacy, ADAE): Thank you, to Mr. Solés question. I think the European collaboration is the only way of salvation in this world where all dangers and all risks are planetary and only by uniting and making common regulations. Can we confront all of these challenges because neither Bank, Pegasus nor Predator or whatever can be addressed by a single country. In this respect, I think that it is very, very urgent to finish, at least with the so-called e-privacy regulation, which is stagnating for five or six years. And we are all, all of us waiting for this ePrivacy regulation to come out to fix our problems, post it during the communications by the over the top, so-called over the top like signal, like Viber, like WhatsApp, whatever. And the only way a united United the legislation by the European legislator which is as you know, Council and the European Parliament get all these issues can be addressed as far as the corruption is concerned, which is a very difficult and almost a problem inherent to you to Europe, to a human good, to the human condition. More severe legislation will be needed for all these small enterprises which are commercialising spyware and everything. In this respect, too, I think Europe can regulate all of these things. I hope this will be the case the soonest possible because as we are now, technology goes sooner is the technical dangers are going faster than the legislate the legal systems can afford to do to cope with. And we will never be safe. 20% safety is not is not possible in this technological world, but at least let us all European instances collaborate to me to regulate all these things in within a common sense for all 27 countries. This is what they have to do. And I would like to thank you all for the invitation. And I have always remain at your disposal for whatever question you would like to address to me. Thank you.

Jeroen Lenaers (Chair): Thank you very much. Mr. Rammos. That brings us to the end of our panel. I would like to thank Mr. Staveris, Mr. Alexandris, Mr. Rammos for taking the time to be with us. We have been you know, we have received different signals from governments that we would like to hear from. So I appreciate the fact that you were available to come and speak to our committee, and we will take up the invitation to cooperate with you. Also with a view to the mission that will be deployed to Greece, the next hearing of our committee, our next meeting will be next Thursday in Strasbourg from 9 to 12, when we will have the country hearing dedicated to Poland in preparation of a mission to Poland between the 19th and 21st of September. And there we, of course, still waiting for official confirmation from the authorities. So thank you all very much and I look forward to see you next week.

No Tracking. No Paywall. No Bullshit.

Unterstütze auch Du unseren gemeinwohlorientierten, werbe- und trackingfreien Journalismus.

Die Arbeit von netzpolitik.org finanziert sich zu fast 100% aus den Spenden unserer Leser:innen. Werde Teil dieser einzigartigen Community und unterstütze jetzt unsere Arbeit mit einer Spende.

Jetzt spenden

0 Ergänzungen

Wir freuen uns auf Deine Anmerkungen, Fragen, Korrekturen und inhaltlichen Ergänzungen zum Artikel. Bitte keine reinen Meinungsbeiträge! Unsere Regeln zur Veröffentlichung von Ergänzungen findest Du unter netzpolitik.org/kommentare. Deine E-Mail-Adresse wird nicht veröffentlicht.