GREECE IMPOSES CRIMINAL SANCTIONS FOR GDPR OFFENCES

RETURN TO MAIN BLOG


Greece imposes criminal sanctions for GDPR offences of up to 20 years covering 6 key infringements:

Infringement 1: Unauthorised data processing (e.g., unauthorised access, copy, deletion, transmission, etc.)

Criminal sanction: Up to 1 year imprisonment.

Infringement 2: DPO violating their confidentiality duty in order to gain benefit or cause harm.

Criminal sanction: Up to 1 year imprisonment.

Infringement 3: Unauthorised data processing and further transmission to other unauthorised individuals.

Criminal sanction: Up to 5 years imprisonment.

Infringement 4: Unauthorised data processing of sensitive data.

Criminal sanction: Between 1-5 years imprisonment and up to 100,000 EUR monetary penalty.

Infringement 5: Unauthorised data processing in order to gain benefit or cause harm, of value greater than 120,000 EUR.

Criminal sanction: Between 5-10 years imprisonment.

Infringement 6: Unauthorised data processing that relates to the functioning of the Greek state, or national security.

Criminal sanction: Between 5-20 years imprisonment, and up to 300,000 EUR monetary penalty.

courtesy of WSGR