GREECE Law and Practice Contributed by: Nikos Nikolinakos, Dina Kouvelou and Alexis Spyropoulos, Nikolinakos & Partners Law Firm
Public administration prioritises cloud solu - tions via systems like G-Cloud, RE-Cloud and H-Cloud for government, education and health, with the aim for all public systems to migrate eventually. In the financial sector, Acts 2577/2006 and 2597/2007 govern cloud use, aligning with GDPR where applicable. In terms of data protection, GDPR and Law 4624/2019 regulate personal data in cloud services, requiring transparency, security and defined roles for controllers and processors. In terms of cybersecurity, Law 5160/2024 incor - porates the NIS2 Directive, mandating cloud providers to ensure security, conduct risk assessments, and report incidents to authorities. 3. Artificial Intelligence 3.1 Liability, Data Protection, IP and Fundamental Rights AI-Related Laws The AI Act (Regulation EU 2024/1689) intro - duces a risk-based framework categorising AI systems as unacceptable, high or low risk, with strict requirements for high-risk systems, includ - ing transparency and accountability. Law 4961/2022 imposes obligations on public and private entities using AI systems. Deepfake Technologies Greece lacks specific regulations on deepfakes, but the AI Act mandates transparency for AI systems generating or manipulating deepfake content. Misuse may fall under existing laws covering:
• the dissemination of false information; • defamation; • GDPR personal data violations; • personality rights violations; and • intellectual property infringement. AI in Transport Autonomous vehicles Ministerial Decision 393352/2022 permits driv - erless vehicles only for research in pilot pro - grammes, requiring Municipal Council approval. Operations are limited to specific routes, peri - ods and a 30 km/h speed limit, supervised by a legally designated driver. Unmanned aircraft systems (UAS) EU Regulations 2019/945 and 2019/947 govern UAS safety, privacy and data protection. Greece aligns with these rules under HCAA Decision Δ/ ΥΠΑ/21860/1422, defining obligations based on UAS categories (“open”, “specific”, “certified”). Liability is addressed by the Greek Civil Code and the Consumer Protection Law. Drone delivery services Article 12A of Law 4053/2012 regulates UAS for postal services. Licensed providers require EETT approval, with technical and safety stand - ards set by the Minister of Digital Governance in consultation with EETT and the Civil Aviation Authority. Liability AI liability in Greece is addressed case-by-case under existing laws, as follows. • Product liability: Law 2251/1994 imposes strict liability on producers for defective prod - ucts. Directive (EU) 2024/2853 will replace it by December 2026. • Civil liability: the Greek Civil Code (Articles 914, 932) governs damages, requiring proof
103 CHAMBERS.COM
Powered by FlippingBook