** Reply to note from [log in to unmask] Wed, 1 Dec 2004 10:53:19 -0000
> Has anyone come across this one before in connection with Greek DP Law?
>
> Imagine a Greek citizen who normally lives in Greece but has a holiday home in
> the UK. Whilst in the UK, this person does some business with a UK Data
> Controller who processes some personal data about the Greek citizen.
>
> Below is a translation of the Greek DPA. Section 3b appears to put Greek DPA
> obligations on UK data controllers (and other EU data controllers as well).
> Is this not at odds with the EU DP Directive (Article 4) which defines how
> national DP law should apply?
>
> 3. The present law shall apply to any processing of personal data, provided
> that such processing is carried out:
>
> a) by a Controller or a Processor established in Greek Territory or in a
> place where Greek law applies by virtue of public international law.
> b) by a Controller who is not established in Greek Territory or in a
> place where Greek law applies, when such processing refers to persons
> established in Greek Territory. In this case, the Controller must designate in
> writing, by a statement addressed to the Authority, a representative
> established in Greek territory, who will substitute the Controller to all the
> Controller's rights and duties, without prejudice to any liability the latter
> may be subject to. The same shall also apply when the Controller is subject to
> exterritoriality, immunity or any other reason inhibiting criminal prosecution.
> c) by a Controller who is not established in the territory of a
> member-state of the European Union but in a third country and who, for the
> purposes of processing personal data, makes use of equipment, automated or
> otherwise, situated on the Greek territory, unless such equipment is used only
> for purposes of transit through such territory. In this case, the Controller
> must designate in writing by a statement addressed to the Authority a
> representative established in Greek territory, who will substitute the
> Controller to all the Controller's rights and duties, without prejudice to any
> liability s/he may be subject to. The same shall also apply when the
> Controller is subject to exterritoriality, immunity or any other reason
> inhibiting criminal prosecution.
>
> Would anyone like to comment on whether they think this may just be a dodgy
> translation of Greek DP law, or if a UK data controller could indeed be bound
> by the Greek DPA in the above circumstances?
I got as far as here:
http://www.dpa.gr/
I am afraid it will take me more coffee to remember to read Greek.
What is the source of your passage above?
Charles
--
Charles Christacopoulos, Management Information Officer,
Planning & Information, University of Dundee, Dundee, DD1 4HN,
Scotland, United Kingdom. Tel: 44(0)1382-344891. Fax: 44(0)1382-348845.
http://www.somis.dundee.ac.uk/ ::egothor http://www.egothor.org/
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
