The President of the Personal Data Protection Authority Konstantinos Menoudakoshe resigned for purely personal reasons, as he said.
In particular, on the occasion of the seven years of implementing the General Data Protection Regulation (GDPR) and the submission of his resignation, Mr. Menoudakos gave a press conference, in the presence of members of the Authority of George Roussopoulos, Vassilis Zorkadis and Elias Athanasiadis.
Mr Menoudakos said he resigned his resignation of March 26, 2025 and, with the expiration of the prescribed quarter of the resignation, will now be outside the principle.
As Mr. Menoudakos explained, he resigned for “purely personal reasons who have nothing to do with issues regarding the functioning of the Authority and the execution of her work”. At the same time, a question by reporters about how he would characterize his whole course in the Authority, Mr. Manoudakos, “
To the next question, if in his long run at first he received political interventions on a case that concerned the authority, Mr Menoudakos’ response was absolutely, that he “never accepted any political intervention” and added:
No political intervention was attempted, as they knew that there would be no effect. In addition, neither a judge accepted political interventions, nor as chairman of the Council of State, despite the fact that the court was dealt with very serious cases, such as the memorandums, etc. ” Furthermore, the outgoing president of the Authority said that during his term “the Authority did its work without pressure”. In addition, he explained, the Authority “does not make politics and does not legislate”.
Mr. Menoudakos also said:
“I would like to emphasize that the Authority is not a resettlement factor for progress, as it is at times unjustifiably argued and by some almost obsessively. In a rule of law any processing of personal data must be made for a comparable purpose provided for in law. This is not only the view of the Authority or the view of counterparts, but also the stable case -law of the Court of Justice of the European Union and the European Court of Human Rights. What is generally required is sober weights and appropriate risk assurances.
Referring to the GDPR, Mr Menoudakos noted that “it is a global standard for protecting personal data” and its implementation, which began seven years ago, resulted in “expanding the mission of the Authority to many areas”.
At the same time, Mr Menoudakos said that during the 6-year 2019-2025 the Authority imposed fines of EUR 36,586,149, with the clarification that this amount does not include the € 20m fines imposed in 2022 on ClearView, which markets persons.
In addition, 9,069 complaints of personal data breach were made in the seven years 2018-2025 (only in 2025, so far the number has reached 622) and 6,916 were handled by them.
Elsewhere, Mr. Menoudakos referred to the deficiencies of staff at the outset, pointing out that the predicted organic staff positions are 91 and today serve 50, that is, “the staffing of the Authority is significantly remaining of this counterparting authorities of other Member States and remains severely underutilized.”
As for the Independent Authorities, Mr. Menoudakos said:
“The truth is that in Greece the strengthening of the Independent Authorities and the concern for their effective operation is not a priority of governments. As Professor Spyros Vlachopoulos, who is a member of our Authority, is used to saying, the parties love independent authorities when they are in the opposition and question them when they are in government.
Sometimes, I add, the challenge is expressed by statements that give the impression of pressure or threats that undermine their prestige and credibility.
It seems that in Greece it has not been embedded in the consciousness of the political system that in the mature democracy counterbalances of power are not only the courts, but also the independent authorities, at least the constitutionally foreseen, in the context of the responsibility of each. “