The Greek Ministry of Migration and Asylum was fined EUR 175,000 for incorrectly developing and installing two surveillance systems at asylum centres on the Aegean islands.

Centaur is an integrated digital Electronic and Physical Security management system that uses cameras, drones and motion analysis algorithms to control reception and hospitality structures for third-country citizens on the Aegean islands. 

Another system, Hyperion, is described as an integrated entry-exit control system. Asylum seekers, certified members of NGOs and other guests present cards read by an RFID [Radio Frequency Identification] reader combined with a fingerprint through which personal data and biometric data are processed. 

The Greek Data Protection Authority (DPA) found that there was deficient cooperation on the part of the ministry as the Controller. It further ruled that the required Data Protection Impact Assessments carried out by the ministry were incomplete and constituted serious omissions regarding the ministry’s compliance with specific provisions of the European Union's GDPR regarding implementation of disputed systems.

Both systems received funding from the European Union. The fine is the largest imposed on a Greek public body to date.