Electronic Government: Legal Aspects and Applications

by Aikaterini Yiannoukakou University of Macedonia, Greece PhD Candidate kgian@uom.gr

Abstract
Since the late 1980s and the early 1990s with the advent of Information Technology (IT), there has been a lot of discussion on how and with which methods IT applications could be incorporated to the public sector aiming to empower its operations, simplify its procedures and optimise its services. Especially from the middle 1990s onwards with the mass development of personal computers and the rapid penetration of web tools and the Internet to everyday life, the public sector worldwide found itself swinging between the traditional way of doing business and the increased introduction of IT. From that point forward, there has been numerous synchronized, and not, efforts to move public administration operations to an integrated electronic environment within which citizens and businesses could access, interact and transact with the governmental agencies in a seamless, open, 24/7 and round the clock manner, the so called electronic government. In that scope, all governments worldwide have hastened into adopting the newly emerged e-government services, as they assumed that it would be the only reliable means of reducing bureaucracy, improving the effectiveness and efficiency of public administration, rationalise budgets, cut costs, better allocate public resources, increase the satisfaction of the public, and enhance democracy. However, this shift of operations to a full electronic environment implies an excessive use of personal information via electronic means. This by default denotes that the legislation must provide a solid framework, which will prevent any kind of abuse and/or maluse of personal data by enhancing their surveillance by paying attention to issues as data protection, privacy, confidentiality, authentication and integrity of information. For that reason, legislators have considered these issues to their regulations, and all e-government related laws have provisions regarding the surveillance of data and information stored and transmitted by governmental agencies.

1. Introduction
The introduction of IT into public administration for remodeling of the administrative procedures is under discussion for the last 30 years. Organisation theorists early

observed that technology could reform the way public administration operates by allowing managers to manipulate information much faster and more flexibly and by enhancing the control of their subordinates (Milward and Snyder 1996). At the early days each agency made its own provisions on the prospective IT applications to be implemented with financial resources allocated from their own budget. As a result, similar in operations organisations were found with different and often non compatible information systems, which could not be linked and exchange information with each other. This policy contributed strongly to the fragmentation of public information, amplified the isolation among agencies, rocketed the governmentwide budgetary costs spent on IT applications, minimised the interoperability among agencies, but mainly didnt improve the interaction of citizens with the government. Facing this technological predicament and being to the quest of cutting redtape and the costs of public administration, government officials decided to exploit the advances of IT into building an electronic environment which would provide a unified access to all government services breaking the barriers of time, physical presence and geography. Namely, the era of electronic government (or e-government) had arrived. European Union (EU) provides a simple but serving definition of e-government as eGovernment is about using the tools and systems made possible by Information and Communication Technologies (ICTs) to provide better public services to citizens and businesses, involving the rethinking of organisations and processes, and changing behaviour so that public services are delivered more efficiently to the people who need to use them (European Commission). The annual UN survey on e-government for the year 2012 presents the course of egovernment worldwide the last decade (2003-2012), which appears to be continuously upward (United Nations 2012, p. 14).

Figure 1: Advances in regional e-government development 2003-2012

This diagram shows the continuous increase of e-government globally through the last decade with an average rate of increase 10% on e-government development compared to 2010. In regional comparison, Europe has the greater development climbing up to 0.7188 EGDI (E-Government Readiness Index), followed by Americas reaching the 0.5403 EGDI and Asia a bit below with 0.4992 EGDI having the leaner progress of all regions and being almost in line with the world average. The last two places are occupied by Oceania with 0.4240 EGDI and Africa with 0.2780 EGDI, both far behind from the world average and the rest regions. What is interesting is that Oceania had a strong beginning in e-government development in 2003, which was followed by a decline till 2005, an increase again between 2005 and 2008, and finally a steadiness of e-government development the last four (4) years. E-government is a multidimensional phenomenon as it entails many inter-dependable aspects political, technological, economical, social, administrative and legal which has the power to radically reform the way people interact both with public administration and their elected representatives. However, it is imperative to have both a solid policy and a legislative framework in which the intentions of egovernment plan should be clearly described and long-term measures should be laid out precisely. This framework must not focus on specific applications or services, but it should mainly provide the means through which specific applications should be developed spotlighting the attention on personal data privacy, systems security, records management, confidentiality and integrity of information, on what is considered public information and who can be granted access to it and under which circumstances. The implications of the transition from the paperbased to electronic environment should be thoroughly examined, institutionalized and set in force aiming to furnish and strengthen the surveillance of personal data, and at the same time keeping the balance between the degree of surveillance, political correctness and the social acceptance.

2. United States
The government of United States (US) is the biggest producer of government information worldwide, which has to be controlled, checked, stored and be available in every instance. This fact in accordance with its unique administrative format of the horizontal separation of powers (legislative, executive and judiciary) and the vertical separation of government (federal, state and local) induced further problems in information management. For that reason, they have been using the advances in IT for a long time replacing the paper-based system with an automated one, beginning

from the use of mainframes and video-text based systems to public websites and intranets, and of course e-government in all levels of government (Hagen 2004). All legislative provisions adopted the best practices of the private sector enabling agencies to manage their demands on IT solution more efficient and to incorporate them into their mission statements. Agencies must comply with a set of preconditions when introducing IT applications such as the involvement of senior executives to the decision making procedures, the appointment of senior executives as Chief Information Officers (CIOs) to evaluate with measurable methods the IT applications performance, the imposition of the much-needed discipline on the technology expenditure, the redesigning of the inefficient administrative procedures, and the use of measurable methods in order to evaluate the contribution of IT in relation to the accomplishment of mission results. Moreover, there are specific regulations concerning the importance of assuring and improving the security measures and privacy of data and information in federal computer systems (Mullen 2005, p. 583).

2.1 Paper Reduction Act (P.L. No 96-511)

The Paper Reduction Act (PRA), signed by President Jim Carter in December 1980, changed radically the national regulatory framework and policy regarding the information management public administration by providing a national framework on information collection and management giving priorities to issues such as applicable management policies, privacy, paperwork control, records management, automated data processing and telecommunication functions materialized into specific time-table (U.S. Congress 1980). The PRA of 1980 was re-authorised in 1995 (P.L. No 104-13) during the first Presidency of Bill Clinton to correspond to the new demands and to incorporate the advances of IT. In short, the PRA of 1995 aimed to (1) to minimize the publics paperwork burdens resulting from the collection of information by or for the federal government, (2) to coordinate agencies information resources management policies, (3) to improve the dissemination of public information, (4) to improve the quality and use of Federal information (Mullen 2005, p. 588).

2.2 National Performance Review

The first organised attempt to create a national policy on e-government begun in 1993, as Bill Clinton and Al Gore considered it as priority. The National Performance Review, is the first regulatory attempt of United States in which officially the term egovernment is being mentioned. This multi-page document is not a law but a concise policy document, which aimed to create a government that works better and cost

less by empowering employees to put customers first, cutting the red tape that holds back employees and cutting back to basis (National Performance Review, 1993). In order to achieve this purpose, certain primary objectives were set (Hagen 2004, p. 217): 1. Reduction of the budget process 2. Decentralisation of human resources management 3. Reduction of the procurement system 4. Modification of the Inspector General's responsibilities 5. Abolition of unnecessary administrative regulations 6. Strengthening of the states' governments and the local authorities and make them more flexible. From that point forward all the legislation introduced or amended is focusing to the introduction of e-government practices to public administration, and to prepare public administration to smoothly adjust to the new era and to accept the proposed changes.

2.3 Government Paperwork Elimination Act (P.L. No 105-277)

Another very important legislative text is the Government Paperwork Elimination Act (GPEA), signed in October 1998, which made possible for citizens to exchange information with the federal agencies in full electronic format and, at the same time, took provision for the application of electronic signatures. Typically, the GPEA enacted the introduction of US into the e-government era as it specifically noted that by 2003 all agencies should provide full electronic access to their information along with online forms submission and electronic filing as an alternative to the paperbased transactions, which would be continued to exist for those who wanted to use that format. The individual sections of the Act are very interesting as they set the boundaries for the disclosure of information (SEC. 1708) for purpose of business or government practice, or with the prior affirmative consent of the person about whom the information pertains, and also set the basis for the electronic signatures utilization in American public administration (SEC. 1703, 1704, 1706). Especially SEC. 1706 states that the Office of Management and Budget in cooperation with the National Telecommunications & Information Administration should conduct an ongoing study on paperwork reduction, individual privacy and security and authenticity of transaction, the results of which should be submitted to the Congress on periodical basis. Finally, to complement GPEA electronic signatures requirements the Electronic Signatures in Global & National Commerce Law the e-Sign Law was signed by

President Clinton in 2000, which stipulated the interchangeability among paper and electronic forms in doing business giving the opportunity to the citizens to decide which version of government want to deal with, the electronic or the paper-based one (Fletcher, 2002).

2.4 E-Government Act (P.L. No 107-347)

In January 30, 2002 under the new Presidency of George W. Bush the EGovernment Act was signed, which constitutes the first integrated legislative effort to effectively manage the IT practices government-wide and to make government information and services available online in a unified manner aiming to greater efficiency, reduce redundancies, achieve intergovernmental coordination and align IT investments (Seifert, 2008). In general, the E-GA was divided in five (5) Titles which covered the major issues concerning a holistic approach to the implementation of egovernment in management, funding, promotion of services, access, use and preservation of information, privacy and security. The E-GA put US dynamically to the chase of an integrated e-government reality and designated it as a leader country in the e-government map worldwide by establishing an Office of Electronic Government (Title I, par. 3602a) and setting the preconditions for the shift to e-government era covering issues such as federal portals, government information, training of federal workforce, geographic information systems, reporting and many more (Title II). The Title III refers to information security and constitutes the Federal Information Security Management Act. Finally,. In November 2007, the EGovernment Reauthorization Act of 2007 passed, which amended and modernized several sections of E-GA and expanded its activities through the FY2012.

2.5 Open Government Directive (M-10-06)

Satisfying Presidents Obama commitment for a transparent, participative and collaborative government, the Open Government Directive was published in December 8, 2009, which instructed that all federal agencies to apply these principles to their practices. Also, the Directive imposes deadlines for the completion of specific actions, which must have be met by following the steps of (a) publishing government information online, (b) improve the quality of government information, (c) create and institutionalise a culture of open government, and (d) create an enabling policy framework for open government. Finally, the Directive requires from the agencies to prepare an open government plan, which would delineate the methods each agency intents to incorporate the 3 principles to its operations, would report specific actions engaged by each agency towards open government and mention

specific timeline in achieving them (Orszag 2009).

3. European Union
By the end of 1990s, the European officials realized that the policies that would bring the EU in the first line of the economic and entrepreneunial global scene should be applied. By then it was common knowledge that the way to the future was the exploitation of Information and Communication Technologies (ICTs) and the Internet to accelerate the process to implement the new economy, an economy based on Information Society. EU usually promotes its policies via Recommendations and Directives that are not binding legislative documents, but instead they commit the Member-States to accomplish the objectives with means and methods that are more suitable to each Member-State. The main focus was to develop the necessary measures in order all Member-States to be able to reach a high level of new technologies exploitation, which will better serve and develop both national and European economies. Based on that concept, European Community since 1999 has institutionalized several initiatives Action Plans with guidelines on how this transition to digital era in all aspects of everyday life of European citizens should occur, as well as a number of Directives regarding data protection. This policy from one hand is respectful of the political system and tradition of each Member-State but on the other hand creates diversities and disparities among them.

3.1 eEurope Action Plans

The attempt to accelerate European economy via new technologies initiated in 1999 with the first analogous Action Plan eEuropeAn Information Society for All, which set ambitious goals into bringing the benefits of information society to every single European citizen with accelerating the modernisation of European economy and assisting the sectors of employment, growth, productivity and social cohesion. The primary objectives of eEurope were (1) to interconnect every citizen, household, school, business and administration by providing to them the possibility of entering digital era, (2) to create an computer literate Europe supporting, and (3) to ensure that the entire process aims to social inclusion (Liinkanen 2003, p. 70) by setting ten 10 areas of priorities. The priority Government Online provided for the a more easily accessible public information by extending and simplifying Internet access, reduce government expenditure by cutting redtape, create jobs in value-added services providers, and create better Europe-wide market information. Also, the participation of European citizens to the policy making procedures must have been enhanced by establishing

feedback and dialogue along with the establishment of two-way electronic access to basic services enabling the interaction of the citizen with its government (Commission of European Communities 1999). In June 2000 the Action Plan eEurope 2002: Information Society for All was initiated. The aim of the Action Plan was to meet the targets set during the Lisbon European Council in March 2000 by adopting the necessary measures and with deadline for completion the end of 2002. All actions were clustered around three (3) major objectives: (1) a cheaper, faster, secure Internet, (2) investment in people and skills, and (3) stimulate the use of Internet. Again the action Government Online required the efforts of public administration in all levels to exploit the advantages of new technologies to make information accessible, where as Member-States were forced to provide generalised electronic access to public data and main public services, to simplify online administrative procedures for business, promote the use of open source software and electronic signatures in the public sector, and to ensure that all basic transactions with the European Commission must be available online (Council of European Union 2000). The ultimate objective was to remove all constrains hampering the realisation of a pan-european system of public services aiming in increasing efficiency of the public sector, cut costs of transactions, increase transparency and speed up the implementation of standardised administrative procedures. Following the Feira European Council, the Commission prepared the Action Plan eEurope 2005: Information Society for All to succeed the eEurope2002 Action Plan. The proposed eEurope 2005 focused firstly on stimulating services, applications and content covering both networked public services and e-business, and, secondly, addressing the broadband infrastructure by encouraging the widespread availability and use of broadband networks, and moreover the development of Internet protocol IPv6 as well as security matters. From egovernment point of view the proposed actions can be summarised to the establishment of broadband networks to public administrations, the enhancement of interoperability in pan-european level, and the immediate implementation of 20 basic e-government services utilising broadband networks and multi-platform access and re-organising the back-offices of public administration (Commission of European Communities 2002). In April 2006 European Commission published an Action Plan dedicated to egovernment exclusively, the i2010 eGovernment Action Plan: Accelerating eGovernment in Europe for the Benefit of All. This Plan was based and

harmonised with the objectives of i2010 Strategy by soliciting the acceleration of electronic public services development both in national and in European level, preventing the rise of new constrains on the single market due to fragmentation and lack of interoperability, extending the benefits of e-government across Europe, and ensuring cooperation in designing and delivering e-government services. The i2010 eGovernment Action Plan focused on five (5) primary objectives related to electronic public administration designating a detailed description and timeline to accomplish the objectives in cooperation of European Commission, the Member-States and stakeholders accompanied by periodic monitoring, evaluation, review and update of the actions. EU in the middle of an immense economical, social and political crisis put into action the initiative Europe 2020 A Strategy for Smart, Sustainable and Inclusive Growth with primary objective to achieve high level of employment, low carbon economy, productivity and social cohesion (European Commission, 2010). Within this scope, European Commission issued the eGovernment Action Plan 2011-2015: Harnessing ICT to Promote Smart Sustainable & Innovative Government identifying four (4) political priorities as following:

1. Empower citizens and businesses. 2. Reinforce mobility in the Single Market. 3. Enable efficiency and effectiveness. 4. Create the necessary key enablers and pre-conditions to make things
happen. This Action Plan aims to a cross-border eGovernment services provided to all citizens and businesses by creating an environment that promotes interoperability of systems and key enablers such as e-Signatures and e-Identification, by strengthening the digital single market, and by complementing existing legislation in domains like eProcurement, eJustice, eHealth, mobility and social security, whilst delivering concrete benefits to citizens, businesses and governments in Europe (European Commission 2010b).

3.2 The Directives

EU has closely attended the issue of personal data protection since the mid 1990s by building a regulatory framework and inviting the Member-States to harmonise their national legislations and conform with the demands of new technological era. Especially for the creation of a pan-european network of exchanging information on matters of health, administrative procedures or further criminal activities since 1995

EU has issued several Directives on data protection, privacy, surveillance, retention and free movement of such information. The Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data or the Data Protection Directive regulates the processing of personal data within EU regardless of whether such processing is automated or not. The objective of the Directive as stated to Article 1 1 is Member-States shall protect the fundamental rights and freedoms of natural persons, and in particular their right to privacy with respect to the processing of personal data, whereas Member-States shall not restrict or prohibit the free flow of personal data between them. Among its provisions is the introduction of the three (3) principals of transparency, legitimate purpose and proportionality. Namely, the individual (data subject) should be informed when his personal data is being processed (Art. 7a), the data can be processed only for explicit and legitimate purposes (Art. 6b), and the personal data may be processed only insofar as it is adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed (Art. 6c). The 95/46/EC formed the basis for the data protection national legislation of all Member-States, but however as the technology rapidly developed the need for some amendments arose some years after its initial implementation. In July 2002 the Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector or the Directive on Privacy and Electronic Communications was issued to accommodate the new conditions as been formulated by the immense penetration of ICTs in all sectors. The scope of the Directive is to ensure an equivalent level of protection of fundamental rights and freedoms, and in particular the right to privacy, with respect to the processing of personal data in the electronic communication sector and to ensure the free movement of such data and of electronic communication equipment and services in the Community (Art. 1 1). Generally, it complements the 95/46/EC by expanding the regulation to a number of important issues such as confidentiality of information (Art. 5), treatment of traffic data (Art. 6), itemised billing (Art. 7), calling identification (Art. 8), location data (Art. 9), spam (Art. 13) and cookies (Art. 5 3). The 2002/58/EC Directive tried to ensure a technological neutrality of the rule of law aiming to retain the regulatory effect of law to a technological continuously evolving environment, whereas it amplified the protection of confidentiality by the separation between traffic data and location data, which are

treated differently (Mitrou, 2004, p. 371). The Directive 2002/58/EC was amended in several points by the Directive 2009/136/EC issued in November 25, 2009. In March 2006, EU introduced the Directive 2006/24/EC on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC or the Data Retention Directive. According to the Prelude (points 7, 8, 10, 18 and 20) the justification for introducing this Directive lays upon the notion that the retention and processing of traffic and location data can constitute a valuable instrument to the fight against terrorism and organised crime (Tsolias, 2006, p.347). In short, the Directive provides that Member-States should harmonise their national laws with respect to the retention of data which are generated or processed by providers of publicly available electronic communications services or networks, in order to ensure that the data are available for the purpose of the investigation, detection and prosecution of serious crime (Art. 1 1), whilst this provision should apply to traffic and location data retained for both natural and legal persons (Art. 1 2). Member-States should store citizens' telecommunications data for 6 to 24 months stipulating a maximum time period, whereas the police and security agencies will be able access to details such as IP address and time of use of every email, phone call and text message sent or received with a permission granted by a court. However, the Data Retention Directive has stirred up several concerns and questions among the legal, IT and privacy groups Europe-wide concerning its constitutionality and the extent to which the Directive does not violate the Article 8 of the European Convention on Human Rights. At the time of writing, EU is under the process of re-addressing the entire legislative framework concerning data protection and privacy in European Union. For that reason, the Proposal COM(2012) 10 was issued at January 25, 2012, after a long time of consultation with the interested parties, concluding in that EU needs a more comprehensive and coherent policy on fundamental right to personal data protection (European Commission, 2012). As stated in Article 1 1 this Directive lays down the rules relating to the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties. The proposed Directive tries to provide a unified legal framework concerning data protection and their use for criminal purposes, and

simultaneously to quieten the questions arisen with the introduction of the Data Retention Directive.

4. Greece
Greece has since the mid 1990s proceeded towards catching up with the more advanced European countries in terms of using and facilitating the ICTs in economy, employment, commerce and public administration. As a Member-State, Greece has the obligation to conform its policy, regulatory and legal frameworks along with that of EU. In that context, Greek governments have been trying to develop the means with which the Greek public administration would enter the information society and egovernment era. The impetus for the use of ICTs in public administration was given with the 2nd and 3rd Community Support Framework. The efforts during the 2nd period (1994-1999) concentrated mainly to informational government web portals and to supply public administration with technological infrastructure in order for the employees to get familiar with technology and reduce the traditional paperwork. During the 3rd period (2000-2006) some, but not much, transactional e-services were provided by the public administration (Markellos 2007). The 4th programming period started with the launch of the National Strategic Reference Framework in 2007 designating the allocation of EU funds at national level for the 2007-2013 period. So far it has been the most promising in regard to the applications implemented and the remodeling of public administrations procedures. All of the CSFs comprised of several Operational Programs (OP) allocating the European and national funds to the projects. However, many divergences to the implementation were observed between different public organisations and agencies, mainly in the level of streamlining and provision of services to the citizens, whereas even the public services that lead the developments have yet a lot of way for improvement in order to reach the European mean values. The two (2) OP that contributed the most to the implementation of ICTs to public sector and the training of employees in using them were the OP Information Society (OPIS) and OP Digital Strategy 2006-2013. Both these OP especially provided for the implementation of egovernment and the re-engineering of public administration with specific measures and timetable. Equally important is the government-wide implementation of the Greek eGovernment Interoperability Framework (e-GIF), a policy framework determining the principles of e-government services architecture in Greek public administration, and aims to support the development and provision of e-government services to all levels of administration central, regional and local by establishing concrete

conceptual and technical guidelines on how e-government services must be developed, implemented and maintained, enabling the interoperability between systems, procedures and data as well as the availability and accessibility of information.

4.1 Law on E-Government (Law 3979/2011)

The Greek Parliament passed in June 2011 the first law on e-government after almost six (6) months of public consultation and preparation, the Law 3979/2011. This Law is actually the first integrated legislative effort of Greek State to institutionalise in a single text all components administrative, social, political, policy, technical, ethical that affect the seamless and equivalent access to government information and services with the use of ICTs and the Internet. The Law is constituted from 40 Articles and divided in IX Titles, which include provisions for the most crucial administrative issues regarding e-government creating a context that determines the responsibilities and privileges of all sides involved as well as a defined framework on e-government within which both public administration and operators can legally perform their electronic transactions. The scope as stated in Article 1 is two-fold: (a) the recognition of the right of each individual and private entity to communicate and transact with the public organisations via the use of ICTs, and (b) the regulation of ICTs usage by public organisations within the scope and needs derived from their adminstrative operation and the support to exercise their powers and transactions. The principals of legitimacy, good governance, transparency and authenticity is introduced, whereas the security of systems and data, the availability of licenses and government information, and the user-friendly applications with care for the access of special populational groups such as the disabled or the elderly is under consideration. (Art. 4 1-7). In regard to surveillance, Title IV namely Articles 7 to 10 refers to personal data privacy in accordance with the Law 2472/1997, the access right to public information, and the right to use ICTs when communicating with public administration. Especially to personal data privacy, it is explicitly mentioned that further usage of personal data than this of statistical reasons or for the improvement of the provided services is permitted either by doing the data anonymous or with the writing consent of the interested part (Art. 8 1).

4.2 Law on Personal Data Protection (Law 2472/1997)

In April 1997 the Greek Parliament established the Law 2472/1997 harmonising Greek legislation with the EU Directive 95/46/EC on terms of personal data protection and privacy. According to Article 1 the purpose is the adoption of the requirements for personal data processing with regard to the protection of rights and fundamental liberties of individuals and, especially, of private life. Also following the guidelines of the corresponding Directive, there is no distinction between the automated or not processing (Art. 3 1), whereas the individual articles determine the issues of personal data (Art. 4), the processing requirements (Art. 5), the processing of sensitive data (Art. 7), the transborder transaction of personal data (Art. 9) and the privacy of processing (Art. 10). Also, in Title III (Art. 11-14) the rights of the data subject are described explicitly as the informative right, the access right, the objection right, and the right to temporary judicial protection. In general, Law 2472/1997 is a successful attempt on a very delicate subject by setting the foundation for prevention of illicit personal data protection and forms the basis of consideration when it comes to design and implement e-governmentservices that require the processing of personal data.

4.3 Law on Personal Data Protection and Privacy at Electronic Communications Sector (Law 3471/2006)
In June 2006, Greek Parliament voted Law 3471/2006 which harmonises national legislation with the EU Directive 2002/58/EC and amends the existing Data Protection Law. The Law 3471/2006 to each first Chapter (Art. 1-17) complements Law 2472/1997, instead of replacing it, by expanding it to incorporate the provisions of the Directive 2002/58/EC on the personal data protection and privacy of electronic communications in public networks (Art. 3 1). The provisions on privacy (Art. 4), rules of processing (Art. 5), treatment of traffic and location data (Art. 6), itemised billing (Art. 7), calling identification (Art. 8), and spamming (Art. 12) are based on those of the corresponding Directive, but at the same time are incorporated according to the Greek both legislative and social tradition. The second Chapter of the Law amends several points of Law 2472/1997 under the spectrum of conforming with the requirements as imposed of the new electronic environment and the penetration of ICTs in all sectors of life. However, Law 2472/1997 is still in force for personal data processing that is being realised by no publicly available electronic communications (Art. 3 1).

4.4 Law on Personal Data Retention (Law 3917/2011)

Following the instructions of EC, Greece adopted Directive 2006/24/EC in February 2011, as the Law on Personal Data Retention. The Law specifically refers that the providers of publicly available electronic communications services or of public communications networks should retain and make available the traffic and location data of both physical and legal entities for identifying severe crimes as they defined by Law 2225/1994 (Art. 1 1 & Art. 4). Article 5 defines the specific categories of data to be retained, whereas Article 6 designates the retention period for 12 months beginning from the date of communication where the Greek legislator choose the via media of retention time on the proposed of 6 to 24 months of the corresponding Directive. The remaining articles refer to the obligations of the providers on matters of protection and privacy (Art. 7), the methods of retention and transmission of data (Art. 8), the surveillant Authorities (Art. 9) and the liability and penalties (Art. 12 & 13). Generally, Data Retention Directive was introduced into Greek legislation after with delay, mainly due to the objections raised regarding the constitutionality of both the Directive and the Law, as according to Article 19 1 of the Greek Constitution the privacy of communication is being abolished for the identification of committed crimes, whereas the Directive retains all data preventive in case that severe crimes will occur (Tsolias 2006). It should be mentioned again that the Greek legislator indicates that the severity of the crimes is subject to the provision of the Law 2225/1994 on the protection of freedom of reciprocation and communication.

Conclusions
The advent of e-government made governments worldwide to rush into adopting its principles by introducing ICTs into public administration aiming to provide online, seamless, equal, continuous, horizontal, agency independent and qualitative access to services. However, the components of legislation, regulation, politics as well as the society itself should be kept in balance so as to provide access without revealing too much information on your subject data. On the front of surveillance, several efforts have been made in order to designate the legislative and regulatory concept with which public agencies should conform when designing and implementing IT applications. Most countries have legislated on issues as data protection, communications privacy, systems security, information management trying to on one hand to accommodate the introduction of the electronic environment and on the other hand to maintain a secure environment for communicating and transacting. However, there have been incidents where for the shake of preventive tactics, legislators and officials have gone one step further on

terms of which personal data should be retained and used, i.e. USA Patriot Act and the Data Retention Directive. The main issue for all involved bodies should be to find the golden mean between reserving the individuals privacy, enhancing data protection and providing a secure electronic environment which will guarantee communication without jeopardising or snooping around personal data.

References 1. Andersen, Kim Viborg. E-government and Public Sector Process Rebuilding. New
York: Springer Science, 2005.

2. Commission of European Communities, eEurope An Information Society for

All, accessed April 2012. (1999) http://europa.eu/legislation_summaries/information_society/l24221_en.htm,

3. Commission of European Communities, eEurope 2005 An Information Society

for All, COM(2002) 263 final, (May 28, 2002). http://ec.europa.eu/information_society/eeurope/2002/news_library/documents/e europe2005/eeurope2005_en.pdf, accessed April 2012.

4. Commission of European Communities, i2010 eGovernment Action Plan,

COM(2006) 173 final, (April 25, 2006). http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2006:0173:FIN:EN:PDF, accessed April 2012.

5. Council of European Union, eEurope 2002 An Information Society for All,

(June 6, 2000). http://ec.europa.eu/information_society/eeurope/2002/documents/archiv_eEurop e2002/actionplan_en.pdf, accessed April 2012.

6. European Commission, Europe 2020, COM(2010) 2020 final, (March 3,

2010). http://eur-lex.europa.eu/LexUriServ/LexUriServ.do? uri=COM:2010:2020:FIN:EN:PDF, accessed April 2012.

7. European Commission, The European eGovernment Action Plan 2011-2015,

COM(2010) 743, (December 15, 2010). http://ec.europa.eu/information_society/activities/egovernment/action_plan_2011_2015/docs/action_plan_en_act_part 1_v2.pdf, accessed April 2012.

8. European Commission, Proposal for a Directive on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such

data, COM(2012) 10 final, (January 25, 2012). http://ec.europa.eu/homeaffairs/doc_centre/police/docs/com_2012_10_en.pdf, accessed April 2012.

9. European Commission. ICT for Government and Public Services. European

Commission website. http://ec.europa.eu/information_society/activities/egovernment/index_en.htm, accessed April 2012.

10. European Parliament, Directive 95/46/EC, L. 281/31, (October 24, 1995).

http://ec.europa.eu/justice/policies/privacy/docs/95-46-ce/dir199546_part1_en.pdf, accessed April 2012.

11. European Parliament, Directive 2002/58/EC, L. 201/37, (July 12, 2002).

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do? uri=OJ:L:2002:201:0037:0047:EN:PDF, accessed April 2012.

12. European Parliament, Directive 2006/24/EC, L. 105/54, (March 15, 2006).

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do? uri=OJ:L:2006:105:0054:0063:EN:PDF, accessed April 2012.

13. Fang, Zhiyuan. E-Government in Digital Era, International Journal of The

Computer, 2011. The Internet and Management 10, no. 2 (2002): 1-22. http://www.ijcim.th.org/past_editions/2002V10N2/article1.pdf, accessed February

14. Fletcher, Patricia Diamond. The Government Paperwork Elimination Act,

International Journal of Public Administration 25, no. 5 (2002): 723-76. INFORMAWORLD, accessed April 2012.

15. Hagen, Martin. Electronic Government in the United States. In National

Electronic Government, eds. M. Eifert and J.O. Puschel. London: Routledge, 2004.

16. Hellenic Republic, Law 2472/1997, Official Gazette A 50, (April 10, 1997). 17. Hellenic Republic, Law 3471/2006, Official Gazette A 133, (June 28, 2006). 18. Hellenic Republic, Law 3917/2011, Official Gazette A 22, (February 21,
2011).

19. Hellenic Republic, Law 3979/2011, Official Gazette A 138, (June 16, 2011). 20. Liinkanen, Erkki. eGovernment. In The World of E-Government, eds. G.G
Curtin, M.H. Sommer and V. Vis-Sommer. New York: Haworth Press, 2003.

21. Markellos, Konstantinos, Penelope Markellou, Angeliki Panayiotaki, and Eirini

Stergianeli. Current State of Greek E-Government Initiatives. Journal of Business Systems, Governance and Ethics 2, no. 3 (2007): 67-88. JBSGE website via Victoria University, accessed February 2011.

22. Milward, Brinton H., and Louise Ogilvie Snyder, L. O. Electronic

Government. Journal of Public Administration Research and Theory 6, no. 2 (1996): 261-275. OXFORD JOURNALS, accessed April 2012.

23. Mitrou, Lilian. E nea Odegia 2002/58/EC gia ten Prostasia tes Idiotikes Zoes
stis Electronikes Epikoinonies (The new Directive 2002/58/EC on the Protection of Privacy to Electronic Communications). Dikaio Meson Enemeroses kai Epikoinonias 3 (2004): 371-375, in greek.

24. Mullen, Patrick R. US Performance-Based Laws. International Journal of

Public Administration 28, nos, 7, 8 (2005): 581-598. INFORMAWORLD, accessed April 2012.

25. National
Technology,

Performance

Review,

Reengineering

through

Information 1993).

(September

http://govinfo.library.unt.edu/npr/library/reports/it.html, accessed April 2012.

26. Orszag, Peter R. to the Heads of Executive Departments and Agencies,

memorandum regarding Open Government Directive, 8 December 2009, Office of Management and Budget. Office of Management and Budget. http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m1006.pdf, accessed April 2012.

27. Pardo, Theresa. Realizing the Promise of Digital Government. iMP

Magazine, October 2000. http://www.cisp.org/imp/october_2000/10_00pardo.htm, accessed April 2012.

28. Seifert, Jeffrey W. and R. Eric Petersen. The Promise of All Things E?.
Perspectives on Global Development and Technology 1, no. 2 (2002): 193-212.

29. Tsolias, Gregores. H Diaterese kai Epexergasia Dedomenon ston Tomea ton
Electronikon Epikoinonion symfona me ten Odegia 2006/24/EK (The Retention and Process of Data in Electronic Communications Sector according to the Directive 2006/24/EC). Dikaio Meson Enemeroses kai Epikoinonias 11 (2006): 347-352, in greek.

30. U.S. Congress., House, Paperwork Reduction Act of 1980, HR 2812, Public
Law 2012. 96-511, (December 11, 1980). http://www.thecre.com/pdf/Carter_PaperworkRedAct1980.PDF, accessed April

31. U.S. Congress., Senate, Paperwork Reduction Act of 1995, S. 244, 104th
Congress, Congressional Record 141, (May 22, 1995): SEC 3501-3510. http://www.reginfo.gov/public/reginfo/pra.pdf, accessed April 2012.

32. U.S. Congress., House, Government Paperwork Elimination Act of 1998, HR

4328, 105th Congress, 1st sess., Congressional Record 144, (October 21, 1998):

SEC 1701-1710. http://www.cio.gov/documents/paperwork_elimination_act.html, accessed April 2012.

33. U.S. Congress., House, E-Government Act of 2002,. HR 2458, 107th

Congress, 2nd sess., Public Law 107-347 (January 23, 2002). http://csrc.nist.gov/drivers/documents/HR2458-final.pdf, accessed April 2012.

34. U.S. Congress., Senate, E-Government Reauthorization Act of 2007, S. 2321,

110th Congress, 1st sess., (November 7, 2007). http://www.gpo.gov/fdsys/pkg/BILLS-110s2321is/pdf/BILLS-110s2321is.pdf, accessed April 2012.

35. United

Nations.

E-Government

Survey

2012.

http://unpan1.un.org/intradoc/groups/public/documents/un/unpan048065.pdf, accessed May 2012.

36. Zobel, Rosalie. E-government. In Online Citizenship, eds. E. Di Maria and

St. Micelli. New York: Springer, 2005.