Curriculum Vitae
Associate Professor Lilian Mitrou

Personal information

Surname/First name /

Lilian Mitrou

(Private) Address / Karlovassi- Samos
Telephones / (+30) 2273082250 / Mobile: (+30) 69.44.282952
Fax / (+30) 2273082009
e-mail / (web site: www.icsd.aegean.gr)
Nationality / Greek
Place and date of birth / Athens, Greece – December 14, 1964

Work experience

Dates / 2004-
Position held / Associate Professor of Privacy and Information Law
University of the Aegean (Dept. of Information and Communication Systems Engineering)
2008-
Visiting Assistant Professor
Athens University of Economics & Business (Dept. of Informatics):
2010-
Visiting Associate Professor
University of Piraeus (Dept of Digital Systems)
(2010-)
Main activities and responsibilities / Research, Teaching, Management (Member of the University Council)
Teaching experience
/ 2000-2010 National Academy of Public Administration
Public Law in Information Society (2000-2010)
2001-2008 National and Kapodistrian University of Athens – Law School
Privacy and Data Protection (– Postgraduate Studies)
2004-2006- Ionian University – Dpt of Archives and Libraries
Information Management (– Postgraduate Studies)
Other positions held / June 2013-
Head of the Greek Delegation at Working Party on Information Exchange and Data Protection (Council of the European Union)
2010 -
Member of the Council of the General State Archives
1999-2003
Position held / Member of the Board (Executive), Data Protection Commission of Greece.
2000-2004
Position held / Member of the Board of Information Society S.A.
Main activities and responsibilities / Management
1996-2004
Position held / Αdvisor to the Prime Minister K. Simitis / Chief of the Organisation and Management Office
Main activities and responsibilities / Fields : Information Society, Public Administration, Coordination of governmental actions
The Prime Minister’s Office

Education and training

1989-1993
Title of qualification awarded / PhD under the supervision of Prof. S. Simitis
(with Distinction: “summa cum laude”)
Principal subjects / Privacy, Data Protection, Data Protection Models in Europe with emphasis on Germany and France
Law School of Johann Wolfgang Goethe Universitaet Frankfurt - Germany
1982-1987
Title of qualification awarded / Degree (with Distinction )
Principal subjects / Law
Law School, National and Kapodistrian University of Athens
Personal skills and competences
Mother tongue / Greek
Other language
Self-assessment /
Understanding
/ Speaking / Writing
Listening / Reading / Spoken interaction / Spoken production
English
/ C1 / C1 / C1 / C1 / C1
German
/ C2 / C2 / C2 / C1 / C2
French
/ C1 / C1 / B2 / B2 / C1
Selected Regulatory projects (National)
Ministry of Justice
Member of the Preparatory Committee working on the draft-law on the electronic
surveillance of accused and convicted persons (2012)
Member of the Preparatory Committee working on the transposition of
Directive 2009/136/EC (part concerning the amendment of Directive 2002/58/EC) –
Law 4070/2012
Member of the Preparatory Committee at the Ministry of Justice, working on the
transposition of Council Framework Decision 2008/977/JHA of 27November 2008
on the protection of personal data processed in the framework of police and judicial
cooperation in criminal matters.
Member of the Preparatory Committee at the Ministry of Justice, working on the
transposition of the Directive 2006/24/EC (Data Retention Directive)- Law 3917/11
Member of the Preparatory Committee working on the transposition
of the Directive 2002/58/EC on privacy in electronic communications –Law 3471/06
Member of the Preparatory Committee working on the transposition
of the Directive 97/66/EC on privacy in the telecommunications sector – Law 2774/99
Member of the Preparatory Committee working on the transposition
of the Directive 95/46/EC (Data Protection Directive)- Law 2472/97
Ministry of Interior, Decentralisation and Electronic Government
Study-Drafting of Law 3979/11 on Electronic Government
Study-Drafting of Law 3861/2010 on the Publication of State authorities and bodies Decisions on the Internet.
Ministry of Transports, Infrastructure and Networks
President of the Regulatory Committee working on the drafting of a National Electronic Communications Security Plan
Ministry of Labour and Social Insurance
Study-Drafting of Law 3892/2010 on Electronic Prescriptions
SELECTED R& D PROJECTS
No. / PROJECT BRIEF DESCRIPTION / Year /
1 / European Union
FP5 / eVOTE: An Internet-based Electronic
design, implement, test, and validate an Internet-based electronic voting system / 2001-2004
2 / EU
6th Framwork
Programma / SPIDER (Spam over Internet Telephony Detection Services) / 2006-2008
3 / EU - 7th Framework Programme, ICT for Health / RADICAL
Virtual Physiological Human
Road mapping technology for enhancing security to protect medical & genetic data / 2008-2010
4 / ΕU - Fundamental Rights Agency / Study on assessment of data protection measures and relevant institutions in Greece / 2008-2009
5 / European Commission Directorate – General Justice, Freedom and Security / Comparative study on different approaches to new privacy challenges, in particular in the light of technological developments / 2008-2009
6 / FP 7 SE / PACT - Public Perception of Security and Privacy: Assessing knowledge, collecting evidence, translating research into action / 2011-2014
7 / European Union
FP 7
THEME [SiS.2012.1.3.3-1 SiS.2012.1.3.3-1 PEOPLE] / RESPONSIBILITY
Global Model and Observatory for International Responsible Research
and Innovation Coordination " / 2013-2016
8 / European Union
FP 7 / Greek Cybercrime Center
Training-Research-Education / 2013-2015
No. / PROJECT BRIEF DESCRIPTION / Year /
1 / Greek Presidency of the European Union 2003 / Public Key Infrastructure Services in the Public Sector of the European Union Member States / 2003
2 / Greek Lottery Organization / Study, Design and Implementation of a Comprehensive Security Plan for the Greek Lottery S.A
Development of an integrated security and business continuity plan / 2004-2005
3 / Hellenic General Secretariat for Research and Technology

Hellenic Social Research Center

/ Public Sector Information for Research
Purposes:
Intellectual Property and Data Protection Issues / 2004-2005
4 / Cadastre S.A/ / Study on the Use of Cadastre
Information

Drafting of a Regulation concerning the use of Cadastre Information

/ 2004-2005
5 / Ministry of Interior
General Secretary for Public Safety / Study – Assessment of regulatory framework concerning crisis and natural destructions management / 2006
6 / Hellenic General Secretariat for Research and Technology
National Documentation Center / PERIKTIONI - Mapping the Feminine Research Work Force / 2006-2007
7 / Information Society S.A. / The Greek e-Government Digital Authentication framework / 2007-2008
8 / Ministry of Public Administration –
European Public Law Organisation / Legal framework for
e-government services / 2007-2008
9 / Republic of
Cyprus
National Public
Administration
Academy / E-Government
Educational Programs on legal issues of e-government for Cypriot Public Administration / 2007-2008
10 / Ministry of Interior and Public Administration / Internet voting and online public consultation / 2007
11 / Ministry of Interior and Public Administration / Smart Cards in Social Securitz and Health Sector / 2007
12 / Hellenic
Telecommunications
And Post
Commission / Evaluation of the Greek Qualified Digital Certificate Providers / 2007-2009
13 / Hellenic General Secretariat for Research and Technology

Hellenic Social Research Center

/ National Research Network and Participation to the development of the European Research Infrastructure CESSDA_RI - So.Da.Net»
( Social Sciences and Humanities )- / 2010
14 / Hellenic General Secretariat for Research and Technology
Greek Research
And
Technology
Network / Intellectual Property Issues in relation to Digital Content for educational purposes / 2010
15 / Ministry of
Interior,
Decentralisation and
Electronic Government / Study concerning Public Disclosure of the names of accused/convicted persons and debtors / 2011
16 / Republic of
Cyprus
National Public
Administration
Academy / E-Government
Consulting and Education / 2007-2008
17 / Greek General Secretariat for Research and Technology / SPHINX
VOIP - : Distinction between Humans and Machine through interactive audio means / 2011-2013
18 / Ministry of
Interior,
Decentralisation
and
Electronic Government / Digital Agenda – Comparative Study on digital market, impacts on society and international aspects of Digital Agenda / 2012-2013
19 / Republic of Cyprus / Revision of the Cyprus Government Information Systems Security Strategy
Development of a Government Security Policy / 2013-2014

SELECTED PUBLICATIONS

BOOKS:

L. Mitrou, Publicity of Sanctions and Sanction of Publicity , Athens-Thessaloniki, 2012
L. Mitrou, The Law in the Information Society, Athens-Thessaloniki, 2002
L. Mitrou, The Data Protection Authority, Athens 1999
L. Mitrou,“The Development of Data Protection Institutional Control - Models and Instances of control in Federal Republic of Germany and France“ Reihe: Frankfurter Studien zum Datenschutz, Nomos Verlagsgesellschaft, 1993 (German title: Die Entwicklung der insitutionellen Kontrolle des Datenschutzes- Kontrollmodelle und Kontrollinstanzen in der BRD und Frankreich), Baden-Baden, 1993
CHAPTERS IN BOOKS

L. Mitrou, The Impact of Communications Data Retention on Fundamental Rights and Democracy, in Κ. Haggerty/ M. Samatas (eds)., Surveillance & Democracy, Routledge London 2010

L. Mitrou and M. Karyda, Bridging the gap between employee’s surveillance and privacy protection- Gupta M. and R. Sharman(ed.), Social and Human Elements of Information Security: Emerging Trends and Countermeasures, Information Science Reference (IGI Global), Hershey-New York 2009, pp. 283-300

S. Gritzalis and L. Mitrou, Content Filtering Technologies and the Law, in J.Lopez et al (eds.), Securing Information and Communication Systems: Principles, Technologies and Applications, Artech House Books, Boston 2008, pp. 243-265
L. Mitrou, “Data retention: a means to safeguard security or restriction of fundamental rights and freedoms?”, in A. Acquisti/S. De Capitani di Vimercati/S. Gritzalis/C. Lambrinoudakis (Eds.), Digital Privacy: Theory, Technologies and Practices, Auerbach Publications, 2008
G. F. Marias, M. Theoharidou, J.Soupionis, S. Ehlert, L. Mitrou and D.Gritzalis, “SIP Vulnerabilities for SPIT, SPIT Identification Criteria, Anti-SPIT Mechanisms Evaluation Framework and Legal Issues” (with, and), in Syed Ahson and Mohammad Ilyas, SIP Handbook: Services, Technologies and Security, CRC 2008
L. Mitrou The new regulation of videosurveillance (Law 3625/07) in public places and the competences of the (Greek) Data Protection Authority, in I. Kamtsidou (ed), The electronic surveillance of public places, Athens-Thessaloniki 2008, pp. 101-150 (in Greek)
L. Mitrou Privacy and Security, in 125 Years of Legal Council of State, Athens – Komotini 2008, pp. 729-758 (in Greek)
L. Mitrou Biobanks: Research and Data Protection”, in G. Papadimitriou (ed.), Genetic Data Protection,Athens-Thessaloniki, 2008, pp. 19-73 (in Greek)
L. Mitrou New Technologies and institutional guarantees for citizens’ rights, in M. Kranidioti (ed.), New Technologies and Individual Rights and Freedoms, Athens-Komotini 2008, pp. 91-107 (in Greek)
L. Mitrou, A. Takis, T, Vidalis New Technologies and Fundamental Rights”,, in Center for European Constitutional Law, Five Years after the Amendment of the Constitution (2001), Athens 2006, Vol. 1, (in Greek), pp. 273-31 2
L. Mitrou,The right to participate to Information Society, in G. Papadimitriou, The right to participate to Information Society, Athens-Thessaloniki 2006, pp 35-56. (in Greek)
L. Mitrou, “ Data Protection in Greece”, in Holvast/Madsen/Roth (Eds.), The Global Encyclopaedia of Data Protection Regulation, Kluwer Law International – 20002002, p. 43-62
L. Mitrou “(Self-)Regulation in Cyberspace?” in Papachristou Th a.o., Self-regulation, Athens, 2005, p. 75-97
L. Mitrou, D. Gritzalis, S. Katsikas, G. Quirchmayr, e-voting: Constitutional and legal requirements and their technical implications”, in D. Gritzalis (ed.), Secure Electronic Voting, Kluwer 2002, p. 43-62
L. Mitrou “The jurisprudence of the Council of State in the field of data protection” in Council of State, 75 Years Council of State, Athens-Thessaloniki 2004, p. 343-362
JOURNAL PUBLICATIONSMylonas A., Meletiadis V., Mitrou L., Gritzalis D., “Smartphone sensor data as digital evidence”, Computers & Security (Special Issue: Cybercrime in the Digital Economy), Vol. 38, pp. 51-75, October 2013
Mitrou L., Privacy by Design (in Greek), Media and Communication Law 37 (2013), pp.14-25
Κosta, Ch. Kalloniatis, L. Mitrou and S. Gritzalis, Data Protection Issues pertaining to social networking under EU law, Transforming Government, Vol. 4 (2), 2010, σελ. 193-201 (Emerald).
E. Kosta, Ch. Kalloniatis, L. Mitrou, E. Kavakli, The “Panopticon” of search engines: the response of the European data protection framework, Requirements Engineering 2010
M Karyda, L. Mitrou and G. Quirchmayr A framework for outsourcing IS/IT security services”, Information Management and Computer Security, Vol. 14, No 5 (2006), pp. 402-414
L. Mitrou and M. Karyda, Employees’ privacy vs. employers’ security: can they be balanced?, Telematics and Informatics, Vol. 23 Issue 2006 , pp. 164-178
L. Mitrou The new Electronic Privacy Directive (2002/58/EC), Law of Information and Communication Media (Dikaio Meson Enimerosis kai Epikoinonias) 3/2004, pp. 371-375 (in Greek)
L. Mitrou, “Das griechische Datenschutzgesetz als Beispiel einer „problemlosen“ Umsetzung der EU – Datenschutzrichtlinie“ in «Recht der Datenverarbeitung» 2/98, pp. 56-63
CONFERENCES PUBLICATIONS
Mitrou L., Naming and Blaming in Greece: Social Control as Law Enforcement Tool, Webster W. et al. (Eds.), “Living in Surveillance Societies” Proceedings of LISS Conference, pp. 247-258, Great Britain 2013,
Kandias M., Stavrou V., Bozovic N., Mitrou L., Gritzalis D., "Can we trust this user? Predicting insider’s attitude via YouTube usage profiling", in Proc. of the 10th IEEE International Conference on Autonomous and Trusted Computing (ATC-2013), IEEE Press, Italy, December 2013
Kandias M., Stavrou V., Bosovic N., Mitrou L., Gritzalis D., “Predicting the insider threat via social media: The YouTube case”, in Proc. of the 12th Workshop on Privacy in the Electronic Society (WPES-2013) (short paper), ACM Press, Berlin, November 2013
Lalas E., Mitrou L., Lambrinoudakis C.,"ProCAVE: Privacy-Preserving Collection and Authenticity Validation of Online Evidence", in Proc. of the 10th International Conference on Trust, Privacy & Security in Digital Business (TRUSTBUS-2013), pp. 137-148, Springer(LNCS 8058) Chech Republic, August 2013
Kandias M., Mitrou L., Stavrou V., Gritzalis D., “Which side are you on? A new Panopticon vs. privacy”, in Proc. of the 10th International Conference on Security and Cryptography (SECRYPT-2013), pp. 98-110, Samarati P., et al. (Eds.), Iceland, July 2013
Kandias M., Galbogini K., Mitrou L., Gritzalis D., "Insiders trapped in the mirror reveal themselves in social media", in Proc. of the 7th International Conference on Network and System Security (NSS 2013), pp. 220-235, Springer (LNCS 7873), Spain, June 2013
L. Mitrou and M. Karyda, EU΄s Data Protection Reformand the right to be forgotten - A legal response to a technological challenge? 5th International Seminar on Information Law (June 2012- Proceedings)
L. Mitrou, Naming and Shaming in Greece: Social Control, Law Enforcement and the Collateral Damages of Privacy and Dignity, Proceedings of the 8th International Conference on Internet,Law & Politics. Barcelona, 2012, pp. 453-466
Mylonas A., Meletiadis V., Tsoumas B. Mitrou L., Gritzalis D., "Dynamic evidence acquisition for smartphone forensics", in Proc. of the 27th IFIP International Information Security and Privacy Conference, Springer (IFIP AICT376), Greece, June 2012.
Maria E. Skarkala, Manolis Maragoudakis, Stefanos Gritzalis and Lilian Mitrou, Privacy Preserving Tree Augmented Naïve Bayesian Multi – party Implementation on Horizontally Partitioned Databases, 8th International Conference on Trust, Privacy and Security in Digital Business (TrustBus 11), Proceedings 2011, σελ. 62-73
L. Mitrou, Privacy challenges and perspectives in Europe, σε Μ. Bottis (ed.) An Information Law for the 21st Century (Proceedings of Third International Seminar on Information Law), Athens 2011, σελ. 220-236
E. Kosta, C. Kaloniatis, L. Mitrou, E. Kavakli Search engines: gateway to a new “Panopticon”?, Trust, Privacy and Security in Digital Business, Lecture Notes in Computer Science, Springer Berlin Heidelberg 2009
L. Mitrou The Commodification of the Individual in the Internet Era: Informational Self-determination or “Self-alienation”? in Proceedings of 8th International Conference of Computer Ethics Philosophical Enquiry (CEPE 2009), 2009, pp. 466-484
Drogaris, D. Geneiatakis, S. Gritzalis, C. Lambrinoudakis, L. Mitrou, Towards an Enhanced Authentication Framework for e-Government Services: The Greek Case (with P. is), Proceedings of the EGOV’ 08 -7th International Conference on Electronic Government, Torino September 2008, Trauner Verlag pp. 189-196
M. Karyda and L. Mitrou, Internet Forensics: Legal and Technical Issues (with Μ. Karyda) Proceedings - 2nd Annual Workshop on Digital Forensics and Incident Analysis (WDFIA 2007), pp. 3-12
L. Mitrou, D. Gritzalis, S. Katsikas Revisiting legal and regulatory requirements for e-voting , in Proc. of the 17th IFIP International Information Security Conference (SEC-2002), M. Εl-Hadidi (Ed.), Kluwer Academic Publishers, Egypt, May 2002, p. 469-480

December 2013