Dr. George Danezis writes:
1) None of the safeguards actually worked, to detect or find the perpetrators. The wiretaps were discovered allegedly in a routine control by Vodaphone. The minister admitted that if the CEO of Vodaphone had chosen to say nothing, no one would have ever known.
2) Many questions (and surveys) are asked about how to provide assurance that this is not going to happen again. The government keeps repeating that this is a matter that has legal and constitutional solutions, and if necessary says that it will strengthen these. At the same time (a) the role of the governments (there were many) that promoted laws / regulation / standards that introduce these systemic vulnerabilities are never addressed (b) The possibility to build and deploy security technology for everyone (the PM is already using it apparently — so they are not worried) has never been mentioned…
3 ) The oversight structures that proved useless turn out to be very close to the British ones. They have a Data Protection Authority, a 'Confidentiality of Communications Commissioner' who in fact is a surveillance commissioner, etc. The government has used them as a fig leaf to take away responsibility, so drawing the parallels between the Greek and potential UK issues would be interesting.