Bonum Certa Men Certa

Specialists in Public International Law Bemoan Privacy Violations at the European Patent Office



Bretton Woods Law



Summary: Some privacy takeaways from the analysis of Bretton Woods Law (commissioned by EPO staff) and more examples of serious privacy violations inside the European Patent Office

PRIVACY is significantly eroded by authoritarian regimes for the purpose of crushing dissent and the European Patent Office (EPO) is no exception. Eponia is highly authoritarian and it even hired autocrats like Željko Topić for top positions. A lot of the illegal surveillance inside the EPO began or culminated around the time people were chatting about criminal charges against him (for sure a story worth telling one day).



A letter was sent to Heiko Maas, Federal Minister of Justice and Consumer Protection in Germany, just over a couple of months ago. "A SUEPO lawyer addressed Heiko Maas and informed him of the latest reforms and developments at the EPO," explained an insider. Suffice to say, Maas has done virtually nothing (he has a reputation for this in Germany), but let's assess the privacy violations based on another legal office. A few days ago we saw the following new comment in IP Kat:

The EU data protection Regulation does not apply everywhere in Europe. For example, the European Patent Organisation (EPO) has its own data protection Regulation.

The document “BREACHES OF BASIC AND FUNDAMENTAL RIGHTS AT THE EPO” by Bretton Woods Law (Specialists in Public International Law) explains (from page 17 to 23) why the EPO data protection regulation fails to meet the standards of both EU data protection law and the national data protection laws of the Contracting States.

https://www.suepo.org/documents/43577/55400.pdf

Summary of deficiencies in the current EPO data protection framework:

- Fundamental rights: The reference to the respect of fundamental rights had been removed from the EPO data protection regulation (page 18).

- Lack of independent oversight: At the EPO there is no independent supervisory authority. The EPO president supervises himself the data processing he has implemented. (page 21)

- Change of purpose: The EPO data protection regulation allows the EPO President unilaterally to decide that data may be processed for purposes other than those for which they have been collected.(page 21)

- Transmission to recipients outside the European Patent Organisation: The EPO President may authorise a transfer or a set of transfers of personal data to a third country or international organisation which does not ensure an adequate level of protection.(page 21)

- Lack of any effective means of redress in circumstances where the rights of data subjects are infringed (see pages 22 and 23 - the intervention by the German data protection authorities).

Conclusion: A wide range of personal data from both patent applicants and EPO staff are processed at the EPO. The situation at the EPO falls far below the standards expected and the rights enjoyed by citizens in the rest of Europe.



The above reminded us of what the EPO does with Europatis -- a scandal which we covered here last year in the following articles:

  1. Jacques Michel (Former EPO VP1), Benoît Battistelli's EPO, and the Leak of Internal Staff Data to Michel's Private Venture
  2. Europatis: “Turnover of €211,800 and Zero Employees”
  3. Loose Data 'Protection' and Likely Privacy Infringements at the EPO: Here's Who Gets Employees' Internal Data
  4. Summary of the EPO-Europatis Series
  5. Revolving Doors of High-Level EPO Management: Jacques Michel and the Questel Deal With the EPO


Privacy violations are so serious inside the EPO that detailed accounts of mock trials or investigations are being 'leaked' by EPO management to the media, in order to essentially defame the accused (a judge in one case). One of the reasons for strong data protection around one's medical record is the potential for blackmail and discrimination. In light of this we're reminded of a document we saw several months ago (it's a letter to Mr. Topić actually). It spoke about the unacceptable state of medical data protection at the EPO (it would be totally unthinkable at the USPTO). Here is the complete text

European Patent Office | 80298 MUNICH | GERMANY

Mr Željko Topic Vice President DG4

R. 707

European Patent Office 80298 Munich Germany Central Staff Committee Comité central du personnel Zentraler Personalausschuss Tel. +49 -89- 2399 - 4355 +43 -1-52126 - 305 +49 -30-25901 - 800 +31 -70-340 - 2028 centralSTCOM@epo.org Reference: sc16075cl –0.3.1/4.3 Date: 14.04.2016

Nomination of Ms R. de Greiff as Director Health and Safety

Dear Mr Topic,

On 24 March 2016 you announced on the Intranet the appointment of Ms Raffaella de Greiff as new Director Health and Safety with effect from 1 April 2016, this after serving as ad interim Director of one of the two EPO medical departments since Dr Koopman retired almost two years ago.

Ms de Greiff has a degree in “industrial relations” but no medical qualification. A non-medical person can manage a medical unit, but normally only subject to certain strict requirements:

● medical confidentiality is respected; ● non-medically qualified managers do not have access to any medical information; ● medical files and H&S staff when handling such files remain under the direct supervision of medical doctors; ● medical doctors remain free to carry out their medical duties without interference from managers in medical issues.

So far, the Office has not introduced any such formal guarantees and safeguards.

We refer in particular to the Gazette of January 2016, page 20, which includes a diagram showing that the units that administer such medical files (“Medical advisory and general administration” and “Occupational health and safety”) are under the direct authority of the Health & Safety Director and not of the medical doctors (medical advisor or OH physician), who instead appear to enjoy a consultancy role. The whole Health & Safety department led by Ms de Greiff is in turn under the authority of Ms Bergot (PD Human Resources). This new structure is problematic in several respects.




Firstly, Ms de Greiff is neither bound to nor protected by the Hippocratic Oath. If Ms Bergot, as her superior, demanded access to information from the medical file of a staff member (be it a MAU or an OH file), then Ms de Greiff would not have the authority to refuse such an order; neither would she be able to intervene if PD43 were to obtain medical information by other means.

In other words, the strict confidentiality of staff medical files kept in the EPO can no longer be guaranteed.

Secondly, medical doctors are responsible for ensuring the confidentiality of any and all medical data in their possession. If it cannot be guaranteed that non-medical personnel will not have access to medical information, then medical ethics oblige the doctors not to enter or amend any staff data, collected either by themselves or by external doctors working for the EPO, in the EPO medical databases. If they did nonetheless, they would risk losing their medical license.

Under such circumstances, it is unclear how the EPO medical department is supposed to function properly.

Thirdly, we have already raised a number of questions concerning the MAU which to date have never been answered. With the new structure, similar concerns now also apply to the former Occupational Health Department.

We respectfully request you to acknowledge receipt of the above observations and take a position on them.

Yours sincerely, The Central Staff Committee cc.: Mr B. Battistelli; President of the EPO Ms Dr Bosch and Mr Dr Schüder Ms R. de Greiff Ms E. Bergot


This medical data protection letter, contained in the original PDF, has the signatures of many staff representatives, not just SUEPO representatives. This is an important letter regarding a serious problem which is widely known about (word of mouth and more). When will the EPO realise that this is totally unacceptable in the 21st century? In this particular case the abuse of privacy of staff cannot even be excused/justified using a war on unions/dissent/whistleblowers. It's just an authoritarian regime's dream.

Recent Techrights' Posts

IBM Stock Collapses and It's Only the Beginning
Will GAFAM soon follow and will any executives be arrested for the accounting fraud insiders have long cautioned about?
I'll Be Extremely Difficult for Microsoft to Sell Any XBox Consoles Now
Microsoft understands this
How Software Freedom Would Benefit Everybody
A society that denies control by greedy companies would do a disservice to monopolies and improve all services to citizens
Links 14/07/2026: Harsh But Also Fair Criticism of Hey Hi (AI) Slop, 'Open' AI Shuts Down Its Own Products as Funds Run Out
Links for the day
Gemini Links 14/07/2026: Old CD Binder and AWK
Links for the day
In Defence of Physical Tickets
Tickets are not some "app" and not some "code" on some "screen"
Microsoft Layoffs Not Limited to XBox (False Narrative in the Mainstream Media)
Microsoft is becoming less relevant and workforce reductions won't end any time soon
Links 14/07/2026: Plagiarism Spun as "Training", Zelensky Announces Leadership Shuffle
Links for the day
The Register MS Has Just Published "AI" Webspam That Mentions "AI" 54 Times. It Was Paid to Do This.
Who pays for all this "AI" hype or "buzz"?
Gemini Links 14/07/2026: Self-Advocacy Online; "The Internet Is Dead: How the Web Lost Its Human Soul"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, July 13, 2026
IRC logs for Monday, July 13, 2026
Modern Technology Harms Women More Than Men (Because the 'Tech Bros' Who Dominate STEM Have a Poor View of Women)
“Privacy protects us from abuses by those in power, even if we're doing nothing wrong at the time of surveillance.”
Internet Relay Chat Trolls Are Not Expressing Opinions, They Are Saboteurs
For the record
Links 14/07/2026: "The Freedom of Information Act Is in Serious Trouble"; Irish Datacenters Use Up Almost 25% of Total Energy
Links for the day
The Register MS: "AI" Puff Pieces for Sale, Not Journalism at All, Just "Webspam"
The Register MS isn't the sole culprit
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, July 12, 2026
IRC logs for Sunday, July 12, 2026
How We Do Techrights (and What's Changing Next Week)
Many former news sites no longer yield much non-meaningless news (not anymore); there's a gap to be filled
Links 12/07/2026: Palantir Unrest and Wireshark 4.6.7
Links for the day
Links 12/07/2026: New Instrument Time and PalmOS Experiences in 2026
Links for the day
Red Hat Staff Says IBM Policy Has Stigmatised Him as a Tool and a Slopper With Plagiarism Tools
IBM is killing Red Hat with slop
Freedom of Choice or Freedom Versus Choice (or When All Choices Are Incompatible With Freedom)
When some business asserts that it gives people different options, then it can rightly argue that it offers some choices, but that is not the same as freedom
Techrights IRC Turns 5 Without a “Code of Conduct”, “Code of Conduct Committee”, and All Those Bureaucratic Nightmares
18+ years if one counts our time in Freenode as well
Why U No Use AI???
Many hype waves come and go
There Are Still Slopfarms in Google News
Google is trying to participate in if not lead this pyramid scheme
The Cyber Show Explains How Slop and Promotion of Slop is About Taking Control Away From Computer Users
"On making a trustworthy machine"
Keeping Available the Site at All Times
Informal arrangements and crowdfunding keep our work available despite resistance (including from people who break the law)
What If "Era of AI" and "AI Revolution" (Fake News) Never Happened?
So how much longer before the bust (or bubble-burst)?
GNU/Linux Approaches 5% in Australia
5% by year's end?
Europe/EU is Moving Towards Independence, Fast to Adopt Free Software
More and more states (governments, public sector) in Germany are dumping Microsoft
GNU/Linux Grows at the Expense of Windows
People who want to get work done already left Windows
Tux Machines Growing as a Volunteers-Run Site
Historically the site did not have many original stories, but this changed as the audience grew and the site gained more recognition
Links 12/07/2026: European Commission Versus ‘Addictive Design’, "Google Loses Final Appeal Over $4.7 Billion EU Android Antitrust Fine"
Links for the day
GNU/Linux Market Share Increases Some More Today, statCounter Measures It at 7.3%
Will more such thresholds and records be broken?
Gemini Links 12/07/2026: Studying Languages and 2026 Old Computer Challenge (OCC)
Links for the day
EPO "Cocaine Communication Manager" - Part XIII - At the EPO, Cocaine Addicts and Their Friends Are "Protected Class"
What does that tell us about the EPO?
Increasing Output by Focusing on Originals
It's probably more important to carry on with these than it is to keep abreast of non-crucial news
Amid Strikes and Industrial Actions, Young Professionals at the European Patent Office (EPO) Kept on 'Short Leash', According to the Local Staff Committee The Hague
Issues affecting Young Professionals
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 11, 2026
IRC logs for Saturday, July 11, 2026