Bonum Certa Men Certa

EPOLeaks on Misleading the Bundestag -- Part 6: Dr Petri Starts the Ball Rolling…

Series index:

  1. The EPO Bundestagate -- Part 1: How the Bundestag Was (and Continues to be) Misled About EPO Affairs
  2. The EPO Bundestagate -- Part 2: Lack of Parliamentary Oversight, Many Questions and Few Answers…
  3. The EPO Bundestagate -- Part 3: A “Minor Interpellation” in the German Bundestag
  4. The EPO Bundestagate -- Part 4: Parroting the GDPR-Compliance Myth
  5. The EPO Bundestagate -- Part 5: The Federal Eagle's Disconcerting Metamorphosis
  6. You are here ☞ Dr Petri Starts the Ball Rolling…


Dr Thomas Petri



Summary: Our story begins with a letter from the Bavarian Data Protection Commissioner in May 2014

The events which form the focus of the present series began to unfold back in April 2014 when a member of the public requested the Bavarian State Data Protection Commissioner, Dr Thomas Petri, to investigate the EPO's data protection framework.



Dr Petri took up the matter and came to the conclusion that the EPO's data protection framework was not fit for purpose.

"Dr Petri took up the matter and came to the conclusion that the EPO's data protection framework was not fit for purpose."In particular he found [PDF] that there was no independent supervisory authority which could supervise compliance with data protection regulations at the EPO. This basically meant that "data subjects" had no effective means of enforcing their rights under data protection law.

However, Petri's examination of the legal situation noted that the authorised contracting party to the European Patent Convention was the Federal Republic of Germany, not the regional states ("Länder").

This meant that the deficient character of the EPO'S data protection framework was an issue that he could not pursue on his own.

It would need to be taken up at a national level by the competent national data protection authority, namely the Federal Commissioner for Data Protection and Freedom of Information (German abbreviation "BfDI").

"In August 2014, Voßhoff proceeded to contact the Justice BMJV to draw the Minister's attention to the matter and to propose the establishment of an independent data supervisory authority for the EPO."Following the conclusion of his investigation, Dr Petri, contacted his counterpart at federal level, the BfDI's Ms Andrea Voßhoff, in a letter dated 5 May 2014 [PDF] in which he summarised his findings and expressed his concerns.

In particular, Petri proposed that the BfDI should "work towards the establishment of a data protection supervision at the European Patent Office by a fully independent oversight body." He noted that the competent government ministry was the Federal Ministry of Justice and Consumer Protection (BMJV).

Ms Voßhoff concurred with Dr Petri's legal assessment of the situation his concerns on the issue of independent data protection supervision at the EPO.

In August 2014, Voßhoff proceeded to contact the Justice BMJV to draw the Minister's attention to the matter and to propose the establishment of an independent data supervisory authority for the EPO. The Minister for Justice at the time in question was Heiko Maas of the German Social Democratic Party (SPD).

The BMJV responded to Ms Voßhoff's communication in November 2014 [PDF].

"Hubig explained that Germany could not unilaterally pursue reform of the EPO's data protection framework because of the EPO's "autonomous" status in international law and the fact that institutional questions were regulated in a multilateral treaty, the European Patent Convention (EPC)."The response was issued by Dr Stefanie Hubig, an SPD party member and State Secretary ("Staatssekretär") at the BMJV reporting directly to the Minister Heiko Maas.

Hubig's response is full of the usual pious platitudes about data protection being "an extremely important issue for the Federal Ministry of Justice and Consumer Protection" and the typical waffle and hand-waving about how "the BMJV is committed to high data protection standards and their constant further development on many levels."

Hubig explained that Germany could not unilaterally pursue reform of the EPO's data protection framework because of the EPO's "autonomous" status in international law and the fact that institutional questions were regulated in a multilateral treaty, the European Patent Convention (EPC).

According to the BMJV, any revision of the EPC would require a diplomatic conference of all contracting states, "a time-consuming procedure by means of which changes cannot be implemented in the short term."

The letter ended with the standard run-of-the-mill assurance that "the BMJV will continue to work within the framework of the EPOrg to ensure that high data protection standards and an independent data protection structure are maintained and further developed."

"At that point it seemed as if the EPO file had been consigned to the BfDI's archives - at least as far as the German authorities were concerned - and that nothing further was likely to happen at a national level in the foreseeable future."In December 2014 Ms Voßhof wrote back [PDF] to Dr Petri to inform him of the BMJV's response.

She noted with regret that the BMJV did not take up her proposal to establish an independent external data protection supervisory authority over the EPO by amending the European Patent Convention (EPC) because of the necessity to convince a diplomatic conference of all 38 contracting states.

Ms Voßhoff described the BMJV's reluctance to push for a review of the matter within the EPO as "regrettable but understandable" in view of the large number of countries that would have to be engaged and convinced.

Because of the lack of uptake on the part of the BMJV, Ms Voßhoff thought that an approach that addressed many member states of the EPC simultaneously was likely to be more effective.

For this reason she proposed to raise the issue of independent data protection oversight of the EPO at EU level "within the framework of the [EU] Article 29 Working Group in Brussels", an advisory body of the EU made up of a representative from the data protection authority of each EU Member State, the European Data Protection Supervisor and the European Commission.

Voßhoff took the view that "a letter from the chair of the Working Group to the EDPS could provide the necessary European impetus for an amendment of the EPC."

At that point it seemed as if the EPO file had been consigned to the BfDI's archives - at least as far as the German authorities were concerned - and that nothing further was likely to happen at a national level in the foreseeable future.

However, as we shall see in the next part, not long afterwards in June 2015 the BfDI was prompted dust off the file following revelations in the press about unauthorised covert surveillance activities by Battistelli's Pinkertons, the notorious EPO "Investigative Unit".

Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day