Bonum Certa Men Certa

Specialists in Public International Law Bemoan Privacy Violations at the European Patent Office



Bretton Woods Law



Summary: Some privacy takeaways from the analysis of Bretton Woods Law (commissioned by EPO staff) and more examples of serious privacy violations inside the European Patent Office

PRIVACY is significantly eroded by authoritarian regimes for the purpose of crushing dissent and the European Patent Office (EPO) is no exception. Eponia is highly authoritarian and it even hired autocrats like Željko Topić for top positions. A lot of the illegal surveillance inside the EPO began or culminated around the time people were chatting about criminal charges against him (for sure a story worth telling one day).



A letter was sent to Heiko Maas, Federal Minister of Justice and Consumer Protection in Germany, just over a couple of months ago. "A SUEPO lawyer addressed Heiko Maas and informed him of the latest reforms and developments at the EPO," explained an insider. Suffice to say, Maas has done virtually nothing (he has a reputation for this in Germany), but let's assess the privacy violations based on another legal office. A few days ago we saw the following new comment in IP Kat:

The EU data protection Regulation does not apply everywhere in Europe. For example, the European Patent Organisation (EPO) has its own data protection Regulation.

The document “BREACHES OF BASIC AND FUNDAMENTAL RIGHTS AT THE EPO” by Bretton Woods Law (Specialists in Public International Law) explains (from page 17 to 23) why the EPO data protection regulation fails to meet the standards of both EU data protection law and the national data protection laws of the Contracting States.

https://www.suepo.org/documents/43577/55400.pdf

Summary of deficiencies in the current EPO data protection framework:

- Fundamental rights: The reference to the respect of fundamental rights had been removed from the EPO data protection regulation (page 18).

- Lack of independent oversight: At the EPO there is no independent supervisory authority. The EPO president supervises himself the data processing he has implemented. (page 21)

- Change of purpose: The EPO data protection regulation allows the EPO President unilaterally to decide that data may be processed for purposes other than those for which they have been collected.(page 21)

- Transmission to recipients outside the European Patent Organisation: The EPO President may authorise a transfer or a set of transfers of personal data to a third country or international organisation which does not ensure an adequate level of protection.(page 21)

- Lack of any effective means of redress in circumstances where the rights of data subjects are infringed (see pages 22 and 23 - the intervention by the German data protection authorities).

Conclusion: A wide range of personal data from both patent applicants and EPO staff are processed at the EPO. The situation at the EPO falls far below the standards expected and the rights enjoyed by citizens in the rest of Europe.



The above reminded us of what the EPO does with Europatis -- a scandal which we covered here last year in the following articles:

  1. Jacques Michel (Former EPO VP1), Benoît Battistelli's EPO, and the Leak of Internal Staff Data to Michel's Private Venture
  2. Europatis: “Turnover of €211,800 and Zero Employees”
  3. Loose Data 'Protection' and Likely Privacy Infringements at the EPO: Here's Who Gets Employees' Internal Data
  4. Summary of the EPO-Europatis Series
  5. Revolving Doors of High-Level EPO Management: Jacques Michel and the Questel Deal With the EPO


Privacy violations are so serious inside the EPO that detailed accounts of mock trials or investigations are being 'leaked' by EPO management to the media, in order to essentially defame the accused (a judge in one case). One of the reasons for strong data protection around one's medical record is the potential for blackmail and discrimination. In light of this we're reminded of a document we saw several months ago (it's a letter to Mr. Topić actually). It spoke about the unacceptable state of medical data protection at the EPO (it would be totally unthinkable at the USPTO). Here is the complete text

European Patent Office | 80298 MUNICH | GERMANY

Mr Željko Topic Vice President DG4

R. 707

European Patent Office 80298 Munich Germany Central Staff Committee Comité central du personnel Zentraler Personalausschuss Tel. +49 -89- 2399 - 4355 +43 -1-52126 - 305 +49 -30-25901 - 800 +31 -70-340 - 2028 centralSTCOM@epo.org Reference: sc16075cl –0.3.1/4.3 Date: 14.04.2016

Nomination of Ms R. de Greiff as Director Health and Safety

Dear Mr Topic,

On 24 March 2016 you announced on the Intranet the appointment of Ms Raffaella de Greiff as new Director Health and Safety with effect from 1 April 2016, this after serving as ad interim Director of one of the two EPO medical departments since Dr Koopman retired almost two years ago.

Ms de Greiff has a degree in “industrial relations” but no medical qualification. A non-medical person can manage a medical unit, but normally only subject to certain strict requirements:

● medical confidentiality is respected; ● non-medically qualified managers do not have access to any medical information; ● medical files and H&S staff when handling such files remain under the direct supervision of medical doctors; ● medical doctors remain free to carry out their medical duties without interference from managers in medical issues.

So far, the Office has not introduced any such formal guarantees and safeguards.

We refer in particular to the Gazette of January 2016, page 20, which includes a diagram showing that the units that administer such medical files (“Medical advisory and general administration” and “Occupational health and safety”) are under the direct authority of the Health & Safety Director and not of the medical doctors (medical advisor or OH physician), who instead appear to enjoy a consultancy role. The whole Health & Safety department led by Ms de Greiff is in turn under the authority of Ms Bergot (PD Human Resources). This new structure is problematic in several respects.




Firstly, Ms de Greiff is neither bound to nor protected by the Hippocratic Oath. If Ms Bergot, as her superior, demanded access to information from the medical file of a staff member (be it a MAU or an OH file), then Ms de Greiff would not have the authority to refuse such an order; neither would she be able to intervene if PD43 were to obtain medical information by other means.

In other words, the strict confidentiality of staff medical files kept in the EPO can no longer be guaranteed.

Secondly, medical doctors are responsible for ensuring the confidentiality of any and all medical data in their possession. If it cannot be guaranteed that non-medical personnel will not have access to medical information, then medical ethics oblige the doctors not to enter or amend any staff data, collected either by themselves or by external doctors working for the EPO, in the EPO medical databases. If they did nonetheless, they would risk losing their medical license.

Under such circumstances, it is unclear how the EPO medical department is supposed to function properly.

Thirdly, we have already raised a number of questions concerning the MAU which to date have never been answered. With the new structure, similar concerns now also apply to the former Occupational Health Department.

We respectfully request you to acknowledge receipt of the above observations and take a position on them.

Yours sincerely, The Central Staff Committee cc.: Mr B. Battistelli; President of the EPO Ms Dr Bosch and Mr Dr Schüder Ms R. de Greiff Ms E. Bergot


This medical data protection letter, contained in the original PDF, has the signatures of many staff representatives, not just SUEPO representatives. This is an important letter regarding a serious problem which is widely known about (word of mouth and more). When will the EPO realise that this is totally unacceptable in the 21st century? In this particular case the abuse of privacy of staff cannot even be excused/justified using a war on unions/dissent/whistleblowers. It's just an authoritarian regime's dream.

Recent Techrights' Posts

The Word About the Upcoming Talk by Richard Stallman - Scheduled for Friday This Week - Has Spread ("The Cost of Freedom," Lausanne, Switzerland)
So the word is spreading
Microsoft Front Group Starts the Year by Championing Underage (or Child) Labour
the fake 'FSF'
 
"AI Music" is Not Music and It's Hardly "AI" Either
Synthetic garbage is a solution in search of a problem
Webspam in BetaNews
Not only is it marketing SPAM
[Meme] 13 Years a Slave of Microsoft
Might makes right?
Gemini Links 14/01/2025: The Gemtext Print Hurdle and New Game: Fill!
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, January 13, 2025
IRC logs for Monday, January 13, 2025
Links 13/01/2025: Conflicts, Prisoner Exchange, and Homes on Fire
Links for the day
Angola: Microsoft Windows Falls Below 10%
Microsoft has a really bad 2024 in Africa
[Meme] Twitter ("X") Has Been Grooming Radicals Since 2022
Musk's very own "grooming gang"
[Meme] What Free Speech Ought to Mean
It does not sound like RMS suggests anything other than quitting social control media
Gemini Links 13/01/2025: RestFest, Yule, and Deedum
Links for the day
Modern Web Browsers as Web Censorship Software
We continue to recommend Geminispace
Two Weeks From Now Dr. Richard Stallman Speaks at The Summit of Future 2025 (India)
he will be giving a "Keynote Address" in India
Microsoft is Tight With Money: It's About the Salaries ('Cost' of the Workers)
a question of cost, not skill
Google Got People Sort of Addicted to Android So It Can Cash in (Services, App Store, Advertising) Decades Later
This is not software freedom
The Free Software Foundation Reaches 370k Dollars in Funding, Due Date is January 17th When Richard Stallman is Guest of Honour in Lausanne (Switzerland)
Even fellow board members seem unaware of it
Record Lows for Windows (Microsoft) in Botswana
The market share of Vista 11 is seen as going down
Preserving Deleted Articles About Bill Gates Talking Like a Drug Dealer About Computer Users
Now it's 2025. Different challenge.
Links 13/01/2025: Disinformation, Social Control Media Actively Promoting Nazism, and Catchup With Ukraine
Links for the day
TPM Boosters Inside Debian (TPM Isn't About Security, It is About Control Over Users and Their Machines)
We're not rushing to any conclusions
Aaron Swartz Died 12 Years Ago After a Vicious Government Campaign to Stop Him
The Aaron Swartz story is a reminder of the importance of having verifiable/verified information out there for the general public to see
Links 13/01/2025: GitLab Enshittification and Minimalism and Efficiency with Gemini Protocol
Links for the day
Links 13/01/2025: Hardware, Health, and Conflicts
Links for the day
Chatbots Are Not Data-Driven, They're Human-Censored and Rely on Wage Slaves (and Sometimes Unpaid Volunteers)
This is the Microsoft wage slavery
Microsoft Appears to Have Fallen to Only 15% in Maldives
This is a problem for Microsoft
Rumours of IBM Canada Layoffs
We'll keep a vigilant eye on this
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, January 12, 2025
IRC logs for Sunday, January 12, 2025
Bots Covering Debian Releases
It would be quite safe to guess that chatbots were at least partly leveraged for that text
Gemini Links 12/01/2025: No Country For Old Men, Burned Homes, and "Planet P is Clean"
Links for the day
Slopwatch: Brittany Day and Brian Fagioli Are Still at It, Googlebombing "Linux" With LLM Slop (Taking Away Traffic From the Articles They're Plagiarising)
Some more sites that used to cover GNU/Linux have turned into slopfarms
Links 12/01/2025: Microsoft Admits It's Laying Off Staff Only Where Staff is "Expensive" (Race to the Bottom)
Links for the day
[Meme] Being High on Drugs Isn't Happiness (Likewise, Being a "Star" in Social Control Media is Temporary)
Many entities - or people - will regret telling everybody "follow me on Twitter"
[Meme] They Say That RMS Says the "F" Word (Freedom) Too Much...
About 32.7k US dollars are now left for the FSF to raise (in 6 days)
Links 12/01/2025: More Sanctions Against Russia, SCOTUS Signals Fentanylware (TikTok) Ban Will Stay
Links for the day
[Meme] A Jihad Against Servers the User Controls
We need to strive for and work towards greater control by users over "their" servers
Microsoft Azure-Only Bugs in "Linux" Can "Compromise the System."
From ubuntu.com and linux.org a few days ago
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, January 11, 2025
IRC logs for Saturday, January 11, 2025
Gemini Links 12/01/2025: DHL Express Does Not Deliver, Oddmuse Update
Links for the day