Bonum Certa Men Certa

EPO Management Consciously Breaking European Union Laws: Staff and Stakeholders Subjected to Illegal Tactics and Practices, Now Exam Takers As Well

Orwell's nightmare, now with diplomatic immunity and no oversight whatsoever

Mirrored objective



Summary: The EPO routinely breaks privacy laws, knowing that there's not even an attempt to enforce the law against the EPO's dictators; we've lost count of the instances/number of privacy scandals at the EPO, but we keep adding more to our list

Staff and stakeholders have their privacy rights violated, as we noted last month and again this morning. Under normal circumstances, Benoît Battistelli, António Campinos and their ilk would risk arrest for what they do at the EPO. But they have diplomatic immunity and half a decade ago we saw Battistelli getting away with very serious crimes, e.g. visitors subjected to illegal surveillance on EPO premises (it was all over the media at the time, back when the media actually bothered covering EPO scandals).



Wall of MirrorsThe Commission's whitewash of corruption at the EPO means that EU law won't be enforced and rules won't be honoured; just like that... more abuse, more immunity, more impunity...

Rose Hughes (AstraZeneca and EPO apologist) has just been advertising a sham exam (EQE) with extra surveillance now added to it. The corruption associated with EQE was covered here in a series earlier this year. Nobody was held accountable. Nobody.

Based on this post, the EPO adopts more spyware; basically malware. It's as if COVID-19 makes 'magic' and renders the illegal "excusable" ever so magically. To quote: "The EPO has released the first detailed information for candidates on the arrangements for the online pre-EQE and EQE next year. Full details can be read here. The examinations are scheduled to take place the week of 1 March 2021. The online exams will be taken using the dramatically named "LockDown browser", which candidates are being advised to log in to 20 minutes before the exam."

"A lot of things like the "LockDown browser" are being imposed on students despite being in violation of human rights."So the data is going to Microsoft's next-door neighbours at Respondus, who are flirting with GDPR violations and looking for cleverly-worded excuses. A lot of things like the "LockDown browser" are being imposed on students despite being in violation of human rights. Lack of actual enforcement is a very serious problem. Laws without enforcement are toothless tigers.

We'd like to bring up an old document (2019) [PDF] in which staff representatives at the EPO named several GDPR violations. Here's the full document for the PDF-hostile/averse folks.

EPO GDPR p1

EPO GDPR p2

EPO GDPR p3

EPO GDPR p4

EPO GDPR p5

EPO GDPR p6

Notice the part about the UPC: "In the near future the EPO might be entrusted by the EU to process patent application in the framework of the Unitary Patent. It is unlikely that member states and applicants would accept a situation in which the EPO would process personal data of EU citizens in the name of the European Union without respecting EU legislation for data protection."

Here's the corresponding and more concise message to EPO staff:

Data protection @ EPO, quo vadis?



Data protection guidelines at the EPO should be aligned to European regulations

[...]

New EU Data Protection Regulations

New regulations for data protection have been introduced by the EU in 2018, the General Data Protection Regulation[1] (GDPR). It safeguards EU citizen’s fundamental right to protection of their data and it is directly binding for all EU member states. However, it is not binding for the EPO.

EPO has its own data protection policies

The EPO follows its own data protection policies: the Data Protection Guidelines[2] (DPG). Staff representatives pointed numerous times to the gap between the DPG and the European regulations. Commenting on the GDPR, former VP5 Raimund Lutz stated that the EPO is very close to EU legislation, because the EPO always has applied the “highest level of data protection [...] including the nomination of an independent Data Protection Officer (DPO)”. Furthermore, a recent audit report (2017) has been cited which “has confirmed a close alignment with the GDPR legal framework.”[3]

Data protection and the Unitary Patent

In the near future the EPO might be entrusted by the EU to process patent application in the framework of the Unitary Patent. It is unlikely that member states and applicants would accept a situation in which the EPO would process personal data of EU citizens in the name of the European Union without respecting EU legislation for data protection.

EPO data protection guidelines do not meet EU standards

An independent and external legal analysis[4] in 2016 concluded that the DPG did not meet the standards of data protection laws in the EU at that time. The analysis further stated that there is a lack of independent oversight, of an effective system of checks and balances to prevent abuses, and of effective means of redress in circumstances where the rights of individuals are infringed.

Staff representation proposes to align EPO policies to EU policies

Staff representation finds that the introduction of the new European guidelines is an opportunity to re-open the discussion on data protection at the EPO: The data protection policies at the EPO can be improved in order to better protect the data of staff and applicants/users alike. The EPO used to have a long tradition to strive to comply with the highest standards in data protection[5]. The last reform in 2014 can only be seen as deterioration in this matter[6]. An alignment of its data protection guidelines to EU regulations would be a step towards a modern data protection framework and would contribute to establish the EPO as the leading patent office.

Staff representation suggests to:

The EPO policies on data protection should be aligned to the EU regulations, which present at the moment the most comprehensive and modern legislation in data protection matters.

The role of the Data Protection Officer, who is responsible for the implementation of the EPO data protection, should be enforced and its independence should be assured.

An external and independent oversight body should be appointed with the task to monitoring the application of data protection policies at the EPO.

Separate data protection policies should be defined for investigative procedures (e.g., misconduct or fraud). Its implementation should be the responsibility of a distinct Data Protection Officer nominated, e.g., by the Administrative Council.

Rules to safeguard data processing should be mended. For example, transfer of personal data to third countries and the change of purpose, e.g., using personal data for purposes for which the user has not consented to, should be tightly regulated.


[...]

[1] GDPR, link

[2] Guidelines for the protection of personal data in the European Patent Office, link

[3] VP5 announcement on Intranet, 25.05.2018, link

[4] See section 9 “Data protection framework”, Breaches of basic and fundamental rights at the EPO, Bretton Woods Law, Legal Opinion, 2016, link

[5] Data protection – Current situation in the EPO and in Europe, Gazette 15/95, 03.07.1995, page 8, link

[6] GAC/AV 4/2014, Opinion of the CSC about Data Protection Guidelines, link


It is hardly shocking that "EPO data protection guidelines do not meet EU standards" and to think they're now subjecting people who merely take an exam to the same low (and non-complying) standards is the cherry on the cake. We await -- whilst expectations are admittedly low -- EU enforcement action/s. Maybe the German ministry of injustice can once again come up with a bunch of nonsense (lies) about why this is perfectly acceptable.

Recent Techrights' Posts

Datamation, Where I Used to Publish Articles, Appears to Have Been Sold to TechnologyAdvice Only to Become a Slopfarm
I'd prefer to not associate with that site anymore
 
How Software Patents Were Viewed or Their General Status Changed Over Time
A rough summary
We Are Turning 19 in One Month, FSF Turns 40 in 3 Hours (CET)
For our anniversary next month we still have no concrete plans
Patent Docs (or PatentDocs) Learned the Wrong Lessons From the Death of TypePad
Had they gone ahead with an SSG, they'd become a lot more future-proof
USPTO Patent Bubble Already Imploding, After Decades of Artificial Inflation, Entire Offices Close for Good
we can deduce that financial pressures (lack of "demand" for monopolies) play a role
TikTok is Not Harmless (Being CheeTok in the US Will Advance Orange Agenda)
Social control media isn't "fun and games"; it's a digital weapon that lets hostile groups or nations infiltrate others, then turn them against themselves
Andy Farnell and Helen Plews Explain What "Modern" Tech Does to Old People
Imposing terrible tech "religion" on people is not helping them
Tomorrow the Free Software Foundation (FSF) Turns 40 and Its Web Site is Still Slow Due to DDoS by LLM Slop Bots
For an advocacy group, uptime is important (for its message to remain accessible)
Slopwatch: Google News as a Firehose of LLM Slop About "Linux"
Google News is really bad
Links 03/10/2025: "NPR’s Economics Lessons Come With Neoliberal Spin" and Canada Post at Risk
Links for the day
Gemini Links 03/10/2025: Panic Attacks and Food Adulteration
Links for the day
Links 03/10/2025: Lawyers Caught Using LLM Slop Explain Why They Did It, LibreSSL 4.1.1 and 4.0.1 Released
Links for the day
FSF Board Grew 50% Since Last Year, Has New President, Turns 40 in Two Days
It's a good move for the FSF and - by extension - for software freedom
Links 03/10/2025: Conflicts, Death of TypePad, and TikTok/CheeTok Gives a Boost to Far Right Groups in Europe
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 02, 2025
IRC logs for Thursday, October 02, 2025
Slopwatch: Linux Journal, Google News, and LinuxSecurity
They carry on polluting the Web with fake articles
Gemini Links 02/10/2025: Kubernetes With FreeBSD and robots.txt
Links for the day
Links 02/10/2025: 'Open' 'AI' Resorting to Gimmicks and Fake Funding, Europe’s ‘Drone Wall’ Discussed
Links for the day
Links 02/10/2025: Brave Passes 100M Users Milestone, Kodak Selling Its Own Film Again
Links for the day
Michael “Monty” Widenius: It Started in 1983 With Richard Stallman (RMS)
The other co-founder of MySQL is a bit notorious for confronting RMS rather viciously
For the Second Time in a Few Weeks Microsoft Lunduke Makes False Accusations Against Senior Red Hat Staff to Incite a Despicable 'Troll Army'
Nothing that Microsoft Lunduke claims of says can be trusted
su lisa && rm -rf /home/ibm/power
Novell was ruined by another person from IBM, Ronald Hovsepian
A Record Demand at Microsoft: Demand to Cancel
What we're witnessing is a very ungraceful destruction of XBox
Microsoft is Losing Europe
Hence all the "support" and "discount" offers that are limited to Europe
The Free Software Foundation Starts Fund-raising for 40th Anniversary
New pop-up 2-3 days ahead of the 40th anniversary event
Systemd Breaks Networking in Debian and Microsoft Staff Rushes to Make Face-Saving Excuses in LWN
Microsoft's bluca is already there in the comments, his Microsoft money pays for LWN to let him leave comments early
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 01, 2025
IRC logs for Wednesday, October 01, 2025
What the End of XBox Will Look Like: a Fiery Crash
XBox is the next Skype. It won't last much longer. Expect many more layoffs.
Richard Stallman is Going to Finland to Give a Talk Next Thursday
A day later he speaks in Sweden
Gemini Links 02/10/2025: SMTP Pipelining and End of ROOPHLOCH 2025
Links for the day
Slopwatch: Plagiarism, Fake Articles, and FUD About Linux
not a day goes by without Google News feeding FUD from slopfarms
Gemini Links 01/10/2025: Chat Control and End of Life
Links for the day
Links 01/10/2025: Long Covid Risk Reiterated, "Bitcoin Queen" Caught
Links for the day
Links 01/10/2025: EA $55 Billion Deal is Debt and Slop "Raises Vishing Risks"
Links for the day
Bluewashing at Red Hat Means Redundancies
The man who sold Red Hat to IBM meanwhile became a Microsoft Mono booster
After Killing OpenSource.com, IBM ('Red Hat') and OSI Told Us OpenSource.net Would Replace It (But That Didn't Happen)
Now it's time to move on, perhaps tarnishing the "Open Source" label some more (for whatever sponsor wants this)
Linux is Not a Community Project, It's a Wall Street Product
The core goal should be freedom
Bad Actors Abusing the Free Software Community, Vandalising It Using Rogue Politics and Old Tactics
Oil giants have long attempted to do this; now, the digital equivalent of Big Oil does this in technology
Social Control Media Isn't the Future, The Federation or Fediverse Isn't Growing, People's Accounts Vanish for Good
users' accounts will get deleted, not just become inactive
IBM is Failing, This Helps Show Wall Street is Entirely Detached From Actual Commercial Performance
IBM is unable to grow, it's just constantly shrinking
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 30, 2025
IRC logs for Tuesday, September 30, 2025
Clerical Aspects of Publishing and Development
In Free software, the management aspects are considerably reduced
Slopwatch: Fake Articles and Google News Promoting "Linux" Spam or Bot-Generated Fear, Uncertainty, Doubt (FUD)
These slopfarms help misplace blame
Third Wave of Microsoft Layoffs in September, This Time Many in Liverpool Affected
Be ready for more waves of layoffs ahead of the so-called "results" in late October