Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part II: Steve Rowan Announces Microsoft “Outlook Migration”



Previous parts:



Steve Rowan - Vice President DG1 - Patent Granting Process
Steve Rowan – passionate about "talking the talk".



Summary: Steve Rowan on the implementation of illegal surveillance by Microsoft and the United States, covering all EPO operations including strictly confidential communications

Steve Rowan moved to the EPO in 2019 (warning: epo.org link). Prior to that he had held the position Director of Patents, Trade Marks, Designs and Tribunals at the UKIPO.



Steve was recruited by Campinos as part of a drive to give the EPO's senior management team a "new look" and as part of a carefully orchestrated attempt to create a "perception of independence" from Team Battistelli which had fallen into public disrepute.

Since then this affable and garrulous Welshman has been busy doing the rounds, "talking the talk" and pressing the flesh in an effort to convince EPO staff that everything has changed for the better.

When listening to him you could be forgiven for coming away with the impression that it's all one big happy family now and that the unpleasantness of the Battistelli era has been consigned once and for all to the dustbin of history – even if Elodie Bergot is still running the show at the HR Department.

Steve has taken to his new role like a duck to water and he seems to enjoy playing the EPO's "Prince of Woke", sponsoring events such as the “Women in the Lead” programme - a mentoring initiative for women at the EPO aspiring to managerial roles - and various other worthy "diversity & inclusion" causes.

More recently, at the start of February, Steve issued a communiqué to EPO staff on the subject of "Outlook Migration to the Cloud". This communiqué is noteworthy because it confirms the EPO's increasing reliance on cloud computing services hosted by Microsoft.

In his communiqué Steve informed EPO staff that "as announced in previous intranet items published in May and December 2020, our Outlook mailboxes are being transferred to the cloud."

But when reading the full text of the communiqué it's impossible not to wonder whether Steve fully understands the P's and Q's of data protection and the potential risks associated with putting all of the EPO's precious data eggs into the Microsoft basket:

"With the help of contract terms, a data protection agreement and technical implementation, the EPO has ensured the best possible protection for the data stored using Microsoft's cloud services. Microsoft guarantees that the data itself is stored on EU servers within the jurisdiction of the European data protection rules (GDPR).

Under the US Foreign Intelligence and Surveillance Act (FISA) and the US Clarifying Lawful Overseas Use of Data Act (CLOUD Act), Microsoft is obliged to grant security and intelligence agencies access to data stored in its cloud, even when stored on EU servers.

However, the protection level offered by Microsoft is still sufficiently high for DG 1 processes in place for confidential data exchange not to need encryption.

By contrast, to comply with the highest standards, which of course include the requirements imposed under the GDPR, encryption is needed for strictly confidential data.

The guidance on the use of cloud tools therefore states that it is only strictly confidential data that must not be stored in plain form in the cloud, whereas merely confidential information can be stored there without limitations."


Cloud fantasy
Is EPO Vice-President Steve Rowan living in a data protection "cloud-cuckoo land"?



Steve's blind faith in Microsoft and its assurances is very touching but one wonders whether he realises the full ramifications of handing over the EPO's internal e-mail and video-conference communications to a US-based electronic communications services provider.

Quite bizarrely, he doesn't seem to bat an eyelid over the fact that "Microsoft is obliged to grant security and intelligence agencies access to data stored in its cloud, even when stored on EU servers".

Despite the gushing optimism of the EPO Vice-President, there remains a nagging suspicion in some quarters that the EPO's increasing reliance on Microsoft - in particular its cloud computing services - is a legitimate source of public concern.

Before looking into this in more detail we will make a detour into the subject of mass surveillance and "digital sovereignty".

This planned intermezzo is intended to assist the reader in making a fully informed judgment as to whether everything is really as fine and dandy as Steve would have us believe or whether - as some suspect - he is living in a data protection "cloud-cuckoo land"…

Recent Techrights' Posts

The Week to Come
Planning ahead
LLM Slop Has Only Been a Boon for Misinformation Online
The very same companies that were supposed to maintain quality (again, not limited to Google with PageRank) are now actively participating in generating and spreading slop
When They Tell You It's Free, Does That Mean No Charges (If So, Who's Paying and Why)?
there's "no free lunch"
 
Links 28/07/2025: COVID-19 Sped up Brain Aging, "Circumvention is More Popular Than Compliance"
Links for the day
Richard Stallman is Usually Right Because He Thinks "Outside the Box"
he is able to observe society (mores and norms) as somewhat of an outsider
LWN Has Been Down for a Long Time, Another Casualty of LLM Bots?
Time will tell. How much time though?
Slopfarms Versus 'Linux' (and Against People Who Write Real Articles About GNU/Linux)
LLM slop in slopfarms by Brian Fagioli and Redazione RHC
Gemini Links 28/07/2025: Bila Yarrudhanggalangdhuray and Running pkgsrc in a FreeBSD Jail
Links for the day
Microsoft Turns News Sites Into Spamfarms
Is the site The Register MS the next IDG?
The Register MS/The Register US
On Saturday I contacted them for a comment (before issuing criticism)
Hacking revelations at Vatican Jubilee of Digital Missionaries
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, July 27, 2025
IRC logs for Sunday, July 27, 2025
We're Going to Focus Less on the Molotov Cocktail-Throwing Microsofters and More on Patents
We can get back to focusing on what we wanted to focus on all along
Just Trying to Keep Web Sites Honest (Journalistic Integrity)
the latest articles in LinuxIac are real
Links 27/07/2025: Political Affairs, Data Breaches, Attacks on Freedom of the Press
Links for the day
Gemini Links 27/07/2025: Hot in Japan and Terminal Escape Codes
Links for the day
Links 27/07/2025: More Microsoft Layoffs Coming, Science and Hardware News
Links for the day
Links 27/07/2025: FSF Hackathon and "Hulk Hogan Was a Very Bad Man"
Links for the day
Gemini Links 27/07/2025: DAW Mixer Chains and Simple Software
Links for the day
The Register MS is Inventing or Giving Air Time to New Conspiracy Theories so as to Distort the Narrative As High-Profile Agencies Fall Prey to Microsoft Holes
But the problem is holes, i.e. Microsoft making bad products; the problem is Microsoft
Most Editors at The Register Are American, Including the Editor in Chief, a Decade-Long Microsoft Stenographer (Writing Prose to Sell Microsoft)
It's not easy to tell where the site is based (we tried) because it's hiding behind ClownFlare and CrimeFlare hasn't been well lately
Pushers of systemd Rewrite History (Richard Stallman Said UNIX "Was Portable and Seemed Fairly Clean")
Unlike systemd
"New Techrights" Soon Turns 2 (A Few Days Before the FSF Turns 40)
We have a lot more to say about LLM bots
When Silence Says So Much
Garrett, a 'secure' boot pusher, will need to defend himself in the UK High Court
The Register in Trouble
There is not much that can be done at this point
Trajectory of The Register: From News Site/s Into "B2B"... and Into Microsoft Salespeople
Something isn't right at The Register
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 26, 2025
IRC logs for Saturday, July 26, 2025
Misinformation in Social Control Media
Social control media passes around all sorts of tropes
Slopwatch: Fake Linux 'Articles' and Slopfarms With "Linux" in Their Names/Domains
throwing bots at "Linux" to make some fake articles
Links 26/07/2025: Amazon Shutdown in China, Russian Economy Slows
Links for the day
Gemini Links 26/07/2025: History of Time (1988) and Gemini Games
Links for the day
Links 26/07/2025: 50 Percent Tariffs in Amazon, Dying Intel Offloads Network and Edge Group (NEX)
Links for the day
Doing My Share to Tackle Online Slop and SPAM
Trying my best to 'fix' the Web
Blaming Programming Languages for Users' and Developers' Bad Practices
That's like blaming cars for drivers who crash into things
Slopwatch: Fakes, FUD, Duplicates, and Charlatans Galore
The Web as we once know it is collapsing. Some opportunists try to replace it with low-quality slop.
The Register UK Seems to Have Become American and Management is Changing (Microsofter as Editor in Chief)
The Register 'UK' is now controlled by the Directions on Microsoft guy
Many People Still Read Techrights Because It Says the Truth, Produces Evidence, and Does Not Self-Censor
Unlike so many other sites
The Register is Desperate for Money, According to The Register
I decided to check how they're doing as a business
Microsoft Finally Finds a Use Case for Slop?
Create low-quality chaff to shift the media's attention?
Microsoft Windows Lost 400 Million Users in a Few Years, Why Does The Register Double Down on Windows With New US Editor?
days ago they hired a new US editor
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 25, 2025
IRC logs for Friday, July 25, 2025
For Libel Reform One Must First Bring (or Raise) Awareness to the Issues and Their Magnitude
I myself know, from personal experience
Links 26/07/2025: Rationed Meals in the US and TikTok Repels Investments (Too Toxic)
Links for the day
Gemini Links 26/07/2025: "Bloody Google" and New People in Geminispace
Links for the day
Response to Solderpunk (Father of Gemini Protocol) About the Gemini Community
Solderpunk responds to non-sequitur
HTML and the Web Used to be Something a Child Could Learn, "Modern" Web is a Puzzle of Frameworks, Bloat, and Worse
When the Web was more like Gemini Protocol