Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part I (Start of Series): Enter the “Cloud of Unknowing…”

Previous parts:



Clown of the unknowing
According to Thomas Petri, Bavarian Data Protection Commissioner "nobody is really in charge" when it comes to data protection matters at the EPO



Summary: The first part of an important series; historically, EPO has always sent out aggressive lawyers to issue threats when we exposed EPO-Microsoft collusion

THIS Part I isn't the same as the introduction to Part I. This is the body of the long story, which will be told responsibly and prudently for the coming fortnight, several times per day. Without further ado, and in spite of suppression attempts, we start this series.






Back in June 2015, it was reported that the Bavarian Data Protection Commissioner, Dr Thomas Petri, and the Federal German Data Protection Commissioner, Andrea Vosshoff, had raised serious concerns about the state of data protection at the EPO.

According to the German press, Dr Petri had previously investigated the data protection framework at the EPO in the spring of 2014 following a complaint and he had come to the conclusion that it was seriously deficient.

Referring to the lack of any genuine independent oversight in data protection matters, Dr Petri stated: "It emerged that nobody was really in charge".

"An optimist might like to believe that things have surely improved since then. Unfortunately there is no evidence of this."He called for an external data protection supervisor to be assigned to the EPO because the internal inspectors were not independent enough and "in the absence of any action matters are likely to get out of hand".

An optimist might like to believe that things have surely improved since then. Unfortunately there is no evidence of this.

In the meantime the EPO seems to have just muddled along relying on its traditional "three monkeys" approach to "rebutting" external criticism of its data protection framework.

3 monkeys
The EPO's approach to "rebutting" criticism of its data protection framework: See no evil – hear no evil – speak no evil



For example, when the EU General Data Protection Regulation (GDPR) came into effect in May 2018 during the final days of the Benoît Battistelli régime, the EPO's response was to issue a self-serving communiqué (warning: epo.org link) proclaiming its commitment to "ensuring the highest level of data protection" and announcing that "a recent audit report has confirmed a close alignment with the GDPR legal framework".

"The reader is expected to take the EPO's claim at face value despite the fact that it is scarcely credible that an independent external audit could have arrived at such a conclusion."Of course no substantive information about the "recent audit report" was provided.

The reader is expected to take the EPO's claim at face value despite the fact that it is scarcely credible that an independent external audit could have arrived at such a conclusion.

If Dr Petri was of the considered opinion that the EPO's data protection framework was deficient when measured against pre-GDPR data protection standards, then it's difficult to see how the same framework which hadn't changed in the meantime could be considered meet the even more stringent data protection standards imposed by GDPR.

As a matter of fact, a report commissioned by the EPO staff union SUEPO from external legal experts in 2016 confirmed that the EPO's data protection framework was not compliant with EU data protection standards and was in urgent need of a radical overhaul.

But it's necessary to understand that we are dealing here with the logic of the "système Battistelli".

"Perish the thought that someone could be so impudent as to call for an independent audit…"If Battistelli insists that the EPO's data protection framework is GDPR-compliant, well then it has to be. Anybody who dares to question that claim had better watch out! Perish the thought that someone could be so impudent as to call for an independent audit…

And it would be a grave mistake to think that things have improved on this front following Battistelli's departure.

More recently in September 2020, the EPO published a notice on the topic of "Data privacy policy for the processing of personal data in Microsoft 365".

Once again the reader is assured:

"The protection of your privacy is of the utmost importance to the European Patent Office (EPO). We are committed to respecting and protecting your personal data and ensuring your rights as a data subject. All data of a personal nature (i.e. data that can identify you directly or indirectly) will be processed fairly, lawfully and with due care."

For good measure the well-rehearsed schtick about GDPR-compliance is trotted out:

"We strive to keep our data protection framework in line with current best practices. A recent audit report has confirmed that it is in close alignment with the EU’s General Data Protection Regulation (GDPR)."

But where is this mysterious "recent audit report"?

Is it the same one that Battistelli referred to over two years previously back in May 2018?

"But where is this mysterious "recent audit report"?"Of course you're not supposed to ask and if you have the temerity to do so, then you'd better not hold your breath waiting for an answer.

But when you peel away the PR façade, what the public notice of September 2020 does provide in terms of factual evidence is an irrefutable indication of the increasing reliance of the EPO on cloud computing services hosted by Microsoft.

In the next part we will see how this was confirmed by a recent internal communiqué from EPO Vice-President Steve Rowan (warning: epo.org link), formerly Director of Patents, Trade Marks, Designs and Tribunals at the UKIPO.

Recent Techrights' Posts

Microsoft Windows Fell to All-Time Lows in Egypt This Summer, Vista 11 Adoption Decreases While GNU/Linux Increases
Vista 11 is going down rather than up
12 Hours Ago The Register MS Published a Fake (Paid-for) Article, But This One for a Change Did Not Promote a Ponzi Scheme
There are also Free software alternatives, but they don't pay The Register MS for "synthetic" so-called 'journalism'
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 27, 2025
IRC logs for Wednesday, August 27, 2025
Slopwatch: linuxsecurity.com, Slopfarms in Google News, and More
Some readers of ours end up sending us links that are from slopfarms, not realising those are slopfarms
Gemini Links 27/08/2025: Katrina Memories and Google Versus Software Freedom
Links for the day
Links 27/08/2025: Police Against Media Freedom in the UK, Energy-Hungry Countries Targeted by China
Links for the day
Links 27/08/2025: Microsoft Demoralises Staff With Slop Demands, Leaving Mastodon Explained
Links for the day
More People Need to Call Out and Put a Stop to Serial Sloppers
Unless slopfarms are stopped, people will read and share Microsoft propaganda made by chatbots
Gemini Links 27/08/2025: Headphones and Tartarus
Links for the day
Morale at Microsoft is Terrible (Proprietary Plagiarism Machines Have No Future, LLM Slop is a Bubble)
The slop sceptics/critics are going to have lots of "told you so" moments
GNOME "governance issues, staff reduction, etc." amidst Albanian whistleblowing and women trafficking
Notice the connection to Software Freedom Conservancy (SFC) and GNOME
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 26, 2025
IRC logs for Tuesday, August 26, 2025
Richard Stallman (RMS) Was Right About "Sideloading" in 1996
We now have computers that treat booting GNU/Linux like an act of "Sideloading"
Panama: Windows Down From 97% "Market Share" to Less Than 30%
In 2009, Windows was measured at 97.24% (compared to 62.32% right now or less than 30% if one also counts Android)
The UEFI 9/11 - Part I - Introduction to Impending Catastrophe (Microsoft Preventing People From Booting Non-Windows Systems)
eight-part series
Why Techrights is Slow Today (Bot Floods)
We don't know if those bots are connected to LLMs (we have not checked), but that is a possibility
Slopwatch: DDoS Slop, LinuxBSDos.com Spam, and Slopfarms in Google News, Including webpronews.com
Among the news we also found fakes, albeit not so much today
Links 26/08/2025: "Ballooning Debt" in France and "Transnational Repression in the UK"
Links for the day
Gemini Links 26/08/2025: Listening to Alcest and Google Doing Evil (Users Installing Software is "Sideloading" and Prohibited)
Links for the day
Links 26/08/2025: DNS Tampering and TikTok Layoffs
Links for the day
Microsoft's Windows "Market Share" Overestimated
Microsoft's income sources are shrinking
We Shall See...
My wife and I are hardly the first victims of Brett Wilson LLP
This New Determination on a Case Echoes the Modus Operandi of Microsoft's Serial Strangler vs Techrights (Its Online Decision/Judgment Says Truth and Public Interest Defend the Publisher)
Noel Anthony Clarke hopefully has enough money left to pay his victims, which include the publishers
Going Offline
There was life before the Net
The Register MS Has Apparently Shut Down Its Office
It is basically a fake address on the face of it
There Are Also Expectations of IBM Layoffs Very Soon With "Narrative Control."
Some of them mention Red Hat and how IBM failed to achieve anything substantial with that acquisition
After at Least Two Rounds of Mass Layoffs in August Microsoft Said to Have "September Layoff Confirmed - Performance Based"
Those "M5 level meetings" sound plausible
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, August 25, 2025
IRC logs for Monday, August 25, 2025