Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part VIII Addendum

Video download link



Summary: The letter or the press release issued half a year ago explains the severity of the scandal we've been dealing with in recent days and will likely deal with well into April

APPENDICES or addenda typically come at the end of a series, but this time we'd like to interject for a bit, especially when covering pertinent documents alluded to previously albeit not discussed in an in-depth fashion.



"The above text says nothing about security incidents, which may compromise data and render it accessible to virtually everybody in the world."This one merits further emphasis and an explanation of context/s.

The video above is an informal discussion about this press release [PDF] which is only half a year old. It was mentioned in Part VIII and its text is as follows (we also have an HTML version here):



711.424.1

Press Release

17 July 2020

After “Schrems II”: Europe needs digital independence



After the adequacy of the “EU-US Privacy Shield” was invalidated by a recent decision issued by the Court of Justice of the European Union (CJEU), the Berlin Commissioner for Data Protection and the Freedom of Information, Maja Smoltczyk, is now calling on data processors in Berlin to move any personal data stored in the USA to Europe.

In its decision of 16 July 2020 (“Schrems II”, C-311/18), the CJEU stated that the US authorities’ access to data belonging to European citizens is too extensive. As a result, personal data may generally no longer be transferred to the USA until the legal situation changes. There are some exceptions, especially in special cases stipulated by law, such as when booking a hotel room in the USA.

One of the findings noted in the CJEU decision concerns the government surveillance measures in the USA, which involve the mass collection of personal data with no clear limitations. This contradicts the Charter of Fundamental Rights of the European Union (Paragraph 180 et seq. of the Decision). The CJEU also indicates that European citizens are unable to request a judicial review of the surveillance measures carried out by the US authorities. This violates the European fundamental right to effective legal protection.

Personal data may only be transferred to third countries that ensure a level of data protection that is equivalent to the essence of the European fundamental rights. As the findings of the highest European court suggest that is not the case in the USA, the decision issued by the CJEU has invalidated the adequacy of the “EU-US Privacy Shield”, which was previously the basis for many personal data transfers to the USA. By contrast, the CJEU has ruled that “standard contractual clauses” are admissible under certain conditions; standard contractual clauses can be established between European companies and providers in third countries to ensure the European level of data protection abroad. Before the first data transfer, however, the CJEU emphasises that both European data exporters and third-country data importers are obliged to check whether the data could potentially be accessed by government authorities in the third country in a manner that goes beyond the access rights granted under European law (Paragraphs 134 et seq. & 142 of the Decision). If such rights of access are enjoyed by the government authorities, data may not even be exported on the basis of standard contractual clauses. Any data that has already been transferred to any such third countries must be retrieved. Contrary to the prevalent practice to date, data cannot be exported merely on the basis of standard contractual clauses (Paragraph 126 et seq. of the Decision).

Press Officer: Dalia Kues

Office: Cristina Vecchi

Email: presse@datenschutz-berlin.de

Friedrichstr. 219 D-10969 Berlin

Tel.: +49 301 388 9900 Fax: +49 302 155 050




The CJEU emphasises that the data protection supervisory authorities must prohibit unlawful data exports according to these new standards (Paragraphs 135 & 146 of the Decision), and that data subjects may claim damages for the unlawful exportation of personal data (Paragraph 143 of the Decision). This may especially include non-material damage (solatia); the amount of compensation must act as a deterrent in accordance with European law.

The Berlin Commissioner for Data Protection and the Freedom of Information calls on all controllers under her supervision to observe the CJEU’s decision. Controllers who transfer personal data to the USA, especially when using cloud-based services, are now required to switch immediately to service providers based in the European Union or a country that can ensure an adequate level of data protection.

Maja Smoltczyk: “The CJEU has made it refreshingly clear that data exports are not just financial decisions, as people’s fundamental rights must also be considered as a matter of priority. This ruling will put an end to the transfer of personal data to the USA for the sake of convenience or to cut costs. Now is the time for Europe to become digitally independent.

The CJEU has explicitly obliged the supervisory authorities to prohibit all unlawful data transfers, and we gladly accept the challenge. Of course, that not only applies to data transfers to the USA, which have already been outlawed by the CJEU; we must also check whether similar or perhaps even greater problems are involved in data transfers to other countries, such as China, Russia or India”.



The above text says nothing about security incidents, which may compromise data and render it accessible to virtually everybody in the world. It happened many times in the past. The very practice of outsourcing data -- no matter if within one's national jurisdiction or outside it -- is a bad idea. They just need to hire competent security professionals, employed in-house and regulated by rules and regulations of the employer, not only national laws.

In light of new revelations we expect this scandal and its coverage to last well into springtime. This is a very big deal, not just to the EPO and to Microsoft. More people are becoming involved now.

Recent Techrights' Posts

The 'Culture Wars' in Free Software Have Gone Out of Control
Social control media amplifies such utterly infantile discourse
10 Out of 10: RMS Attracts Massive Audience in Göteborg, Sweden (All Seats Occupied, Some People Standing)
a 55-second clip of his talk
The Lawsuit by Clients of Brett Wilson LLP Against Brett Wilson LLP is Officially On, It is Progressing, The 'Experts' Pick Outside Law Firms (RPC and Mills & Reeve) to Spare Them From Litigants in Person
So it is probably quite potent
Slopwatch: Plagiarism and "Linux" Articles by Bots
Sites that do this won't survive; many of them rely on slop services (suppliers) that will cease to exist after the bubble bursts
 
Geminispace is Very Large
The word continues to spread and the number of participants grows
Teaser: To Compensate for the Fact Our Clients Are Terrible Human Beings Who Strangle Women (While on Microsoft's Payroll) and We Get Paid by Mystery Parties We Bombard You and Your Wife With Almost 10 Kilograms of Legal Papers
If you can't win an argument, then drown the other side with papers?
Another Wave of Microsoft Layoffs, This Time During National Day Holiday
This time it's China again
Staying Happy in Times of Crackdowns on Civil Society
Optimism in this sort of "new reality" or "new normal" seems like something for the irrational person
"Nobel" Exploited Posthumously for "AI" Hype, Now They Do the Same With "Quantum"
ere have been many jokes about "Nobel" for peace (often granted to pro-war people) and a fake one for "Economics" (establishment propaganda)
Distinguished Lecture by Richard Stallman This Coming Monday in Rome
After "Free software, Crucial for Freedom in a Digital World"
Links 10/10/2025: Putin Admits Russia Downed Azerbaijan Airlines Jet, More New Heat Records
Links for the day
Noteworthy Claim That IBM is Firing a Lot of Lawyers This Week (RAs in the Legal Department)
A lot of what they do is patent 'trolling' or lawyering up against their own staff (e.g. HR disputes)
Links 10/10/2025: US Judge Bars Attacks by ICE On Journalists and Protesters; “We Took The Freedom of Speech Away” Says the President
Links for the day
Slopwatch: Serial Sloppers, Google News Gifting Slopfarms, and Fake News/Plagiarism About "Linux"
Google itself is a slop pusher these days
Qualcomm, the New Owner of Arduino, Blasted for Its Software Patents Tax on 'Smartphones'
A lot of Qualcomm's patents are on software. We wrote about this in prior years.
XBox Layoffs Rumours, Downtime, and Criticism From XBox Co-Founder
"everyone is ditching the xbox."
Links 10/10/2025: Honoring The Legacy Of Robert Murray-Smith, Many Articles on the Hey Hi (AI) Bubble
Links for the day
Gemini Links 09/10/2025: October Gothic and Reading Middle Earth Role Playing; C and Ada
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 09, 2025
IRC logs for Thursday, October 09, 2025
Links 09/10/2025: Farewell to Jane Goodall, California Bans Algorithmic Price-Fixing
Links for the day
Gemini Links 09/10/2025: Lost Wages and a Saga Of Continuing To Use Palm PDAs
Links for the day
Richard Stallman's Talk in Helsinki is Done. Tomorrow Göteborg.
There are scarce details in Finnish about Dr. Stallman's talk
New XBox Leaks Probably Serve to Confirm XBox's Collapse (Many More Layoffs)
It's very much consistent with what many other sites have reported lately
The Slop Song
The train wreck marches on
LLM Slop/Advanced Plagiarism Flooding the Zone With Capital That Does Not Exist
Many publishers out there still participate in this bubble instead of calling it what it is
Links 09/10/2025: Sacked Microsoft Workers Make "Sackbird", IBM Taps CockroachDB for PostgreSQL
Links for the day
"Happy Hacking Day" Richard Stallman Talk This Afternoon (From 14:00 to 16:00) at Haaga-Helia University in Pasila
Richard Stallman in Helsinki, Finland
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 08, 2025
IRC logs for Wednesday, October 08, 2025
Links 09/10/2025: Impact of Microsoft Layoffs, More Data Breaches
Links for the day
Gemini Links 09/10/2025: Autumn Blues and C IRC Bot
Links for the day
Slopwatch Appreciated by Real Authors of GNU/Linux Articles
We do try to keep on top of those things
Upgraded R.R.R.R.R.R. Today
The Web of 2025 is full of garbage, not limited to slopfarms
Freedom From Proprietary Prisons
Forking always an option
IBM's Watson Died in 1956, Now Watson Dies Again
IBM is becoming just a reseller of GAFAM and other stuff
Slopwatch: LinuxSecurity, UbuntuPIT, and Google News
We've also just noticed more slop from UbuntuPIT
Microsoft Says That Constant Mass Layoffs Are Success, the Media Isn't Buying This Microsoft Narrative Anymore
If people in the media feel an obligation to repeat whatever lies Microsoft tells, what point will there be to the media?
Links 08/10/2025: "Mali Puts Free Speech on Trial" And Apple Enforces Dictatorship
Links for the day
Links 08/10/2025: ‘Death to Spotify’ and Law to Ban Loud Commercials on Streaming (Dis)Services
Links for the day
Links 08/10/2025: Real Innovation and Nina.chat is Dead
Links for the day
Links 08/10/2025: Y2K38 Bug is a Vulnerability, Chat Control in Europe a Threat
Links for the day
Microsoft Windows is No Longer an Operating System, It's Surveillance Project
Why is this even legal to preload on PCs outside the US?
How and Why Once-Legitimate Sites Turn Into Slopfarms
Many sites will go offline and many social control networks will shut down once they realise or even openly admit they spend money and time gardening a bunch of bots and slop
UbuntuPIT Became a Slopfarm and Gnoppix Tarnishes Its Own Brand With Slop
It fits all the characteristics of mildly-edited (if at all) slop
Slopwatch: Linux Journal and Other Slopfarms
GAFAM needs to go the way of the dodo
Gemini Links 08/10/2025: "Seek Seek Revolution" and Gradient Backgrounds
Links for the day
Qualcomm Arduino Takes Aim at Raspberry Pi
Qualcomm is a Microsoft partner
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 07, 2025
IRC logs for Tuesday, October 07, 2025
Stagnation of the Economy and What Free Software Can (or Could) Do For It
If your economic model is based on a pyramid of lies, it won't last very long
Social Control Media is Sinking
it would rightly seem like the era of centralised "social" sites (they're not social, they're about controlling the users) is ending, not overnight but gradually