Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part VIII Addendum

Video download link



Summary: The letter or the press release issued half a year ago explains the severity of the scandal we've been dealing with in recent days and will likely deal with well into April

APPENDICES or addenda typically come at the end of a series, but this time we'd like to interject for a bit, especially when covering pertinent documents alluded to previously albeit not discussed in an in-depth fashion.



"The above text says nothing about security incidents, which may compromise data and render it accessible to virtually everybody in the world."This one merits further emphasis and an explanation of context/s.

The video above is an informal discussion about this press release [PDF] which is only half a year old. It was mentioned in Part VIII and its text is as follows (we also have an HTML version here):



711.424.1

Press Release

17 July 2020

After “Schrems II”: Europe needs digital independence



After the adequacy of the “EU-US Privacy Shield” was invalidated by a recent decision issued by the Court of Justice of the European Union (CJEU), the Berlin Commissioner for Data Protection and the Freedom of Information, Maja Smoltczyk, is now calling on data processors in Berlin to move any personal data stored in the USA to Europe.

In its decision of 16 July 2020 (“Schrems II”, C-311/18), the CJEU stated that the US authorities’ access to data belonging to European citizens is too extensive. As a result, personal data may generally no longer be transferred to the USA until the legal situation changes. There are some exceptions, especially in special cases stipulated by law, such as when booking a hotel room in the USA.

One of the findings noted in the CJEU decision concerns the government surveillance measures in the USA, which involve the mass collection of personal data with no clear limitations. This contradicts the Charter of Fundamental Rights of the European Union (Paragraph 180 et seq. of the Decision). The CJEU also indicates that European citizens are unable to request a judicial review of the surveillance measures carried out by the US authorities. This violates the European fundamental right to effective legal protection.

Personal data may only be transferred to third countries that ensure a level of data protection that is equivalent to the essence of the European fundamental rights. As the findings of the highest European court suggest that is not the case in the USA, the decision issued by the CJEU has invalidated the adequacy of the “EU-US Privacy Shield”, which was previously the basis for many personal data transfers to the USA. By contrast, the CJEU has ruled that “standard contractual clauses” are admissible under certain conditions; standard contractual clauses can be established between European companies and providers in third countries to ensure the European level of data protection abroad. Before the first data transfer, however, the CJEU emphasises that both European data exporters and third-country data importers are obliged to check whether the data could potentially be accessed by government authorities in the third country in a manner that goes beyond the access rights granted under European law (Paragraphs 134 et seq. & 142 of the Decision). If such rights of access are enjoyed by the government authorities, data may not even be exported on the basis of standard contractual clauses. Any data that has already been transferred to any such third countries must be retrieved. Contrary to the prevalent practice to date, data cannot be exported merely on the basis of standard contractual clauses (Paragraph 126 et seq. of the Decision).

Press Officer: Dalia Kues

Office: Cristina Vecchi

Email: presse@datenschutz-berlin.de

Friedrichstr. 219 D-10969 Berlin

Tel.: +49 301 388 9900 Fax: +49 302 155 050




The CJEU emphasises that the data protection supervisory authorities must prohibit unlawful data exports according to these new standards (Paragraphs 135 & 146 of the Decision), and that data subjects may claim damages for the unlawful exportation of personal data (Paragraph 143 of the Decision). This may especially include non-material damage (solatia); the amount of compensation must act as a deterrent in accordance with European law.

The Berlin Commissioner for Data Protection and the Freedom of Information calls on all controllers under her supervision to observe the CJEU’s decision. Controllers who transfer personal data to the USA, especially when using cloud-based services, are now required to switch immediately to service providers based in the European Union or a country that can ensure an adequate level of data protection.

Maja Smoltczyk: “The CJEU has made it refreshingly clear that data exports are not just financial decisions, as people’s fundamental rights must also be considered as a matter of priority. This ruling will put an end to the transfer of personal data to the USA for the sake of convenience or to cut costs. Now is the time for Europe to become digitally independent.

The CJEU has explicitly obliged the supervisory authorities to prohibit all unlawful data transfers, and we gladly accept the challenge. Of course, that not only applies to data transfers to the USA, which have already been outlawed by the CJEU; we must also check whether similar or perhaps even greater problems are involved in data transfers to other countries, such as China, Russia or India”.



The above text says nothing about security incidents, which may compromise data and render it accessible to virtually everybody in the world. It happened many times in the past. The very practice of outsourcing data -- no matter if within one's national jurisdiction or outside it -- is a bad idea. They just need to hire competent security professionals, employed in-house and regulated by rules and regulations of the employer, not only national laws.

In light of new revelations we expect this scandal and its coverage to last well into springtime. This is a very big deal, not just to the EPO and to Microsoft. More people are becoming involved now.

Recent Techrights' Posts

Attacks on Techrights Are Only Making Techrights Bigger and Even More Popular
A week ago they offered to settle with us
EPO Staff Can Go Listen to Richard Stallman Next Week in Munich (Technical University of Munich, Rudolf-Diesel Hörsaal (MW2001) on Campus Garching at 18:00)
"The talk is open to the public and attendance is free. Registration is not required."
 
Links 15/10/2025: Qantas Airways Loses Control of Sensitive Data and Software Patents Are Being Thrown Out
Links for the day
Vista 10 is 'Dead', Here's Why People Should Move to GNU/Linux (or the BSDs)
Today we try to make an outline of reasons move away from Windows to GNU/Linux
Our Sites Continue to Improve
LLM slop has had no noticeable impact on us
Gemini Links 15/10/2025: Neovim, Helix Compared and Gemlog.blue Now Closed
Links for the day
Links 15/10/2025: Mass Layoffs at Amazon, OneDrive Spyware Revved Up, More 'Gen Z Protests'
Links for the day
The EPO's Staff Engagement Survey 2025 is Already Tainted by Intimidation by EPO Management (Trying to Influence Outcomes by Scaring Genuine, Honest Critics)
"[W]e have received reports that, following the previous survey, teams with negative responses were reproached or questioned about their answers..."
The DDoS Attacks by Microsoft's Scam Altman and Other Slop Charlatans and Frauds is Hurting the FSF, Delinking It From Copyleft Projects
This impacts a lot more than access to the licences
Microsoft Scanning Faces in Photos People Upload to Microsoft (Even Unconsciously), Slashdot Turns Report About It Into "Microsoft Sez" (Says)
Or "let's repeat the lies from a PR person/Microsoft's publicist"
[Teaser] Angel Aledo Lopez the Manipulator (Nepotism, Poll Rigging, and Other EPO Corruption)
We'll discuss this later today or tomorrow, based on internal EPO material
Epic Metaphor for End of IBM: "The IBM Demolition is Down to the Last Shards!"
Nothing lasts forever
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 14, 2025
IRC logs for Tuesday, October 14, 2025
Proprietary and DRM Prisons Spiralling Down the Sinkhole? Not Just Yet.
Let's hope that more people will flee to GNU/Linux
The European Patent Office (EPO), the Second-Largest Institution in Europe, is Cracking Down on Recreational Activities
Without AMICALE activities, and as staff already says it's pressured to work more for less, how can the EPO recruit bright people?
Transparency: FSFE financial reports exclude speaker fees and expenses
Reprinted with permission from Daniel Pocock
Many Developers Have Many Political Views, They'll Never Agree on Everything
It's an effort to divide and destroy, not build
Gemini Links 14/10/2025: An Opportunity to Consider GNU/Linux and Another Simple IRC Client
Links for the day
Slopwatch: UbuntuPIT, LinuxSecurity, Google News, and the Serial Slopper Brian Fagioli
Nothing of merit here, just more slop
Links 14/10/2025: Lack of Trust in Slop and "Retirement Challenges"
Links for the day
Rhonda D'Vine, Gerfried Fuchs, Pronouns & Debian pregnancy cluster
Reprinted with permission from Daniel Pocock
At IBM, Relocation Means Layoffs (Downsizing)
Silent or 'invisible' layoffs?
Central Staff Committee of the European Patent Office (EPO) Warns That EPO Management is Robbing or Manipulating Pension Funds Again
Faking "growth" is just about as bad as forgery
Probably a Lot Worse Than LLM Slop: GNOME Tying Itself to Divisive Politics, Even Where It's Clearly Not Relevant
Something has gone terribly wrong in GNOME
Links 14/10/2025: Microsoft OneDrive Scanning Faces in Photos (Without Asking First), "OpenAI Says It Will Move to Allow Smut"
Links for the day
They Generally Don't Like Scholars, as They're Less Compelled or Pressured to Repeat What Corporations and Oligarchs Say
People who loathe scholars have an agenda in mind that, unlike that of reasonable people, revolves around controlling people
Dystopian Trends in Technology Make Richard Stallman More Relevant Than Ever
It's good to see him attracting vast audiences
Belated New Article About Last Thursday's Lecture by Richard Stallman in Helsinki, Finland
there are good reasons to pay with cash, not limited to privacy
Attacking Richard Stallman Has Become 'Career Suicide'
If you're going to viciously attack somebody, make sure your arguments are rock-solid
Microsoft's Failing XBox Business Has Turned Games Into Funerals
How does it feel to depend on Microsoft?
Yesterday's "Distinguished Lecture" by Richard Stallman Possibly Attended by Close to 1,000 People
The capacity of the place is about 900
Slop Poisons Everything
Imagine wanting to find what Torvalds has just said or what has just been released
Taking Software Freedom 'Mainstream'
interest in Software Freedom must have grown
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, October 13, 2025
IRC logs for Monday, October 13, 2025
Gemini Links 14/10/2025: Ada Lovelace Day, Sony CLIE PEG-TG50 Review, Why to Avoid Network Solutions
Links for the day
Richard Stallman (RMS) Announced His Talk Less Than 24 Hours Before It Took Place and Still Filled Up the Auditorium at Sapienza Università di Roma
Photos from yesterday evening [...] It looks like it was a very successful event
The EPO's War on Techrights Was a Massive Mistake
The EPO started the SLAPPs after we had published a few hundreds of articles; we've since then published close to 6,000 because the attacks on us emboldened insiders to help us
General-Purpose Computers to Become Growing Area of Coverage
Without them, we have little left for controlling our lives
"They missed a great opportunity to shut up." -Jacques Chirac
Brett Wilson LLP has been trying to cheat the legal system many times
Harassment evidence: Switzerland, overcrowded fitness and yoga centers, incompetence and racism in accident response
Reprinted with permission from Daniel Pocock
Vincent Danjean & Debian NXIVM collateral, blackmail risks
Reprinted with permission from Daniel Pocock
In Sweden This Past Friday Richard Stallman Explained Why Copyleft is Important
And he didn't have to 'bash' BSDs, either
IBM Layoffs Due to a Lack of Money and Company Debt Rising by Almost 10 Billion Dollars in 6 Months
IBM didn't buy Red Hat for any ideological reasons; it was a fast "cash grab" for revenue
Forbes Already Stopped Being a News Sites. Now It's a Spam and Propaganda Platform for "Paying Partners" (Companies).
news from Forbes became very scarce
Is the Second-Largest Institution in Europe (EPO) Gradually Becoming More Like a Sweatshop?
Underpaid, unqualified, inexperienced and incompatible people are already recruited to replace veteran examiners
The Register MS Has No FOSS Coverage Anymore
The Editor in Chief is like a Microsoft plant
Links 13/10/2025: "Toasty Subwoofer" and WiFi Speakers "Are About To Go Dumb"
Links for the day
Gemini Links 13/10/2025: iNaturalist and Tove Jansson’s Moominpappa at Sea
Links for the day
Microsoft Does Not Deny That Large Retailers Like Walmart, Costco and Target Are Giving Up on XBox (and Not Stocking It)
No doubt XBox is in trouble and rumours suggest that more mass layoffs are imminent
We'll Encourage Richard Stallman to Talk About Software Patents at the EPO Next Week When He Visits Munich (EPO Headquarters)
Go listen to Richard Stahlmann
Investigative Journalism Protects Society From Corruption, Crimes Against Women, Assaults on Civil Society
"what is the point of men doing military practice to defend a system that is so rotten?"
Swiss pimp usurping reputation of legendary Tissot boss Francois Thiébaud from France (BaselWorld, SWATCH Group SA)
Reprinted with permission from Daniel Pocock
Paris 'Love Nest' & Debian Outreachy: from Lycée Lakanal to ENS Cachan, Cr@ns, nepotism
Reprinted with permission from Daniel Pocock
Richard Stallman to Give Public Talk in 3 Hours, Then in the Technical University of Munich (Germany) Next Week
Richard Stallman at TUM on 21.10.2025 18:00, MW2001
Arnaud Parreaux lost case defending rogue employer
Reprinted with permission from Daniel Pocock
Mathieu Elias Parreaux declared bankrupt in Switzerland
Reprinted with permission from Daniel Pocock
Breakdown of the Rule of Law and Patent Law in the European Union (EU)
The EPO cannot recruit suitably qualified patent examiners this way, let alone retain them
Gemini Links 13/10/2025: Good Films, Wizard of Earthsea, Upgrading the Steam Controller's Stick
Links for the day
Leaks and Whistleblowers: Our Plan for Today
Society simply cannot advance when too many people self-censor
It's Not Justice When One Side Denies the Other Side the Ability to Even Speak
At this stage, Brett Wilson LLP is in my humble opinion acting in contempt of the Court
Links 13/10/2025: Australian Catholic University Uses Slop to Libel Students, Canada Threatens to Kill Beluga Whales
Links for the day
How Not to Silence Tux Machines (It'll Only Backfire, Badly)
defending Microsoft while attacking this site
Slopwatch: UbuntuPIT and Google News
It seems abundantly clear that Google News and Google in general participates in the slop epidemic
Vincent Danjean (not INTERPOL), Claire Bardel & Debian pregnancy cluster
Reprinted with permission from Daniel Pocock
Christmas lynchings: Martin Krafft (madduck), Penny Leach (mjollnir) & Debian pregnancy cluster
Reprinted with permission from Daniel Pocock
Gemini Links 13/10/2025: Birthdays and "Committee Unable to Contact Nobel Prize Winner"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 12, 2025
IRC logs for Sunday, October 12, 2025