Bonum Certa Men Certa

EPOLeaks on Misleading the Bundestag -- Part 7: Ms Voßhoff Alerts the Bundestag…

Series index:

  1. The EPO Bundestagate -- Part 1: How the Bundestag Was (and Continues to be) Misled About EPO Affairs
  2. The EPO Bundestagate -- Part 2: Lack of Parliamentary Oversight, Many Questions and Few Answers…
  3. The EPO Bundestagate -- Part 3: A “Minor Interpellation” in the German Bundestag
  4. The EPO Bundestagate -- Part 4: Parroting the GDPR-Compliance Myth
  5. The EPO Bundestagate -- Part 5: The Federal Eagle's Disconcerting Metamorphosis
  6. EPOLeaks on Misleading the Bundestag -- Part 6: Dr Petri Starts the Ball Rolling…
  7. You are here ☞ Ms Voßhoff Alerts the Bundestag…


Federal Data Protection Commissioner



Summary: In July 2015, the Federal Data Protection Commissioner notified the Bundestag of her concerns

As is well known, the EPO made headlines in Germany in June 2015 following revelations about covert surveillance conducted by the Benoît Battistelli's notorious "Investigative Unit" which was reported to have deployed hidden cameras and key loggers in a manner that would have been illegal under EU and national data protection law in Germany.



Media reports about the EPO spy-scandal persuaded Ms Voßhoff to dust off the EPO file and renew her efforts to have this rogue organisation called to account by the Federal German authorities.

"Media reports about the EPO spy-scandal persuaded Ms Voßhoff to dust off the EPO file and renew her efforts to have this rogue organisation called to account by the Federal German authorities."In July 2015, Ms Voßhoff proceeded to write to Ms Renate Kunast, the Chairperson of the Legal Affairs Committee of the German Federal Parliament (the "Bundestag") to bring her concerns to the attention of German parliamentarians.

The text of Ms Voßhoff's letter [PDF] reads as follows (in translation):

I was made aware of the issue of the lack of independent external data protection supervision of the European Patent Office (EPO) by the Bavarian State Commissioner for Data Protection.

My efforts to improve data protection supervision at the EPO have so far been have so far been unsuccessful.

I would therefore like to draw the attention of the German Bundestag to the problem.

The European Patent Office is an organ of the European Patent Organisation (EPO) established by the European Patent Convention (EPC) and endowed with legal personality. It is therefore a supranational institution based on an international treaty with its headquarters in Munich and offices in The Hague, Berlin, Vienna and Brussels. Vienna and Brussels with about 6,800 employees. The contracting states are 38 European countries, including all EU member states.

The legal nature of the EPO means that there is no data protection supervision by an independent external body. Neither the Bavarian State Commissioner for Data Protection nor I can derive any competence from state or federal data protection law. The EPO is neither a public body of the State of Bavaria nor of the Federal Republic of Germany. The European Data Protection Supervisor is also ruled out as an independent supervisory body, as the EPO is neither an institution nor a body of the European Union.

Even if, according to the EPO's internal data protection officer, internal data protection regulations have been in place at the EPO since 1992, in particular based on the Data Protection Directive 95/46 EC, a lack of independent external data protection supervision is also taken as given from the EPO perspective.

In the interest of safeguarding the data protection rights of those affected, I have contacted the responsible Federal Ministry of Justice and Consumer Protection (BMJV) with the request to examine measures to close this supervisory and oversight gap, for example by means of a corresponding amendment to the EPC.

The BMJV has not yet taken up this suggestion. It refers to the necessity of a diplomatic conference of all 38 contracting states of the EPC for such an institutional reform of the EPC. This time-consuming procedure would not permit an amendment in the short term.

However, the Federal Ministry of Justice gives an assurance that it will continue to advocate, within the scope of its possibilities, compliance with and further development of high data protection standards and an independent data protection structure in its committee work within the EPO.

Although I have some understanding for the BMJV's position, the permanent absence of an independent external supervisory authority for data protection matters nevertheless poses a risk - that should not be underestimated - to the fundamental right to informational self-determination of the persons concerned given the processing of a large amount of personal data of applicants and staff at the EPO.

This risk is rendered apparent by a case that has now received press coverage. In an article dated 8 June 2015 (see attachment), the Süddeutsche Zeitung reported allegations that two publicly accessible computers at the EPO were placed under surveillance with so-called keyloggers and video cameras without the persons concerned being informed. Due to the current legal situation, no independent data protection supervisory authority can investigate these allegations.

Moreover, those potentially affected, in particular members of the Administrative Council, patent attorneys, employees and visitors to the EPO, lack any possibility of turning to an independent body capable of enforcing their rights to informational self-determination.

In view of the prevailing factual and legal situation, I would be grateful if the Legal Affairs Committee would address the issue in a supportive manner.



The Legal Affairs Committee of the Bundestag reacted to Ms Voßhoff's letter by placing the matter on its agenda for a meeting scheduled to take place in October 2015 [PDF].

It seemed that the Legal Affairs Committee was gearing up to investigate the worrying "supervisory and oversight gap" identified by Ms Voßhoff.

"As far as can be determined from the available evidence, the authors of this intrigue were the duplicitous Tweedledum and Tweedledee duo of the EPO‑Federal Justice Ministry nexus, Raimund Lutz and Christoph Ernst."However, as we shall see in due course, Ms Voßhoff's efforts to have the deficiencies in the EPO's data protection framework subjected to meaningful parliamentary scrutiny were derailed by what appears to have been a nefarious behind-the-scenes intrigue.

As far as can be determined from the available evidence, the authors of this intrigue were the duplicitous Tweedledum and Tweedledee duo of the EPO‑Federal Justice Ministry nexus, Raimund Lutz and Christoph Ernst.

Before delving into the details of the intrigue which derailed Ms Voßhoff's initiative, we will make a detour to look more closely at these two individuals and their respective roles in EPO affairs over the last two decades.

Recent Techrights' Posts

Rust People: Drain the Swap, You're Holding It Wrong
Does Rust make sense?
Slopwatch: LinuxSecurity, linuxconfig.org, and Plagiarised Phoronix
Many articles out there are nowadays fake
European Patent Office Illegally Gutting and Outsourcing Its Functions, Acting Like an Above-the-Law Commercial Business (It Won't Stop at Formalities Officers (FOs) and Classification Slop at the EPO)
breaking/violating laws and conventions
Links 19/09/2025: Lobbyist of American GAFAM Becomes Data Protection Commissioner in Europe
Links for the day
 
Links 20/09/2025: Internet Shutdowns, Media Censorship, and Climate Worries
Links for the day
About 700 New Gemini Capsules in 13 Months (or 54 Per Month)
4.8K would represent a 20% increase
Techrights the Name Turns 15
About 6 weeks from now we turn 19
Microsoft is Running Out of Time and Floating Fake Figures, Fake Projects, Fake Narratives, Fake Excuses
Also, a lot of Microsoft's "revenue" claims are circular financing (i.e. Microsoft buying from itself, which means Ponzi-like fraud)
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 19, 2025
IRC logs for Friday, September 19, 2025
Gemini Links 20/09/2025: Navigating the Pressures of Modern Life and SpellBinding Accidentally Wrote Another Gemini Server
Links for the day
Links 19/09/2025: Press Freedom Dying in US, Anti-Austerity Strikes in France, and Alan Rusbridger to Leave 'Prospect'
Links for the day
Offloading to the Sister Site
In the interest of not overwhelming readers
Links 19/09/2025: Coffee Club and "SpellBinding is Now Absurdly Fast"
Links for the day
Links 19/09/2025: Media Freedom Ceases to Exist in US, "Consider Dropping Twitter/X"
Links for the day
Gemini Links 19/09/2025: Thinking and Insect Bites
Links for the day
Microsoft E.E.E.: Git Will Now (or Very Soon) Fully Depend on Rust, Which is Controlled by Microsoft
Microsoft now makes Git dependent on Rust, or making Git dependent on GitHub, which is proprietary
The Right to Punch People (Apparently)
At Brett Wilson, Brett's job title is "Head of Crime" and Wilson normalises calls for violence
Slop or Fake Articles Have Turned Linux Journal From a Pioneering/Trailblazing "Linux" Magazine Into a Nuisance
some sites with former reputation - good reputation - turn into cesspools
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 18, 2025
IRC logs for Thursday, September 18, 2025
Brett Wilson LLP Seem to Have Had Only One Litigation Client in 2025, He Was Previously Charged, Just Like the Serial Strangler From Microsoft (Whom They Now Represent)
Karma is superstition, regulators are not
Project 2030 to Cover How "Project 2025"-Styled Anti-Media Zealots From America Targeted Techrights and Tux Machines
The common denominator is also their attacks on women
Brett Wilson LLP Failed to Meet Deadlines Set by Judge 7 Months Earlier, Tried to Ruin Our Holiday, Then Had the Audacity to Ask Us for Over 3,000 Pounds for Its Own Lateness
As a matter of principle we will never respond to assassin while we are on holiday
On Claims That After Bluewashing Red Hat Will Increasingly Become an Indian Company
Discussed this week (long and detailed)
Americans Attacking British Sites Only Months After They Leave America
We find it kind of funny if not ironic that this site, originally an American site, got legal harassment only from Americans and only months after it had moved to the UK
Despite Losing Over a Quarter Million Dollars a Year Software in the Public Interest (SPI) Gives Helping Hand to Libreboot
SPI's financial state depends a lot on its public image or its reputation
Slopwatch: Google Helps Plagiarism and Sends Traffic to Ripoff Artists
That Google as a company helps spamfarms is noteworthy
If You Want to Know the Future, Listen to the Free Software Foundation (FSF) and Andy Farnell
We're sure the FSF will have plenty of its own output
Links 18/09/2025: A Taliban Ban on Internet Access and Troubled US Job Market
Links for the day
Gemini Links 18/09/2025: Computer Literacy and Accessing Alhena's Database
Links for the day
Links 18/09/2025: US War on Media (Truth Banned, Cancel Culture by the Hard Right), NYT Chief Executive Warns Cheeto is Deploying ‘Anti-press Playbook'
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 17, 2025
IRC logs for Wednesday, September 17, 2025