Bonum Certa Men Certa
Links 17/4/2021: Linux 5.13 in Sight, Holland Warming up to Free Software | Renata Avila: Trying to Understand the Lynching of Stallman

Breaking News: EDPS Admits That It is Powerless to Investigate Claims of GDPR Non-compliance at the EPO

Nothing says 'European data protection' like outsourcing communications to an American surveillance firm



Summary: Nobody is truly in charge at the EDPS (and in Europe at large); they say EPO is "company" and all one can do is kindly ask the EPO itself to obey the law and stop outsourcing European data to American military contractors

Back in March, Techrights started publishing its exposé about the EPO's sell-out of its digital sovereignty to Microsoft.



At around the same time this matter was brought to the attention of the European Data Protection Supervisor (EDPS).

"Its primary objective is to ensure that European institutions and bodies respect the right to privacy and data protection when they process personal data and develop new policies."The EDPS is an independent supervisory authority established by the European Union. Its primary objective is to ensure that European institutions and bodies respect the right to privacy and data protection when they process personal data and develop new policies.

You might have thought that the EDPS would be interested to learn about the alleged GDPR non-compliance at an intergovernmental institution which processes large amounts of personal data relating to EU citizens. You might even have expected them to carry out some kind of independent investigation like the Bavarian Data Protection Commissioner did back in 2015.

But sadly it turns out to be another case of "Not My Department".

"You might have thought that the EDPS would be interested to learn about the alleged GDPR non-compliance at an intergovernmental institution which processes large amounts of personal data relating to EU citizens."In its response to the complaint filed about the EPO, the EDPS has now stated that it is powerless to investigate claims of GDPR non-compliance at the second largest European intergovernmental institution.

Instead it suggests to the complainants that they "could contact EPO directly [...] by sending an email to DPO@epo.org".

The EDPS adds: "You can find this information in the company's Privacy Policy, available here: EPO - Data protection & privacy." (warning: epo.org link)

So as far as the EDPS is concerned, the EPO is a "company" rather than a public intergovernmental institution?

"So as far as the EDPS is concerned, the EPO is a "company" rather than a public intergovernmental institution?"Surely this is beyond a joke...

If EU citizens have a problem with the EPO's failure to comply with GDPR, the only available solution is to complain to the EPO?

And that is going to fix things?

Sounds like somebody in Brussels needs a reality check... URGENTLY!!!

Here's the text of the letter:

Our ref.: ⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆



From: European Data Protection Supervisor

To: ⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆

Date: Friday, April 16, 2021

Dear ⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆⬆

We are writing in response to your complaint submitted to the European Data Protection Supervisor (EDPS) on 11 March 2021.

We would like to point out that the EDPS is the independent authority of the European Union (EU) that deals with the supervision of the processing of personal data done by EU institutions and bodies[1]. In this sense, our tasks are similar to the tasks of national data protection authorities in the EU Member States, but apply only at the level of the European Union and its institutions[2].

We have analysed the matter raised in your message, and it appears that your request does not relate to the processing of personal data by EU institutions or bodies.

The EDPS has no supervisory competence over other international organisations. In consequence, we regret to inform you that your complaint, regardless its possible merits, falls outside the jurisdiction of the EDPS and we therefore do not have any authority to investigate it.

Please be informed that the seat agreements that the international organisations have with their host states usually grant them certain privileges and immunities. These often exclude the application of national law to the international organisation and therefore, the national data protection authority (DPA) of its host state may not be able to assist you either.

However, please be advised that you could contact EPO directly regarding your complaint by sending an email to DPO@epo.org. You can find this information in the company's Privacy Policy, available here: EPO - Data protection & privacy.

Yours sincerely,



EDPS Secretariat

| Tel. (+32) 228 31900 | Fax +32(0)22831950 | › Email edps@edps.europa.eu European Data Protection Supervisor Postal address: Rue Wiertz 60, B-1047 Brussels Office address: Rue Montoyer 30, B-1000 Brussels @EU_EDPS www.edps.europa.eu

This email (and any attachment) may contain information that is internal or confidential. Unauthorised access, use or other processing is not permitted. If you are not the intended recipient please inform the sender by reply and then delete all copies. Emails are not secure as they can be intercepted, amended, and infected with viruses. The EDPS therefore cannot guarantee the security of correspondence by email.

[1] According to Regulation (EU) 2018/1725 (see https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX:32018R1725 '... the European Data Protection Supervisor, shall monitor the application of the provisions of this Regulation to all processing operations carried out by a Union institution or body...' (see Article 1(3)). According to Article 3(10), the ‘Union institutions and bodies’ are the Union institutions, bodies, offices and agencies set up by, or on the basis of, the TEU, the TFEU or the Euratom Treaty (see http://europa.eu/about-eu/institutions-bodies/index_en.htm for a full list).

2 For example, like national data protection authorities we also provide advice to the legislator on new legislative proposals and on initiatives having an impact on data protection and privacy.



Data Protection Notice

According to Articles 15 and 16 of Regulation (EU) 2018/1725 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, please be informed that your personal data will be processed by the EDPS, where proportionate and necessary, for the purpose of investigating your complaint. The legal basis for this processing operation is Article 57(1)(e) of Regulation (EU) 2018/1725. The data processed will have been submitted by you, or from other sources during the inquiry of your complaint, and this may include sensitive data. Your data will only be transferred to other EU institutions and bodies or to third parties when it is necessary to ensure the appropriate investigation or follow up of your complaint. Your data will be stored by the EDPS in electronic and paper files for up to ten years (five years for prima facie inadmissible complaints) after the case closure, unless legal proceedings require us to keep them for a longer period. You have the right to access your personal data held by the EDPS and to obtain the rectification thereof, if necessary. Any such request should be addressed to the EDPS at edps@edps.europa.eu. Your data might be transferred to other EU institutions and bodies or to any third parties only where necessary to ensure the appropriate handling of your request. You may also contact the data protection officer of the EDPS (EDPS-DPO@edps.europa.eu), if you have any remarks or complaints regarding the way we process your personal data. You can find the full version of our data protection notice on complaint handling at: https://edps.europa.eu/data-protection/our-role-supervisor/complaints-handling-data-protection-notice_en.

___________________________ [1] According to Regulation (EU) 2018/1725 (see https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX:32018R1725 '... the European Data Protection Supervisor, shall monitor the application of the provisions of this Regulation to all processing operations carried out by a Community institution or body...' (see Article 1(2)). According to paragraph 1 of the same article, the ‘Community institutions or bodies’ are the institutions and bodies set up by, or on the basis of, the Treaties establishing the European Communities (see http://europa.eu/about- eu/institutions-bodies/index_en.htm for a full list). [2] For example, like national data protection authorities we also provide advice to the legislator on new legislative proposals and on initiatives having an impact on data protection and privacy.


Notice the mistakes with the footnotes, the repetition, the odd formatting etc. A rushed job? Did they properly investigate the complaint at all? Or did they look for excuses to dismiss it upfront? Did they use a template that refers to the subject as "company" or do they seriously think EPO is now a for-profit corporation? And if so, are corporations above the law and above the state? Here's the original [PDF] FWIW.

Links 17/4/2021: Linux 5.13 in Sight, Holland Warming up to Free Software | Renata Avila: Trying to Understand the Lynching of Stallman

Recent Techrights' Posts

EPO Strike a Week From Now, After That Strikes Can Become Permanent
A week from tomorrow there will be another strike
Your Site Should Implement Its Own Search (Before It's Too Late)
GAFAM was never trustworthy
 
The Media Sold Out to Slop Bros
If you wish for the hype to stop, then stop participating in it
The Only Non-IBM Staff in Fedora Council/Leadership Attacks Booting Freedom (Just Like the Master Wants)
Last week IBM laid off almost 1,000 people in Confluent and the media didn't write anything about it, so don't expect anyone in what's left of the media to comment on Fedora's demise and silent layoffs at Red Hat
Just Like a Founder of XBox Said, Microsoft XBox is Collapsing, Management Continue to Jump Ship
Nowadays Microsoft tries to promote this idea that Windows is XBox and XBox is Windows
Links 22/03/2026: Slop Triggers Emergency at Meta, Energy Prices Rise Sharply
Links for the day
Links 22/03/2026: Microsoft 'Open' 'AI' in Legal Trouble (Plagiarism, Distortion, Misrepresentation); Facebook/Meta Kills Off "Horizon Worlds"
Links for the day
Racism Dressed Up as "Choice"
Racism is rampant at IBM
Probably an All-Time Record
Our investment in our own SSG is paying off
Gemini Links 22/03/2026: LLM Slop Attacks USENET, Announcing Pig (New Game in Gemini Protocol)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 21, 2026
IRC logs for Saturday, March 21, 2026
SLAPP Censorship - Part 18 Out of 200: Third Parties Funding Attacks on the Messengers, Lawsuits Against GAFAM-Critical Voices That Uphold Real National Security
Women are like kryptonite to them
Never Trust People Who Write Their Own Wikipedia Pages (Vanity Pages About Themselves) or Ask Friends to Do So. Also: Jono Bacon is Married to Microsoft.
We'd hardly be the first to point out Wikipedia isn't what it seems
No Tolerance for Attacks on Family Members
Being a Free software activist ought not lead to "collateral damage" like attacks on family members, including doxing
Sirius Open Source is Just a Zombie Firm With Shell Entities
Many companies fake their health and their size
Communities Can Only Survive When Trust Prevails
PCLinuxOS is still a vibrant and authentic community
Techrights Was Always a Community Site
The harder we're attacked, the more people participate in the site
Maintenance Reminder
We'll carry on publishing
Behind the PR Smokescreen and Microsoft-Sponsored Chaff, Microsoft Layoffs in "AI" Alleged This Month
In an age when ~1,000 simultaneous layoffs aren't enough to receive any media coverage, what can we expect remaining publishers to tell us about Microsoft layoffs in 2026?
EPO "Cocaine Communication Manager" - Part VIII - Mobbing and Silencing of Dissenting Staff
that's the very cornerstone of functional democracies with real opposition parties
Bluewashing at Confluent: Some Workers to Leave Within 3 Months (IBM Mass Layoffs)
Is the "era of AI" an era when none of the media will mention over 800 layoffs? [...] There's a lesson here about the state of the contemporary media, not just IBM and bluewashing
Microsoft OpenAI, Drowning in Debt and Forced to Make Significant Cuts (as Reports Reveal This Month), Does Hiring Disguised as "Takeovers" to Fake Value or Alleged Potential
Remember what happened to Skype last year
Reader Shares Recent Memes on Slop and 'Coding' by LLMs
"just some funny memes I thought were relevant to current coverage."
Slop Does Not Replace Art, It Contaminates Everything With Reckless Nonsense
many Computer Scientists do not want programs to get contaminated by slop
Coders Don't Just Reject 'Vibe Coding' Because They're "Luddites", They Just Know the True Cost of Slop
if some programmer says slop sucks, don't rush to assume selfishness or defence of one's occupation
When Nobody Else Covers the News
There's an obvious "media blackout" regarding the mass layoffs
Links 21/03/2026: David Botstein Dies, Slop as Censorship Apparatus
Links for the day
Links 21/03/2026: Metastablecoin Fragmentation and Crescent Moon
Links for the day
Gemini Links 21/03/2026: Historic Ada Docs; The Lurking LLM on the SmolNet
Links for the day
HSBC the Latest Failed Bank Using Slop as Excuse for Its Financial Failure
"HSBC is planning on cutting as many as 20,000 jobs in the near future as the company allies with AI revolution."
Invitation to General Assembly After 1,200 EPO Workers Participated in the Demonstration 3 Days Ago
"the strike of 19 March was also very well followed."
A/Prof Susan G Kleinmann, Enkelena Haxhija & Debian-private risk to MIT
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, March 20, 2026
IRC logs for Friday, March 20, 2026
SLAPP Censorship - Part 17 Out of 200: A Long Track Record of Online Abuse, Then Choosing a Low-Cost Law Firm to Muzzle People Who Have Illuminated This Abuse for Over a Decade
Censorship by targeting ISPs and webhosts isn't unprecedented
Plagiarism in "Linux" Clothing (LLM Slop in linuxiac.com, LinuxTeck.com, and linuxsecurity.com)
The net effect of those slopfarms is very negative
Links 20/03/2026: Facebook Weaponised Politically, Openwashing by LF and NVIDIA, Encyclopedia Britannica Sues Microsoft Proxy for Plagiarism
Links for the day
The EPO's Local Staff Committee Munich (LSCMN) Explains to the Administrative Council (AC) How Bad Things Have Become at Europe's Second-Largest Institution, Biggest Patent Office, and Corruption/Cocaine Hub (Jobs Sold to Friends)
We'll say a bit more tomorrow
IBM's Red Hat Diversity: Only 3 Women (Out of 11 Leaders)
For comparison's sake, the FSF is about 50% female
Symptom of Publishers Dying: They Move to Adopt Slop. Symptom of Software Companies Dying: They Move to Adopt Slop ('Vibe').
It'll always fail. It's hype. It's a bubble.
Under IBM, Red Hat Replaces Code With LLM Slop, Fedora is Slopware
Not even hiding it, those things are in plain sight
Gemini Links 20/03/2026: Depictions of Culture and The Social Smolnet
Links for the day
SimilarWeb Was Never a Reliable Yardstick for Traffic
5RB may need some "house-cleaning"
Strangulation, suffocation, Jonathan Carter & Debian toxic culture confirmed
Reprinted with permission from Daniel Pocock
Reports or Hearsay Suggest Ogilvy Broke Up With IBM and Insiders Report Mass Layoffs in "Infrastructure" (Might Impact Red Hat Entrants)
hearsay in Social Control Media
Scheduled Server Maintenance Tomorrow Night
Starting 9PM
None of the Above (NotA) & Debian snubbing Sruthi Chandran
Reprinted with permission from Daniel Pocock
Links 20/03/2026: Cryptography Pioneers Win Turing Award and BMG Sues Anthropic for Copyright Infringement
Links for the day
Even Uganda Understands That Journalists Never Belong in Prison
"Ugandan authorities must respect the spirit of this ruling and abandon any measures that seek to jail Ugandans for the free flow of ideas."
Inaction Helps Your Enemies
Without freedom, there's nothing else left
Windows Down From 99% to ~50% in Republic of Seychelles (République des Seychelles)
Windows fell by a lot
"systemd is essentially a corporate IBM/Redhat project and corporations of course will comply"
Microsoft and IBM care about users' freedom like Cheeto Lump cares about the US Constitution
Confluent Insiders: IBM Laid Over Over 800 at Confluent, Not Just 800
For the record, the layoffs at Confluent won't be over. After the bluewashing there will be "IBM RAs" impacting Confluent folks, aside from PIPs
The Layoffs at IBM Carry on (Shades of Enron)
Is IBM another Enron?
"IBM boss Arvind Krishna... financial package valued at $38 million in calendar 2025 - equivalent to the average collective pay of 765 Big Blue workers."
continues to ruin the company to enrich himself while pretending he has a strategy
Gemini Links 20/03/2026: Digital Identity Bifurcation and a "Return to Gemini"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, March 19, 2026
IRC logs for Thursday, March 19, 2026