06.01.15
Gemini version available ♊︎EPO Reluctantly (and Privately) Confirms Giving Public Money for Military-connected ‘Control Risks’ to Spy on Journalists and Their Sources While Techrights is Under Fresh DDOS Attacks
Confirmed: European public money wasted attacking the public’s right to know the truth
Summary: The EPO President — or anyone who is referred to as ‘appointing authority’ — finds himself even deeper in a scandal as he silently attacks the very same people whom he pretends to negotiate with by contracting spies from London (to maliciously target British journalists)
THERE is a very large number of cracking attempts against Techrights at the moment (far more than usual). There is definitely also a DDOS attack against Techrights and the pattern can be demonstrated (it comes in waves), starting days ago. Readers have been writing about the site being down, the database being down, etc. because these attacks took the site down many times over the weekend. As a fairly experienced professional in this area (I do this for a living, focusing on sites and servers), even I am struggling. Babysitting the server and aggressive filtering became imperative, making the composition of new articles a secondary priority at best. As we have pointed out before, many of these issues started when we began criticising the EPO and showing corruption in it. Other sites that criticise the EPO report similar issues and the EPO has undoubtedly blocked Web sites critical of the EPO.
We finally have the EPO’s admission that it hired a military-connected company to spy on critics (including Techrights, based on our sources). This ought to do the EPO’s already-poor reputation no favours. This may also be illegal. If the EPO has the guts to hire a military-connected company to spy on critics, it wouldn’t be much of a stretch to also attempt cracking (forcibly gaining access to data).
The EPO is now paying (European taxpayers’ money) to military-connected company called ‘Control Risks’. We’ve been told they spy on us specifically, but we imagine they might also spy on IP Kat (Google-hosted).
“According to a comment received on her earlier post,” wrote IP Kat, “Merpel understands that the European Patent Office has responded by means of the following internal Communiqué to the concern about reports that Control Risks (who describe themselves as “an independent, global risk consultancy specialising in helping organisations manage political, integrity and security risks in complex and hostile environments”) has been commissioned by the EPO to investigate staff members…”
Here is the full text:
Investigative Unit and external firms
26.05.2015
Regarding questions raised in recent publications and blogs
Dear colleagues,
Some recent publication and blogs have questioned the participation of an external firm in EPO activities related to the Investigative Unit. I want to clarify that because the EPO Investigative Unit is rather small in terms of staffing, we need to be able to contract external companies to support our fact finding enquiries. This is one reason why an external firm can be chosen in regard to an investigation, operating within the regulatory framework of the EPO, under the full supervision of the Investigative Unit.
The European Patent Office cannot comment on specific internal investigation cases. This lack of comment is to protect the integrity of any such case and protect the interest of all parties concerned. However I would like to remind the Office has a duty of care to its employees including to investigate allegations of harassment against them by other employees. Investigations can only take place following specific allegations, made by EPO staff or external parties, and these investigations are independently and objectively carried out by the Investigative Unit, under its sole responsibility.
The investigation process of the EPO follows the best international standards and allows persons to be heard, to respond and to defend themselves against any allegations, before any conclusion of misconduct would be reported to the employee’s appointing authority. Only in any case where a serious misconduct is confirmed by the Investigative Unit, a disciplinary case could be instigated where the subject has a further right to be heard before a disciplinary committee and before any subsequent decision on a sanction would be taken.
In 2014, the Investigative Unit received 68 allegations of misconduct (-23% compared to 2013), 50% being already rejected as insufficiently specified.
So the EPO has in fact just confirmed, internally, that it hired spies (the London-based ‘Control Risks’) and it’s known who the targets are. Merpel’s response to it (remember they’re based near London) is this: “Merpel welcomes this response, but regrets that it was made only internally, when the concern raised was much more widespread, and wonders what the EPO Communications department is up to. She notes that, although it is only stated that an “external firm” has been engaged, the Communiqué appears in essence to confirm the original reports concerning Control Risks.”
Well, another important point from Merpel is that “the Investigative Unit (and by extension, Control Risks) has the power to invade the privacy of the subject to an extent that would cause uproar if it happened in a national patent office or in any private enterprise operating within the EU.”
This is not over. We will revisit this subject again and we will do our best to get to the bottom of this. Given the EPO’s appointment of thugs, bullies and alleged criminals to top positions, readers shouldn’t be reluctant to assume the worst. █
ᶃ Gemini Space
This post is also available in 
Content is available under CC-BY-SA
Canta said,
June 1, 2015 at 9:34 am
Dr. Schestowitz,
Is there available anywhere in TechRights a link to download backups from the site’s DB?
If not the case, do you think it would be a good idea to compile automated pediodic backups and put them online somewhere?
I’m troubled about this constant attacks to FLOSS initiatives and free press. Techrights is a magnificent job, to the day i wouldn’t know how to replace it if someday it happens to be offline, and this place has so far collected a huge size of information.
Thanks.
Dr. Roy Schestowitz Reply:
June 1st, 2015 at 11:29 am
We used to have that in the first year or two of the Web site, but then it grew too large and there were timeouts (well over 2GB DB now).
It was 800MB in size when I last updated this page:
http://techrights.org/site-archives/
I regularly make complete backups with copies in various safe places, so it would be virtually impossible for anyone/s to destroy the data, even if they manage to corrupt the database (which happened several before, due to DDOS whose intention might be that). It happened twice in the past month alone.
Several years ago we considered setting up a mirror in Canada, but I no longer think it’s a safe place for hosting.