Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part I (Start of Series): Enter the “Cloud of Unknowing…”

Previous parts:



Clown of the unknowing
According to Thomas Petri, Bavarian Data Protection Commissioner "nobody is really in charge" when it comes to data protection matters at the EPO



Summary: The first part of an important series; historically, EPO has always sent out aggressive lawyers to issue threats when we exposed EPO-Microsoft collusion

THIS Part I isn't the same as the introduction to Part I. This is the body of the long story, which will be told responsibly and prudently for the coming fortnight, several times per day. Without further ado, and in spite of suppression attempts, we start this series.






Back in June 2015, it was reported that the Bavarian Data Protection Commissioner, Dr Thomas Petri, and the Federal German Data Protection Commissioner, Andrea Vosshoff, had raised serious concerns about the state of data protection at the EPO.

According to the German press, Dr Petri had previously investigated the data protection framework at the EPO in the spring of 2014 following a complaint and he had come to the conclusion that it was seriously deficient.

Referring to the lack of any genuine independent oversight in data protection matters, Dr Petri stated: "It emerged that nobody was really in charge".

"An optimist might like to believe that things have surely improved since then. Unfortunately there is no evidence of this."He called for an external data protection supervisor to be assigned to the EPO because the internal inspectors were not independent enough and "in the absence of any action matters are likely to get out of hand".

An optimist might like to believe that things have surely improved since then. Unfortunately there is no evidence of this.

In the meantime the EPO seems to have just muddled along relying on its traditional "three monkeys" approach to "rebutting" external criticism of its data protection framework.

3 monkeys
The EPO's approach to "rebutting" criticism of its data protection framework: See no evil – hear no evil – speak no evil



For example, when the EU General Data Protection Regulation (GDPR) came into effect in May 2018 during the final days of the Benoît Battistelli régime, the EPO's response was to issue a self-serving communiqué (warning: epo.org link) proclaiming its commitment to "ensuring the highest level of data protection" and announcing that "a recent audit report has confirmed a close alignment with the GDPR legal framework".

"The reader is expected to take the EPO's claim at face value despite the fact that it is scarcely credible that an independent external audit could have arrived at such a conclusion."Of course no substantive information about the "recent audit report" was provided.

The reader is expected to take the EPO's claim at face value despite the fact that it is scarcely credible that an independent external audit could have arrived at such a conclusion.

If Dr Petri was of the considered opinion that the EPO's data protection framework was deficient when measured against pre-GDPR data protection standards, then it's difficult to see how the same framework which hadn't changed in the meantime could be considered meet the even more stringent data protection standards imposed by GDPR.

As a matter of fact, a report commissioned by the EPO staff union SUEPO from external legal experts in 2016 confirmed that the EPO's data protection framework was not compliant with EU data protection standards and was in urgent need of a radical overhaul.

But it's necessary to understand that we are dealing here with the logic of the "système Battistelli".

"Perish the thought that someone could be so impudent as to call for an independent audit…"If Battistelli insists that the EPO's data protection framework is GDPR-compliant, well then it has to be. Anybody who dares to question that claim had better watch out! Perish the thought that someone could be so impudent as to call for an independent audit…

And it would be a grave mistake to think that things have improved on this front following Battistelli's departure.

More recently in September 2020, the EPO published a notice on the topic of "Data privacy policy for the processing of personal data in Microsoft 365".

Once again the reader is assured:

"The protection of your privacy is of the utmost importance to the European Patent Office (EPO). We are committed to respecting and protecting your personal data and ensuring your rights as a data subject. All data of a personal nature (i.e. data that can identify you directly or indirectly) will be processed fairly, lawfully and with due care."

For good measure the well-rehearsed schtick about GDPR-compliance is trotted out:

"We strive to keep our data protection framework in line with current best practices. A recent audit report has confirmed that it is in close alignment with the EU’s General Data Protection Regulation (GDPR)."

But where is this mysterious "recent audit report"?

Is it the same one that Battistelli referred to over two years previously back in May 2018?

"But where is this mysterious "recent audit report"?"Of course you're not supposed to ask and if you have the temerity to do so, then you'd better not hold your breath waiting for an answer.

But when you peel away the PR façade, what the public notice of September 2020 does provide in terms of factual evidence is an irrefutable indication of the increasing reliance of the EPO on cloud computing services hosted by Microsoft.

In the next part we will see how this was confirmed by a recent internal communiqué from EPO Vice-President Steve Rowan (warning: epo.org link), formerly Director of Patents, Trade Marks, Designs and Tribunals at the UKIPO.

Recent Techrights' Posts

SoylentNews Grows Up, Registers as a Business, Site Traffic Reportedly Grows
More people realise that social control media may in fact be a passing fad
 
More Information About Public Talks That Richard Stallman Gave This Week in Europe
Two talks in Switzerland
Engadget is Still a Spamfarm, It's Just an Amazon Catalogue (SPAM/SEO), a Sea of Junk Disguised as "Articles" With Few 'Fillers' (Real Articles) in Between
Engadget writes for bots now, not for humans
Richard Stallman's Talks in Switzerland This Week
We need to put an end to 'cancer culture'; it's trying to kill people and it is even swatting people
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, March 28, 2024
IRC logs for Thursday, March 28, 2024
[Meme] EPO's New Ways of Working (NWoW), a.k.a. You Don't Even Get a Desk at Work and Cannot be Near Known Colleagues
Seems more like union-busting (divide and rule)
Hiding Microsoft's Culpability in Security Breaches and Other Major Blunders (in the United Kingdom, This May Mean You Can't Get Food)
Total Cost of Ownership (TCO) is vast
Giving back to the community
Reprinted with permission from Daniel Pocock
Links 28/03/2024: Sega, Nintendo, and Bell Layoffs
Links for the day
Open letter to the ACM regarding Codes of Conduct impersonating the Code of Ethics
Reprinted with permission from Daniel Pocock
With 9 Mentions of Azure In Its Latest Blog Post, Canonical is Again Promoting Microsoft and Intel Vendor Lock-in, Surveillance, Back Doors, Considerable Power Waste, and Defects That Cannot be Fixed
Microsoft did not even have to buy Canonical (for Canonical to act like it happened)
Links 28/03/2024: GAFAM Replacing Full-Time Workers With Interns Now
Links for the day
Consent & Debian's illegitimate constitution
Reprinted with permission from Daniel Pocock
The Time Our Server Host Died in a Car Accident
If Debian has internal problems, then they need to be illuminated and then tackled, at the very least in order to ensure we do not end up with "Deadian"
China's New 'IT' Rules Are a Massive Headache for Microsoft
On the issue of China we're neutral except when it comes to human rights issues
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 27, 2024
IRC logs for Wednesday, March 27, 2024
WeMakeFedora.org: harassment decision, victory for volunteers and Fedora Foundations
Reprinted with permission from Daniel Pocock
Links 27/03/2024: Terrorism Grows in Africa, Unemployment in Finland Rose Sharply in a Year, Chinese Aggression Escalates
Links for the day
Links 27/03/2024: Ericsson and Tencent Layoffs
Links for the day
Amid Online Reports of XBox Sales Collapsing, Mass Layoffs in More Teams, and Windows Making Things Worse (Admission of Losses, Rumours About XBox Canceled as a Hardware Unit)...
Windows has loads of issues, also as a gaming platform
Links 27/03/2024: BBC Resorts to CG Cruft, Akamai Blocking Blunders in Piracy Shield
Links for the day
Android Approaches 90% of the Operating Systems Market in Chad (Windows Down From 99.5% 15 Years Ago to Just 2.5% Right Now)
Windows is down to about 2% on the Web-connected client side as measured by statCounter
Sainsbury's: Let Them Eat Yoghurts (and Microsoft Downtimes When They Need Proper Food)
a social control media 'scandal' this week
IRC Proceedings: Tuesday, March 26, 2024
IRC logs for Tuesday, March 26, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Windows/Client at Microsoft Falling Sharply (Well Over 10% Decline Every Quarter), So For His Next Trick the Ponzi in Chief Merges Units, Spices Everything Up With "AI"
Hiding the steep decline of Windows/Client at Microsoft?
Free technology in housing and construction
Reprinted with permission from Daniel Pocock
We Need Open Standards With Free Software Implementations, Not "Interoperability" Alone
Sadly we're confronting misguided managers and a bunch of clowns trying to herd us all - sometimes without consent - into "clown computing"
Microsoft's Collapse in the Web Server Space Continued This Month
Microsoft is the "2%", just like Windows in some countries