03.15.21
Gemini version available ♊︎Response to the EPO’s Response to Techrights About Microsoft ‘Cloud’ (Still Failing to Justify the GDPR Violations)
Summary: In another ‘damage-limiting’ or face-saving exercise, as soon as we published details about the illegal Microsoft deal (outsourcing all key data to the US) EPO management issued a baffling and severely flawed statement to staff; the video above is an informal response to it
FOR those who don’t know, Microsoft has given us a gift — a timely worldwide (global) downtime that serves as a cautionary tale to outsourcers (a.k.a. “clown computing” experts and gurus).
“The long track record of lying makes line managers and top-level managers anything but credible.”Recently there has been downtime in GitHub, LinkedIn, and now Azure…
Microsoft E-mail servers are down in unprecedented numbers and GitHub became a censorship machine looking to cover up a massive blunder. Microsoft itself got cracked not too long ago (its source code got copied across after Microsoft’s internal operations had been hijacked) and no amount of lying or excuses could stick for very long. In fact, all this confidential data may have already been leaked. Azure too had a major data breach only weeks ago. The list goes on and on… so we’re omitting links (reports about this are all over the place and very easy to find; some are as recent as hours ago and our Daily Links contain many). To give just one example, hours ago there was “Microsoft customers locked out of Teams, Office, Xbox, Dynamics – and Azure Active Directory breakdown blamed” in British press that’s in Microsoft's pocket (which one can expect to parrot Microsoft’s face-saving excuses).
But this post isn’t about Microsoft losing control of just about everything… everything. It’s a catastrophe for them. This post is about the EPO’s (management) ‘love letter to Techrights’.
“Latest statement,” a source told us, seem to concern us directly. “The latest statement issued on the EPO Intranet about using Microsoft cloud services is [shared] for information. This statement was published internally on Friday (12 March) – no time-stamp given. Quite possible that it is a reaction to the Techrights posting on Friday… :-)”
We’ve examined it closely. Clearly a response to the series and a very weak response. Very weak. Unlike (I think) trying to bribe pay my friends. The problem they have at the management of the EPO is that their staff trusts Techrights, not their managers. The long track record of lying makes line managers and top-level managers anything but credible. As somebody put it yesterday in relation to the e-EQE blunder: “For those who are seasoned observers of the EPO, it is no surprise that their management would decide to issue a self-congratulatory statement that others might find difficult…”
The words discussed in the video above are available as a raw text file or as simplified HTML below:
Home > Organisation > DG 1 > The Vice-President > Announcements > 2021
12.03.2021
Follow-up information on the use of MS cloud services in DG 1
The VP 1 news item “Outlook Migration to the Cloud” of 04.02.2021 was based on the following main rationale:
Given Microsoft’s obligation under US law to grant security and intelligence agencies access to data stored in its cloud, very sensitive data of the Organisation itself and data our applicants expect us to treat with special care need to be encrypted. This includes information classified as “EPO strictly confidential” (information unauthorised disclosure of which could compromise or cause severe damage to the EPO or could cause damage to an identifiable individual or his or her reputation), and additionally the highly sensitive data of unpublished patent applications and information relating to unpublished patent applications.
Considering the feedback received after publication of VP 1′s item of 04.02.2021 and the results of further investigations with major stakeholders (BIT, DPO, Patent Law, Procedural Support, HR, PD Communication), the documents which are to be treated in the same way as “EPO strictly confidential” information for the purposes of the patent grant process, and so must not be sent by email without encryption, have been limited to:
i. application documents of unpublished applications (EP, PCT, national)
ii. search reports, search opinions, communications and decisions relating to unpublished applications
iii. search statements resulting in the disclosure of unpublished application documents (Guidelines B-III, 2.4; B-IV, 2.4)
Previous section (iv) has been deleted. The documents mentioned there, e.g. documents which are marked as non-public in DI+, can be sent without encryption. This also applies to draft (oppo) decisions, legal opinions and votums.
There have been requests for a comprehensive list of documents/information used in the patent grant process and its administration which can be shared using MS cloud services without encryption. Due to the endless possibilities of exchanging data using MS cloud services, this is unfortunately not possible.
However, if you are dealing with information which you consider to be highly sensitive or strictly confidential, you may, of course, apply the rationale set out above and encrypt it. Units dealing frequently with highly sensitive data (e.g. Investigation Unit, HR or Health & Safety) have their own encryption policies and will provide you with guidance on this on request.
Call for CKT Daytips
If you have ideas about ways to efficiently share data relating to unpublished patent applications either without using MS cloud tools or by clever encryption, please forward them to the CKT Daytip team.
Points to consider
In the meantime, please also consider the following points:
- It is recommended that you apply the rationale defined above to all MS cloud services and products and to Skype for Business.
- It is recommended that you share the text of an unpublished application (possibly annotated) by copying and pasting the link to DI+ into an email.
- For consultations during the search phase (e.g. on CII or CPC classes), it is possible to share the text of an unpublished application via screen-sharing in Skype or MS Teams but you should do this only if the session is not recorded or transcripted. Any chat session/whiteboard, however, is permanently stored and should not be used for sharing unpublished material.
- No encryption is necessary for any exchanges with applicants per email (i.e. proposal of amendments) as, by then, examination of the patent application has already progressed to the stage that it has been published.
- Scans of annotated unpublished patent documents made on network printers should go on to a USB-stick and not to an email address. Further instructions on USB scanning will be provided as soon as possible. Please delete the file on the stick immediately after transferring it to your laptop/PC.
The above was published on the EPO’s Intranet, so the target audience was pretty much all staff, especially DG 1. Notice how many times they mention “encryption” (even if it’s all fake encryption, Microsoft gets access to everything and so does the US Government) and the lack of justification based on the law. They know they walk on water or quicksand here… █
ᶃ Gemini Space
This post is also available in 
Content is available under CC-BY-SA