04.02.21

Gemini version available ♊︎

The EPO Bundestagate — Part 4: Parroting the GDPR-Compliance Myth

Posted in Deception, Europe, Patents at 7:54 pm by Dr. Roy Schestowitz

Series index:

  1. The EPO Bundestagate — Part 1: How the Bundestag Was (and Continues to be) Misled About EPO Affairs
  2. The EPO Bundestagate — Part 2: Lack of Parliamentary Oversight, Many Questions and Few Answers…
  3. The EPO Bundestagate — Part 3: A “Minor Interpellation” in the German Bundestag
  4. You are here ☞ Parroting the GDPR-Compliance Myth

EPO's GDPR-Compliance Myth
What could possibly have led the German government to parrot the EPO’s bogus and self-serving claims about GDPR-compliance?

Summary: The EPO had been in violation of GDPR (EU) for years, both under Benoît Battistelli and António Campinos; but the lies persisted

Back in October 2019, the FDP submitted another “minor interpellation” entitled “Data protection in relation to cooperation with the EPO” (“Datenschutz bei EPA-Zusammenarbeit”Bundestag Printed Paper [PDF] no. 19/14490).

This interpellation contained a series of questions relating to the EPO’s data protection framework, in particular in the context of data exchanges with national authorities such as the German Patent & Trademark Office.

“This interpellation contained a series of questions relating to the EPO’s data protection framework, in particular in the context of data exchanges with national authorities such as the German Patent & Trademark Office.”Under point 7. of the interpellation, the FDP explicitly raised the issue of the compliance of the EPO’s data protection framework with the GDPR (which had entered into force over a year previously in May 2018).

The relevant passage of the interpellation reads as follows (in translation):

According to the knowledge of the Federal Government, is data processing at the EPO compliant with the provisions of the GDPR, or does it have any indications that would suggest a deviation from GDPR regulations?

The response of the Federal Government was published on 12 November 2019 (Bundestag Printed Paper [PDF] no. 19/15072).

The passage of the response which addresses point 7. of the FDP’s interpellation reads as follows (in translation):

The Federal Government has no indication that the EPO does not comply with the provisions of the European data protection standards. The Board of Auditors of the European Patent Organisation, which is appointed by the Administrative Council under Article 49(1) EPC and carries out its activities in accordance with Articles 49 and 50 EPC and its Rules of Procedure and professional auditing standards, stated the following in its audit report for the financial year 2018 (document CA/20/19) (warning: epo.org link). Although the EPO, as an international organization, is not directly subject to EU rules, the basic principles of the GDPR have nevertheless been implemented, as data of European citizens are processed at the EPO. In addition, it was noted that for the sake of transparency, the EPO has already established a data protection register in the past to record all processing of personal data. Upon request, the information can be made available (publicly) to the data subject, thus ensuring the right to information.

The government’s response is another classic piece of hand-waving and obfuscation about the atrociously deficient state of the EPO’s data protection framework.

It is however worth looking at this response more closely because it seems to have come straight from the EPO’s internal “echo chamber”. There is very little evidence of any independent thought or research on the part of those responsible for drafting the government’s statement of its position.

“It seems that the reader is supposed to accept these assertions on “blind faith”.”What is particularly noteworthy is the fact that the German government appears to rely solely on the EPO’s internal audit report for the financial year 2018 (CA/20/19) (warning: epo.org link) as the basis for its “considered opinion” that the EPO’s data protection framework is GDPR-compliant.

There’s just one small problem here.

Neither CA/20/19 nor any other internal “audit report” from the EPO contains a meaningful substantive assessment of the organisation’s data protection framework and its purported compliance with GDPR standards.

The available audit reports from the EPO (CA/20/18, CA/20/19, CA/20/20) (warning: all are epo.org links) only contain cursory self-serving assertions to the effect that the organisation’s data protection framework is “relatively closely aligned” with EU data processing regulations – whatever that is supposed to mean.

What is conspicuously absent is a credible independent audit of the EPO’s data protection framework that could be considered to substantiate the self-serving assertions emanating from the EPO’s senior management.

It seems that the reader is supposed to accept these assertions on “blind faith”.

“For this reason it’s a bit disconcerting to see the Federal Government of Germany still parroting the EPO’s manifestly bogus and self-serving assertions about GDPR-compliance in such a naïve and uncritical manner in November 2019.”However, this becomes difficult when it is recalled that back in 2016 the EPO staff union (SUEPO) commissioned a report about various aspects of EPO governance from external legal experts.

This report dated 31 May 2016 – which is publicly available – found that the EPO’s data protection framework was not compliant with EU data protection standards and that it was in urgent need of a radical overhaul.

Nothing of substance has changed since May 2016.

For this reason it’s a bit disconcerting to see the Federal Government of Germany still parroting the EPO’s manifestly bogus and self-serving assertions about GDPR-compliance in such a naïve and uncritical manner in November 2019.

In the next part we will consider how this curious state of affairs came about.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. Links 25/9/2021: Wine 6.18 and Chromium Complier Woes

    Links for the day

  2. [Meme] When the EPO Watches Everything ('Dissidents', Media, Etc.) and Isn't Being Watched by Anybody

    The EPO is taking Europe for a wild ride; Everything is a vehicle for the very same agenda, with nobody left to hold it accountable or ask any tough questions… (even the media is in the EPO’s back pocket or back seat)

  3. Virtual Oversight

    “eMeetings” that simulate an impression of oversight are like ‘ViCo’ to simulate access to justice; will that ever change and will oversight be restored at EPOnia, Europe’s second-largest institution?

  4. The Corporate Coup Against the Soul of the Free Software Community Is Not Over

    The erosion of community role in the development of GNU/Linux is a growing problem; part of the problem is that large corporations target technical and philosophical (perceived) leaders in coordinated smear campaigns, led by media they own

  5. IRC Proceedings: Friday, September 24, 2021

    IRC logs for Friday, September 24, 2021

  6. Links 24/9/2021: GNU Coreutils 9.0, BattlEye GNU/Linux Support

    Links for the day

  7. [Meme] 'Linux' Foundation is Greenwashing Microsoft Again, Misusing the Linux Brand Like Nobody's Business

    Microsoft has weaponised the Linux brand to dub a toxic company like itself (helping notoriously polluting companies and generating lots of waste, both directly and through planned obsolescence, inefficient software, DRM, etc.) as "green"

  8. Richard Stallman to Speak (in Person) in Poland, Dedicate the Talk to Medical Professionals

    Days after his talk in Ukraine Richard Stallman plans to do the same in Poland (just announced)

  9. Links 24/9/2021: 30 Years of Europe’s First Root Name Server, Repairability of Laptops Discussed

    Links for the day

  10. ZDNet Has Failed

    ZDNet is on the decline and its demise appears to have greatly accelerated in recent months; we take a quick look at this month's coverage and explain the conflict of interest (it's PR, not news, and it's far too shallow/blatant to simply overlook)

  11. [Meme] Some People Are Just Above the Law

    A lot of people are still flabbergasted or at least baffled/miffed to discover that some people are in effect above the law; not even Europol and Interpol can apprehend and hold them accountable; that needs to change. Had Benoît Battistelli worked for France Télécom S.A. (not the EPO), would he be arrested? What about António Campinos and his drunk son?

  12. NPR and PBS, Both Funded by Bill Gates, Try to Save Him

    Bill Gates continues to corrupt the media and corrupt social control media (such as Twitter) using his money

  13. The EPO Must Forsake Its Diplomatic Immunity and Quit Pretending It's About Patent Law (or Any Law)

    There's no sign of the EPO actually trying to obey the law and correct the mistakes of the past; to make matters worse, the existing administration adds yet more corruption to an already-massive pile while dismissing any form of oversight

  14. IRC Proceedings: Thursday, September 23, 2021

    IRC logs for Thursday, September 23, 2021

  15. Links 24/9/2021: Ubuntu 21.10 Beta, Istio 1.11.3, and More Milestones for Steam Deck

    Links for the day

  16. [Meme] President Campinos Addresses the Legacy of Battistelli's “Strike Regulations”

    A sequence of four EPO memes about those infamous and unlawful “strike regulations” that Benoît Battistelli and António Campinos have exploited to abuse thousands of workers

  17. [Meme] Bill Gates Keeps Digging Himself Deeper in the Grave Each Time He Speaks

    These sorts of ‘interviews’ with Gates’ own propaganda mills (he also pays Twitter now) aren’t going to improve his image; people aren’t infinitely gullible (Source)

  18. Linux Foundation and Other 'Diploma Mills' Say There's Demand for Their Products in Their New 'Research' (Marketing)

    The so-called ‘Linux’ Foundation (LF), together with edX, are basically marketing their services and products, but this is disguised as 'research' (a false narrative widely parroted by shallow and paid-for media partners of theirs), piggybacking brands like “Linux” and buzzwords like “Open Source” (even when they promote proprietary things, e.g. memorisation of proprietary GUIs)

  19. [Meme] The EPO's Carte Blanche and 'Diplomatic Immunity' Card

    EPO staff is being taken for another ride by António Campinos and his cohorts, whose popularity among staff has likely gone down to sub-zero levels already (even faster than Benoît Battistelli)

  20. As Expected, Minimal Pseudo Compliance From EPO Management, Adding Insult to Injury

    SUEPO Central, the core of the staff union of EPO staff (almost 7,000 workers at the EPO, most of whom are SUEPO members), has strong words about the EPO's attitude and stance, which is perhaps unsurprising but still extremely disappointing

  21. Links 23/9/2021: PostgreSQL 14 RC 1 and MidnightBSD 2.1

    Links for the day

  22. Links 23/9/2021: More UPC PR Stunts and IBM (Poettering) TPM for Linux

    Links for the day

  23. The EPO is on the Run (Escaping Negative Press Coverage)

    Aside from tens of millions of euros granted to media and academia (to keep them complicit or silent about EPO corruption, which also implicates the EU) there’s also SLAPP and threats against staff representatives; but Members of the European Parliament are becoming interested in what’s really going on in Europe’s second-largest institution, so this utter waste of EPO money (manipulating the press and gaming universities’ research) might in itself become a scandal sooner or later

  24. [Meme] Lowering the Standards...

    It's time for another round of fluff at the EPO, this time without even travelling (PR-over-'ViCo')

  25. Gemini HTTP/HTML/Web Proxies and Self-Hosting Your Own Proxy

    Gemini protocol (gemini://) and the fast-growing Geminispace (expected to exceed 2,000 known capsules by year’s end, in effect quadrupling in a single year!) are possible to access using Web browsers, at least for those who do not have Gemini clients/browsers just yet; today we examine and give an outline of the options

  26. IRC Proceedings: Wednesday, September 22, 2021

    IRC logs for Wednesday, September 22, 2021

  27. Links 23/9/2021: GNU Parallel 20210922, Moroccan Propaganda From EPO

    Links for the day

  28. Links 22/9/2021: Google 'Upstream First' in Linux and New Maui Report

    Links for the day

  29. Links 22/9/2021: Mesa 21.2.2, GNOME 41 Released

    Links for the day

  30. Socially- or Corporate- or Centrally-Controlled Surveillance, Censorship and Throttling is Not Media

    The 'social control media' situation is getting out of hand; in YouTube, for example, there's a broad revolt against strict editorial control by Google and in Twitter it seems like ordinary users aren't shown so much to people who actually "follow" them

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts