2009
AKVorrat presents itself for the first time in the Audimax of the University of Vienna, which is occupied on the occasion of student protests (#unibrennt).
2010
Official founding of the association "Arbeitskreis Vorratsdaten Österreich (AKVorrat)"
2011
Start of the citizens' initiative zeichnemit.at - The aim is the abolition of the EU Data Retention Directive (VDS) and the evaluation and withdrawal of existing terror laws. The Austrian government is asked to become active in the EU Council of Ministers.
Hand over of 4,500 signatures on paper against data retention to the Austrian Parliament and start of the online phase of the initiative Zeichnemit.at.
2012
National implementation of the EU Data Retention Directive in Austria enters into force. Start of the constitutional complaint against the data retention (verfassungsklage.at).
Submission of the complaint based on 11,139 individual complaints to the Constitutional Court (VfGH) together with the Greens.
2013
Final handling of the citizens' initiative in parliament: No positioning of the government against data retention.
Start of the procedure for the future of the Data Retention Directive at the European Court of Justice (ECJ).
EU Commission presents its plans for a Digital Single Market. This also includes regulations for net neutrality.
Launch of SavetheInternet.eu campaign to maintain net neutrality in Europe.
ECJ Advocate General Pedro Cruz Villalón publishes in his conclusions the fundamental-legal criticism of the directive.
2014
European Parliament decides, with a large majority, on strong protection of net neutrality. The SaveTheInternet.eu campaign was able to achieve its goal!
ECJ declares the EU Data Retention Directive (2006/24 / EC) unconstitutional. It was a historic judgment: for the first time in Europe, a directive has been repealed in its entirety and not only in individual provisions.
2015
Launched the project HEAT (Handbook for the Evaluation of Anti-Terror Laws) with the aim to create the basis for a surveillance total bill and to establish a comprehensive impact assessment for security laws.
Draft for the establishment of an uncontrollable secret service - Police State Security Act (PStSG) - is published.
AKVorrat issues a very extensive critical statement on the state protection law in the appraisal procedure.
EU Parliament adopts net neutrality law. It contains some unclear regulations that could endanger a free and open Internet. The SavetheInternet.eu campaign now focuses on the European regulators (BEREC), which are responsible for drawing up the transposition directive.
2016
Police State Security Act (PStSG) is voted in. The criticism of 30,078 signatories to our petition "Stop the State Protection Law", as well as those numerous institutions that have jointly resisted the establishment of a domestic intelligence service, falls upon deaf ears.
Austrian Ministry of Justice presents plans for the use of state espionage software (Bundestrojaner).
AKVorrat publishes a damning statement on the plans to introduce a federal trojan (state espionage software).
Parliamentary clubs of the Freedom party and the Greens bring in a constitutional complaint lodged by experts of the AKVorrat against the police state protection law at the Constitutional Court (VfGH).
The Minister of Justice admits, even during an ongoing action in front of his ministry, that the proposal for the introduction of a state trojan has serious flaws and that - in the face of criticism - he will not pursue this proposal further.
The state protection law comes into force.
Overwhelming success of the SavetheInternet.eu campaign: more than 500,000 comments pro net neutrality The campaign was joined by 23 NGOs from 14 countries. Not least of all, they received support from the inventor of the World Wide Web, Tim Berners-Lee. The final guidelines strengthen the free and open internet in Europe.
Version 1.1 of HEAT is published. The world's first implementation of the concept of a surveillance total bill has been created.
AKVorrat becomes epicenter.works.. The new brand is an expression of the broader spectrum of content that the organization works on.
2017
epicenter.works is clearly positioning itself against the surveillance package proposed by the Minister of the Interior, Wolfgang Sobotka, which includes numerous new fundamental rights infringements, including old government projects such as data retention or the Federal Trojan (surveillance of Internet-based communication). We organize a demonstration in front of the Federal Chancellery within 24 hours.
epicenter.works publishes a proposal by Minister of the Interior to restrict the right to demonstrate. Numerous NGOs and individuals from civil society, including epicenter.works, call for the resignation of the Minister of the Interior, Wolfgang Sobotka.
The campaign ueberwachungspaket.at against the surveillance plans of the federal government is started by epicenter.works. Numerous NGOs supported the campaign from the beginning. Ueberwachungspaket.at provides a simple telephone tool that makes it as easy as possible for citizens to get in touch with their deputies and ministers.
German Telekom is presenting its StreamOn service, which, according to epicenter.works, clearly violates the EU Network Neutrality Ordinance. We publish a first analysis on netzpolitik.org.
A law restricting the freedom of assembly and introducing a basic convictions offense (STGB amendment 2017) is presented in Austria. epicenter.works issues opinions on both laws in the review process.
Foreign Minister Kurz calls for new elections, after which Chancellor Kern announces the "free play of the forces" in parliament. epicenter.works sees this as an opportunity to protect our fundamental rights and bring down the surveillance package.
We submit a comprehensive analysis of the StreamOn tariff to the Federal Network Agency.
Executive Director Thomas Lohninger of epicenter.works speaks at the shareholders' meeting of Deutsche Telekom about the serious consequences of the violation of network neutrality by StreamOn.
The concrete plans for the surveillance package are announced. epicenter.works develops a new tool that allows concerned citizens to easily submit comments to parliament or relevant ministries. A total of more than 9,000 comments on the legislative proposals are being submitted.
Bill Binney, the NSA's former technical director, comes to Vienna on our invitation and strongly criticizes the planned surveillance package.
The "Stop the surveillance package!" campaign is successful. According to the National Security Council, the Minister of the Interior Sobotka declared plans for seamless surveillance in Austria to have failed. The association brings a lawsuit against the Minister after he repeatedly says: "Everybody inside and outside of Parliament, who is against these legal adjustments, plans an attack on the safety of Austrians."
The Austrian Constitutional Court of Justice publishes its findings on the complaint against the state protection law. Although this brings some important guidelines on how the law is to be applied, in substance the result is sobering.
Only 24 hours after the presentation of the program of the new government coalition, epicenter.works publishes a comprehensive analysis of all data rights relevant passages. The conclusion is damning: more surveillance and less privacy.
2018
With the data privacy amendment law "Inneres", the first network policy law of the new federal government, a series of new data protection laws is established. These new laws are extremely problematic from a fundamental rights perspective. epicenter.works establishes itself as one of the most critical voices in the public debate.
The Austrian implementation of the (probably illegal) EU Passenger Name Record Directive goes far beyond the requirements of the Union. In a statement epicenter.works criticizes the Austrian government's extension of data retention beyond the mandate to intra-European flights.
The legislative plans for the new edition of the surveillance package are available. The rally organized by epicenter.works is attended by representatives of all opposition parties.
The Data Protection Adaptation Act Science and Research aims to enable the transfer of personal data from public registers to research-intensive companies. epicenter.works makes this a widely discussed topic.
The campaign website www.ueberwachungspaket.at allows concerned citizens to easily agree to critical comments on the surveillance package. In total, more than 5,000 approvals were received by Parliament.
Since the government does not allow a public hearing on the surveillance package, the opposition parties organize their own. Angelika Adensamer appears there as an expert of the association. In the National Council, the surveillance package is voted in by the votes of the government. Although some improvements have been made, the measures still remain a major threat to democracy and IT security.
Coordinated by epicenter.works, 13 NGOs respond to the consultation with the Portuguese regulator ANACOM. In Portugal, mobile operators are violating net neutrality with their zero-rating offerings.
The draft of the Law on the Amendment of Aliens Law contains numerous measures contrary to fundamental rights. epicenter.works criticizes, among other things, the plans for a "digital house search" of the electronic devices carried by those seeking protection.
epicenter.works criticizes the government's plans to use sensitive health data to automatically detect insurance fraud with a "risk and conspicuousness analysis tool".
Analyzing the changes to 128 laws, epicenter.works notes that the government is opening a large number of backdoors when implementing the EU Data Protection Regulation (GDPR). Existing laws should only be adapted to EU rules and ensure a high standard.
epicenter.works organizes rallies throughout Austria against upload filters and ancillary copyright as well as for a modern copyright reform on the #SaveYourInternet action day.
In a vote on copyright reform, the European Parliament votes in favor of upload filter and ancillary copyright. epicenter.works raises the alarm and warns against censorship and limited media diversity.
epicenter.works prevents the introduction of a new form of data retention through the back door, which was envisaged in the amendment of the Telecommunications Act.
In an open letter, epicenter.works and more than 20 other organizations turn to Ministers Blümel and Hofer, calling for swift negotiations on the ePrivacy Directive during the Austrian EU Council Presidency.
The Austrian government plans to introduce an obligation for real names . We provide 10 reasons why this is a bad idea.
Start of the campaign istkicklschonweg.at , which demands the resignation of the minister of the interior, Herbert Kickl.
The national council passes a law concerning web and information system security (NISG) and adopts our suggestions.
2019
Together with Addendum we expose the postal service data scandal. epicenter.works provides forms,that enable people to easily request the disclosure of their own data and subsequently their deletion.
The social aid statistics law is passed. We analyse the improvements and worsenings compared to the original draft.
The European Parliament votes for the reform of the copyright including upload filters and intellectual property rights for press publishers.
We start our lawsuit against the passenger name records. By going through the courts of all instances we want to abolish the EU law at the European High Court.
We publish the positions of the Austrian political parties in the digital rights election benchmarks.
On platformregulation.eu (en) we publish a detailed policy suggestion for the regulation of large internet companies in view of the upcoming reform of the EU’s eCommerce directive.
We launch our campaign against the retention of passenger name records (PNR). After a complaint filed with the Austrian Data Protection Authority (en), is rejected because the authority found itself not competent, not competent (en), the path is clear for a complaint (en) before the Federal Administrative Court.
We write a submission backed by 23 European NGOs on the big reform (en) of the EU’s net neutrality rules in the context of the new 5G wireless standard. Also in November, we take part in BEREC’s consultation on network termination points and play a part in advocating free choice of routers (en) in Europe.
After several years of fighting against the set of laws on surveillance, we obtain late satisfaction before the last-instance court: Both governmental spy software (“state trojan”) and passenger car surveillance are heard before the Constitutional Court (ge) and declared in violation of the constitution (ge) on 13 December 2019. We provided support with the complaint filed by the political parties NEOS and SPÖ. Thus we helped prevent the state trojan for the third time!
2020
New Conservative and Green party coalition government – We evaluate the internet policy programme of the incoming government (ge). We will keep a close look on the new government’s actions.
Changes to the cooperation of consumer authorities law, telecommunications law and competition law are aimed at introducing blocking (en). In our opinion (ge) we outline why we believe that these changes are ill-advised and why it is particularly important to pay attention to the protection of fundamental rights in this context.
epicenter.works celebrates its 10-year anniversary. As all events are cancelled due to Covid, we are very pleased about the congratulations sent by president Alexander van der Bellen and first lady Doris Schmidauer.
We publish an analysis (ge) of the decision that led to the abolishment of the Polish unemployment services algorithm.
Covid-19 – As a fundamental rights NGO, we scrutinise the first wave of Covid-19 emergency laws (ge) and publish our internet policy recommendations (en).
We express our criticism of the amendment to the 2003 Telecommunications Act and ask what text message warning systems may and may not do. This is our analysis (ge).
On 1st April we publish our preliminary review (ge) of the “Stopp Corona App” developed by the Austrian the Red Cross. Over the Easter holidays we, noyb (en) and recommendations (en), which are by and large adopted quickly by developers.
During lockdown, video conferencing tools are booming. We receive many queries dealing with privacy concerns. Therefore we test the most commonly-used tools and publish a service blog post (ge) aimed at the general public.
Unclear Covid legal provisions and miscommunication within law enforcement have lead to a rise in complaints about police actions. We have time and again used the hashtag #Polizeikontrolle to call for (ge) an independent body to handle complaints about the police, as set out in the government programme.
The pandemic also shines a spotlight on the digital vaccination pass. We criticise the weak points (ge) in the amendments to the healthcare telematics act.
Together with with the political party NEOS we uncover the largest data scandal of the Republic (en), the “supplementary register for other concerned parties” (a list of individuals with income other than from employment, no matter how small). Under the shared responsibility of the finance and economy ministries, personal data of over one million citizens had been accessible without barriers for years.
As part of a joint effort by many civil society representatives, we submit a set of demands for more transparency and fundamental rights in times of crisis (ge) to the federal government.
From the beginning of the epidemic, the education ministry has relied on Google Classroom for online learning. We make an urgent plea for the independence (ge) of Austrian schools from US corporations.
As a consequence of the data scandal surrounding the supplementary register for other concerned parties, the competent minister (economy and digitalisation) invites us to take part in a task force. The results can be found here (ge).
We start our campaign and petition to stop the unemployment agency algorithm (en) with a press conference (ge). This unfair, discriminating and inscrutable system must be stopped.
We publish our preliminary appraisal of the planned set of laws against online hate speech and misinformation (“Hass im Netz”) of the Conservative and Green coalition government. At the time, we still call it Austrian Netz-DG (ge), for the German Network Enforcement Act. Together with Wikimedia Austria we develop suggested solutions and reach out to the competent ministers with an open letter (ge).
In net neutrality matters, BEREC (en) reacts to our criticism and fully follows our recommendations (en) in updating the EU net neutrality guidelines to 5G. Thus we help create the first legal framework that brings together net neutrality and the new wireless standard.
Renewed massive privacy issues with the planned Covid contact tracing system for companies and event promoters. Again we fear unconstitutional passages in the proposed bills and submit our opinion (ge). In connection with the Red Cross’ Stopp-Corona-App, too, we take an active stance in the debate by preparing a suggestion for a bill (ge) that would ensure its use is voluntary.
Our manual on surveillance "Handbuch Überwachung" (ge) is published; it serves as a guidline for a comprehensive surveillance footprint assessment. We again ask the government to evaluate all surveillance laws on a regular basis and to abolish them as appropriate.
We take part in a broad alliance and call for (ge) the establishment of a body for reporting police violence and for the compulsory identification of police officers.
We are again forced to make fundamental objections to the hate speech and misinformation (“Hass im Netz”) draft bills. The communication platforms draft bill aims at the big players, but hits the small participants. Here (en) is our analysis.
We write and organise a global open letter (en) against efforts in South Korea to dismantle net neutrality by introducing termination fees (“sending party pays”). With the help of background materials, we try to communicate this important but technical matter to a broader audience (en).
The first draft of the proposed hate speech and misinformation legislation contains blocking, upload filters and more surveillance. The justice ministry takes three of our four criticisms onboard and repairs the draft bill (ge).
The introduction of the electronic vaccination certificate creates a central vaccination register. Our biggest criticism (ge): it is not possible to opt out.
Data processing of students is subject to the GDPR. The education minister makes a new education documentation bill available for experts to review, which we consider a substantial step backwards (ge) for data protection in schools and universities.
Together with the Vienna University branch of the students’ representative body (ÖH) we publicly demand (ge) the withdrawal and rewriting of the draft bill for education documentation as well as the timely completion of the data protection impact assessment from the minister.
We issue an opinion (ge) on the national implementation of the copyright directive during the preliminary expert review.
2021
We publish our legal opinion and explanatory blog posts (en) on the planned national implementation of the controversial EU copyright directive, which includes upload filters and a tax on links.
Following the November 2020 terrorist attack in Vienna, the government has has come up with a set of legislative proposals against terrorism. We examine the bills closely, express our views in opinions during the expert review phase, and publish our analysis (ge).
In the context of the new telecommunications act, we call for (ge) the independence of the Austrian telecommunications regulator and warn of eroding consumer protection safeguards.
We are deeply involved in the debate on the EU Digital Covid Certificate (“Green Pass”) and are the only privacy NGO to take part (en) in the legislative process in the EU Parliament by tabling amendments.
In cooperation with Chaos Computer Club and the group Zerforschung, we expose grave security vulnerabilities (ge) at Covid testing centres. Sensitive health data of several hundred thousand individuals are affected.
Now that the bill for an Austrian transparency law is finally here, we speak out during the expert review and show (en) why data protection and freedom of information are not at all contradictions.
We analyse the new involuntary commitment act and point out issues (ge) with the dissemination of health data from psychiatric patients.
We comment (ge) on the European Public Prosecutor’s Office and what it means for the system of legal protection in Austria.
We achieve a partial success on the EU Digital Covid Certificate (“Green Pass”) when the European Parliament passes a version of the regulation that includes all of our demands (en) to strenghten data protection. This is precisely what we called for before the vote in an open letter (en) supported by 28 NGOs.
We use the reform of the Austrian telecommunications act as a reminder (en) of the importance of the free choice of routers.
We expose critical security vulnerabilities in the planned Covid Green Pass system in Austria. As planned, the system would have affected the sensitive health data of all members of the social security system in Austria.Our publication (ge) causes the system to be discontinued immediately.
We analyse the sobering results (en) of the reform of the domestic intelligence service BVT, whose name is changed to DSN.
We publish our opinion on the first national law on the Covid Green Pass, the first one to provide an opportunity for experts to review the bill. The result (ge) is particularly disappointing.
Unfortunately the European Commission’s guidelines for the implementation of the EU copyright directive prove once again that protecting the rights of internet users is of no relevance in the EU. We took part in the Commission process as representatives of civil society and were most unhappy with the result (en).
We celebrate the EU legislation on the Digital Covid Certificate (“Green Pass”) as all of our demands (en) have been implemented.
We hold a demonstration in front of the company headquarters of Telekom Austria A1 because the group took part in the internet shutdown (ge) in Belarus.
Proposed legislation to open government databases to research while reducing data protection standards persuades us to nominate the head of government, Sebastian Kurz, for a Big Brother Award (en). We also express our concerns during the expert review phase (ge) for the so-called Austrian Micro Data Center (AMDC).
After a thorough examination of the investigation files against Julian Hessenthaler, we make a joint statement about the case, together with 18 international and Austrian human rights organisations (in 2017, Hessenthaler secretly recorded a meeting in Ibiza that supposedly constituted evidence of corruption and brought down the Austrian government when it became public in 2019; Hessenthaler was subsequently charged with separate drug- and ID-related offences). We found the criminal charges to be politically motivated and warned of the deterrent effect (en) this case would have on future would-be whistleblowers.
We express our views during the expert hearings held by the Austrian media regulator KommAustria on the design of platforms’ transparency reports (ge) under online hate speech and misinformation legislation (Hass im Netz, NetDG/KoPlG).
We contribute (ge) to the expert review stage of the Austrian implementation of the contentious EU copyright directive, and do so in cooperation with several national and international NGOs.
Following the surprise ECJ ruling that led to the ban of zero rating, we express our opinion (en) on the reform of the BEREC rules on net neutrality, in order to ensure the ruling will be implemented properly and comprehensively. The ruling also confirms the legal opinion we have held for many years.
In an open letter by 23 media companies and NGOs, we express our concern about dangerous risks to the freedom of opinion (ge) posed by Austrian copyright law.
Despite massive criticism from many sides, the Conservative and Green coalition government remains committed to its controversial register-based research plans (Austrian Micro Data Center). We keep pushing against it (ge)!
We scrutinise (ge) the new pharmaceutical product and genetic engineering legislation from a privacy perspective.
Following an in-depth legal analysis, together with regional organisations we condemn (ge) the Styrian social welfare law and the pillory for the weakest members of our society created by it.
Jointly with other NGOs, we call upon the EU Commission to come up with a strategy (en) for the defence of civic space .
2022
Together with the public broadcaster ORF, we expose massive security vulnerabilities (ge) on the Covid testing platform oesterreich-testet.at. The treatment of the courageous security expert who first discovered the vulnerabilities shines a light on major failures of responsible disclosure practice in Austria.
We publish (en) a detailed analysis of the EU project for a fully harmonised digital identity for everyone in Europe (eIDAS). On the strength of this analysis, we are invited to the European Parliament four times and our amendments succeed in making a large difference to the legislation.
We help mobilise (ge) the general public prior to the expected verdict against the mastermind of the so-called “Ibiza tapes”, Julian Hessenthaler (see September 2021 for background)
Alongside the Austrian chapter of Amnesty International we express our great concern (ge) about the guilty verdict against the mastermind of the so-called “Ibiza tapes”, Julian Hessenthaler (see September 2021 for background).
We publish (ge) a two-part series on privacy problems (ge) in the Austrian education system, which were exacerbated by the Covid-19 crisis.
As part of our project on the dangerous algorithm proposed by the Austrian unemployment agency (AMS), we organise a panel at Concordia press club. Participants from academia, politics, social partners (worker and employer organisations) and the public service ensure a broad and diverse basis for discussion.
Start of our first tour of unemployment agency offices (AMS) in Upper Austria. Equipped with informational materials and our custom-built “Algomat” machine, we educate local staff members and job seekers about the unfair AMS algorithm (en).
We examine (ge) several laws at the provincial level that deal with the introduction of a levy on second homes.
The legislation on child sexual abuse (CSA Regulation aka. “chat control”) is introduced at EU level. Already on day one we demonstrate in front of the EU’s European House in Berlin and, after a preliminary review of the legal text and accompanying materials, express serious criticisms (en).
Alongside other privacy and environmental organisations, we express our massive concern about the surveillance plans (ge) of Vienna city councillor Ulli Sima.
We organise an open letter to EU Commissioners Vestager and Breton about their recent surprise attack on net neutrality. 34 organisations from 17 countries join us in our severe criticism of what appear to be plans by the Commission to introduce (en) termination fees for content providers who want to reach internet users in European networks.
We are one of 117 European organisations who support the open letter of our umbrella organisation EDRi to the European Commission; it warns about the dangers of mass surveillance posed by the plans for the CSA Regulation (en) (“chat control”).
We issue a legal opinion (en) on the Austrian whistleblower act and sharply criticise it – the draft bill is largely unsuitable for exposing misconduct.
The copyright industry provokes yet another shutdown (ge) of parts of the internet in Austria. This incident prompts us to highlight yet again the lack of a sound legal basis for internet blocking that would protect net neutrality.
Austria is finally getting a disaster alert system (ge). We publish a legal assessment and offer constructive criticism of an essentially good but long overdue suggestion that still lacks a clear time horizon.
Our team travels to the Freedom Not Fear conference in Brussels, which after a two-year break takes place on-premise and in person again.
Again, we are travelling in the province of Upper Austria to inform locals on the grave discrimination inherent in the algorithm used by the unemployment agency (AMS). To maximise the campaign’s effectiveness, this time the focus is on local communities that support job seekers.
In collaboration with other EU data privacy organisations, we launch the EU-wide campaign stopscanningme.eu against mass surveillance in the proposed CSA Regulation (“chat control”).
Austria introduces a digital drivers‘ licence. We criticise its weaknesses, highlight risks to data security and provide feedback (ge) to the responsible project leaders.
Our treasured academy (ge) project goes live. In our decade-long work we have acquired substantial know-how that we pass on to a larger audience with this project.
We raise the alarm on the profound risks to the data of EU citizens posed by a badly implemented electronic ID system (eIDAS). Read our comprehensive analysis (en) of the EU Member States‘ current compromise version of the legislation.
We score a first partial victory (en) against the proposed CSA Regulation (“chat control”): As the first EU Member State, Austria positions itself clearly against the fundamental rights infringing EU suggestion – this has a binding effect on the Austrian federal government.
We debunk the myths on net neutrality (en) spread by the telecoms industry, their danger to the open and free internet and their far-reaching social and economic consequences. Our concise explanatory victory (en) attracts considerable attention.
The Columbian constitutional court hears a case on the harmful practice of zero rating. We are invited to participate as experts on net neutrality (en).
We release a (legal) analysis (en) of the Austrian Communications Platforms Act (KoPl-G) and compare it (en) with the corresponding EU regulation, the Digital Services Act (DSA).
We take part in the Internet Governance Forum (IGF) (en) in Addis Ababa, Ethiopia. Our managing director Thomas Lohninger holds a talk on attacks on net neutrality (ge) and the European electronic ID eIDAS (ge).
eIDAS 2.0: The Council of the European Union agrees on a version of the proposed digital EU wallet. Unlike the emerging position of the European Parliament, it contains unprecedented risks to privacy. We summarise the current state of play (en).
The European Commission replies to our letter (en) about the network fees requested by the telecoms industry – but unfortunately it does not heed our arguments. Together with 15 other European NGOs we again warn of the far-reaching consequences of this threat to net neutrality. We appeal (en) to the Commission to observe the usual, fair practices in the legislative process and to include all stakeholders.