An eventful and successful year: that was 2024 in network policy.

2024 was a crucial year for fundamental digital rights. We demanded government transparency, campaigned for a trustworthy European eID, fought against state surveillance and for IT security. Together, we have achieved a lot - and yet there are major challenges ahead.

Take a look back with us at this year's milestones, celebrated successes and unfinished business that will accompany us in the upcoming year.

We are Overwhelmed by You!

Things got really tight for us this year: the withdrawal of the Open Society Foundation from Europe left a big hole in our budget. But our call for help was met with an overwhelming response. Over 400 new supporting members and numerous individual donations helped us out of this difficult situation. This strong sign of support not only saved us financially, but also boosted our motivation enormously. For this we say THANK YOU! Knowing that so many people stand behind us and see the importance of fundamental digital rights gives us the strength and confidence to full on tackle 2025.

Transparent State Instead of Official Secrecy

Austria has a new fundamental right - the year could not have gotten off to a better start. After more than 30 years of debate, we have finally succeeded in abolishing official secrecy - a relic dating back more than 200 years to the imperial era. We campaigned for a Freedom of Information Act in the hearing of the Constitutional Committee and were also able to repair two critical points of failure in the draft. We can finally celebrate a fundamental right to freedom of information in Austria.

In our commitment to a transparent state, we went all the way to the Constitutional Court in 2024. Despite the enormous public interest, citizens still have no opportunity to gain a direct insight of what is happening in the committees of inquiry. Our application to the Constitutional Court was rejected because there was no longer a committee of inquiry ongoing at the time of the decision. We will not let this stop us; we will be ready for the next committee of inquiry.

The overdue appointment to the Federal Administrative Court (BVwG), which we criticised, is another example of how urgently political responsibility is required in Austria.

Digital Identity & the Right to an Analogue Life

Our message is clear: digitalisation must not exclude anyone. In parallel to our tireless efforts for a trustworthy eID, we are therefore calling for a right to an analogue life. After almost three years of intensive negotiations, we were able to achieve legally binding protection against discrimination in the planned European eID - along with other important measures to protect our sensitive personal data in the digital wallet. The result of this intensive debate will also serve as a guideline for other digital infrastructure projects, such as digital currencies. We have therefore summarised the most important protection mechanisms, including examples of the legal text.

The EU Commission canceled out these important gains for the wallet, which will accompany us everywhere from doctor's appointments to public transport tickets, with the framework for its technical implementation. After analysing the proposals, it was clear: We are sounding the alarm. The EU Commission de facto ignored the law on the European eID (eIDAS), which was only adopted at the beginning of the year 2024.

After sustained pressure from civil society and IT experts, it was at least clear that this dangerous proposal did not have a majority among the EU member states. The EU Commission then pledged to protect users from excessive data queries in the European eID - only to undermine the promise to protect citizens two weeks later with sleight of hand.

If the digital wallet should be introduced in its current form, we must explicitly warn against its use. That is why we remain persistent and continue to fight for a legally compliant implementation of the European eID, which deserves the trust of citizens.

In Austria, however, where an eID already exists, we never tire of criticising the existing de facto obligation to use the ID Austria. So far, at least some of these cases of discrimination - e.g. in the federal treasury or the awarding of the SVS dentist bonus - have been rectified.

On the occasion of the current government negotiations, we are once again making it clear that the digital age also needs a right to an analogue life.

DearMEP - Democracy For All!

Last year we presented the prototype of our new campaign tool for the first time. With ‘DearMEP’, citizens can easily contact their elected political representatives and tell them what is important to them. We look forward to making the tool available to the general public soon as free software. In the future, any campaign can easily use DearMEP, customise it for their own needs and give Europeans a voice in important political decisions.

Hacker State - No to State Spyware

Another focus was our work against the use of state spyware. The state trojan - i.e. the use of spyware on end devices without users' knowledge - remains a massive threat to our fundamental rights. The damage that state spyware does to democracies is illustrated by countless examples worldwide - in recent cases, for example, in Slovakia and Greece. Not to mention the abysses that have opened up with spyware companies in Austria.

We have therefore joined forces with civil society organisations from different parts of the world and have called for immediate action to respect and protect the rights of all citizens in the EU from the omnipresent threat of spyware.

The result of our statement on the government's 4th attempt at state spyware in Austria is hardly surprising: the draft law would be a deliberate threat to the population and again probably unconstitutional. Thanks to our substantive work which was well-received by the public, this problematic bill did not find a majority in the last legislative period.

Help us and cast your vote against this tax-funded mass threat now!

IT Security: Missed Opportunities, Lessons Learnt & Unfinished Business

Austria's IT security still has a lot of catching up to do. Based on our own case, in which we were reported to the police by the Ministry of Health for responsibly reporting security vulnerabilities, we have once again made it clear how urgently Austria's IT security researchers need protection.

At least the Ministry for Climate learnt the right lessons for the future after we emphatically demanded the responsible handling of a security vulnerability that had occurred on klimabonus.at.

Furthermore, in our statement on the Austrian implementation of the EU NIS2 Directive back in April 2024, we had to warn that this negligent IT security law must not be passed. We were invited to the Austrian Committee of the Interior as experts on this important project and were able to put forward our recommendations and demands. Thanks to our efforts, this flawed draft did not find a majority in parliament - the opposition relied on our expertise to reject the law.

We were also able to discuss the current state of Austrian IT security in detail in the Austrian parliament's podcast.

On the occasion of the coalition negotiations, we have published a paper including concrete demands for the future government on the more than patchy IT security situation in Austria.

Holding Politicians Accountable for Digital Rights

In the super election year 2024, we organised panel discussions on the EU elections and the Austrian parliament elections and took a close look at the Austrian parties' network policy.

With our comprehensive catalogue of network policy demands, we want to make a constructive contribution to the Austrian coalition negotiations and set a clear benchmark for a government that respects fundamental rights and is driven by reform.

In open letters with the Austrian League for Human Rights and 12 other organisations, we have made it clear to the Austrian parliamentary parties that legislative initiatives require strategic consideration of fundamental rights, civil liberties and human rights in all policy areas.

Crime & Law Enforcement in the Digital Age

The Cybercrime Convention, an international agreement with the aim of counteracting cybercrime, has been threatening to become a dangerous surveillance treaty since negotiations began. We have therefore been to the United Nations in New York twice this year. We were already active in a global coalition of organisations and experts in the run-up to the round of negotiations in February. During the negotiations, we were able to submit further written and oral statements to the UN plenary.

Even after two weeks of intense negotiations, no agreement was reached among the UN states. We did not let up and travelled to New York for the final negotiations in order to strengthen the voice of civil society. During this phase, it was particularly important to mobilise the EU institutions not to approve this fatal treaty.

Despite massive, global opposition from civil society, IT experts and even large industrial companies, the UN member states brought the treaty to the UN General Assembly. However, the planned vote was postponed. We took this opportunity to say once again with all clarity:

Austria must vote against this global monitoring treaty in the UN General Assembly. The United Nations must not become a tool factory for authoritarian states.

In Europe, a similar trend towards surveillance methods violating human rights under the guise of law enforcement has intensified. Together with civil society organisations, industry and professional associations, we have made concrete demands for a human rights-based approach to the European authorities responsible for justice, security, law enforcement, and home affairs.

We also see similar tendencies in the proposed amendments to the Austrian Security Police Act, which we have sharply criticised in a detailed statement. We call for the introduction of clear protection mechanisms and an overall surveillance evaluation instead of blanket access options.

Free Internet for All

In the fight for an open and free internet, we criticised the industry bias of EU Commissioner Thierry Breton at the beginning of the year 2024. We travelled to Brussels and delivered a letter to all 705 Members of the European Parliament. Fortunately, it is now clear that Breton has resigned and will not be able to cause us any more headaches over the next few years (at least as an EU Commissioner).

“Zero rating” de facto leads to severely restricted second-class internet access, and after years of our opposition, it is finally illegal in Europe. We call on telecoms ministers, regulators, and MEPs to stop such “zero-rating” offers outside the EU as well. This is the only way to ensure that everyone has access to the entire internet.

The unfair business practices of large telecoms providers also pose a serious threat to the open internet in Europe, with far-reaching consequences for users. We highlighted this problem last year, for example, with the prominent ‘Telekom vs Meta’ case. We urged European regulators to use their powers to take action against these practices and ensure a fair, open, and innovative internet ecosystem for all stakeholders.

At the same time, we have warned of the serious consequences of the EU Commission's plans, which would further support the harmful practices of large telecoms companies instead of preventing them.

All these actions have helped to expose the highly distorted picture of the internet that telecoms companies paint in their own favour. Following the resignation of former telecoms boss Thierry Breton as EU Commissioner, there is new hope: at the end of last year, we formed a broad coalition and called on the new Digital Commissioner Henna Virkkunen to seize the opportunity. The official feedback from a broad spectrum of stakeholders, which we had already mobilised in 2023, is clear.

It is now up to the new Commissioner to base the announced Digital Network Act (DNA) on this critical feedback and the clear recommendations of the regulators, rather than on the misleading representations of a few telecoms groups. We will keep a close eye on the debate and do everything we can for an internet that benefits everyone.

It's in our hands - Thomas Lohninger at the Internet Governance Forum Austria 2024

Education & Digital Self-Defence

Instead of further cultivating dependence on Microsoft, Google & Co., we have called on the future government in Austria to comprehensively integrate free software as standard in public schools.

With our epicenter.academy, we also visited secondary schools for the first time last year, where young people aged 13 and over were able to learn the basics of self-determined use of digital technologies as part of our workshops on digital self-defence. We held a total of 177 workshops in the education sector (in Vienna, Lower Austria and Styria) - for around 4,000 pupils and students. At eleven other events, representatives of companies and professional associations were able to take practical IT knowledge back to their organisations. At a total of seven workshops, NGOs and women's shelters were given the basic know-how on digital self-defence and digital protection against violence for their everyday work.

We would like to thank the trainers who, in addition to the Academy's core team, supported us at the numerous workshops in Styria and Lower Austria.

We have expanded our e-learning programme to include a section specifically tailored to companies, a chapter on artificial intelligence, and the secure deletion of data. Soon you will also find information on digital protection against violence there. In addition, we now also offer workshops on digital self-defence specifically for SMEs, directly at our office.

Teachers at Viennese secondary schools can already register for our customised webinars and we are pleased to offer free workshops at Viennese secondary schools (6th-8th grade) as part of the Wiener Bildungschances (Vienna Education Opportunities). Feel free to spread the word!

Your Health Data - Your Decision

Last year we have once again campaigned for you to retain control over your health data. With open letters and joint statements, we have campaigned for you to decide for yourself in the European version of ELGA who can use your sensitive data and for what purpose.

Surveillance in Public Spaces

We have been outspoken clearly against real-time surveillance by AI in public spaces and called on the Austrian parties to defend our privacy and protect the population from these dangerous surveillance measures.

In the debate on traffic calming in densely populated areas, we have continued to fight for the protection of privacy - with success: even the latest camera plans from the beginning of last year still only exist as a toothless draft on paper.

epicenter.connect: Get on Board

With epicenter.connect, we launched our first regular network policy networking meeting this year. We were able to get to know many of you better and really enjoyed the inspiring dialogue. This year, of course, it will continue seamlessly - we look forward to many exciting evenings with you. The dates have already been finalised.

Since you're here

… we have a small favour to ask. For articles like this, we analyse legal texts, assess official documents and read T&Cs (really!). We make sure that as many people as possible concern themselves with complicated legal and technical content and understand the enormous effects it has on their lives. We do this with the firm conviction that together we are stronger than all lobbyists, powerful decision makers and corporations. For all of this we need your support. Help us be a strong voice for civil society!

Become a supporter now!

Related stories: