OpenLobby.EU
Explore

epicenter.works - Plattform Grundrechtspolitik

epicenter.works

Epicenter.works is an Austrian NGO that advocates for fundamental rights, privacy, and freedom of speech online.

Lobbying Activity

Meeting with Jörgen Warborn (Member of the European Parliament)

27 Oct 2025 · Digital networks act

epicenter.works warns Digital Omnibus risks eroding security and rights

14 Oct 2025
Topic — The European Commission seeks to simplify digital regulations to benefit businesses.
Message — The group opposes lowering standards or weakening oversight in the name of simplification. They demand robust enforcement of existing laws like the AI Act.12
Why — Stronger regulations ensure a stable digital environment where people trust the technologies.3
Impact — European citizens lose essential protections against cyber threats, surveillance, and data misuse.456
Read full response

epicenter.works warns Digital Networks Act threatens net neutrality

11 Jul 2025
Topic — The initiative focuses on improving EU digital infrastructure and connectivity via the Digital Networks Act.
Message — epicenter.works strongly objects to the premise that net neutrality rules lack clarity. They urge the Commission to reject measures leading to network fees or paid fast lanes.123
Why — Preserving existing rules avoids new costs for users and maintains an open internet.4
Impact — Consumers would face higher prices and fewer choices if net neutrality protections are weakened.5
Read full response

epicenter.works Urges Stronger ENISA and Protections for Ethical Hackers

18 Jun 2025
Topic — The initiative reviews the Cybersecurity Act to update ENISA’s mandate and certification frameworks.
Message — The NGO advocates for robust regulation to build public trust in digital technologies. They demand an expanded, independent mandate for ENISA to overcome national fragmentation. The group calls for legal protections for ethical hackers and civil society involvement.123
Why — These reforms would secure fundamental rights and increase the organization's influence in governance.4
Impact — National agencies lose their exclusive control over cybersecurity policy and standard-setting processes.5
Read full response

Epicenter.works urges EU to scrap data retention plans

17 Jun 2025
Topic — Evaluation of EU-wide rules requiring service providers to store metadata for criminal investigations.
Message — The group urges the Commission to abort plans for reintroducing data retention. They recommend targeted alternatives like quick freeze and infringement proceedings against member states.1
Why — Achieving this would fulfill the organization's core mission of protecting fundamental digital rights.2
Impact — Police forces lose access to data frequently used for investigating petty crimes.3
Read full response

Meeting with Birgit Sippel (Member of the European Parliament)

14 May 2025 · UN convention cybercrime

Response to Submissions of the annual reports by supervisory bodies to the Commission

12 May 2025

Please find our submission to this consultation attached and online: https://epicenter.works/en/content/eidas-amendments-to-the-implementing-acts-batch-3-rev7
Read full response

epicenter.works calls for transparent reporting on digital ID

12 May 2025
Topic — Procedural rules for reporting and peer reviews of electronic identification schemes.
Message — The organization recommends that national authorities publish their annual reports online. They also want statistics on newly registered or cancelled relying parties included.123
Why — Enhanced transparency enables independent groups to monitor the digital identity ecosystem.45
Impact — National supervisory bodies would lose the discretion to keep reports private.6
Read full response

Meeting with Barbara Bonte (Member of the European Parliament)

17 Mar 2025 · Clean Industrial Deal

Meeting with Birgit Sippel (Member of the European Parliament) and European Digital Rights

21 Jan 2025 · UN Convention Cybercrime (UNCC)

epicenter.works: Optional registration certificates threaten digital wallet privacy

3 Dec 2024
Topic — New rules for registering service providers that want to access European Digital Identity Wallets.
Message — The group urges making registration certificates mandatory across the EU to maintain data protections. They also call for better public registries to allow for academic and civil society oversight.12
Why — This would establish a level playing field and prevent companies from bypassing privacy requirements.3
Impact — Large technology companies lose the opportunity to evade oversight by establishing in less-regulated countries.4
Read full response

Meeting with Birgit Sippel (Member of the European Parliament)

25 Nov 2024 · UN Convention Cybercrime

epicenter.works Warns EU Digital Identity Wallet Lacks Privacy Safeguards

9 Sept 2024
Topic — New rules for the lifecycle management of personal data and attestations within European Digital Identity Wallets.
Message — The organization demands the inclusion of robust human rights and privacy protections mandated by the eIDAS Regulation. They request mandatory support for pseudonyms and technical measures to prevent user tracking across different interactions.123
Why — These changes would ensure the wallet respects fundamental rights and maintains public trust in digital identity systems.45
Impact — Users face significant risks of over-identification, behavioral tracking, and the public leakage of sensitive personal information.678
Read full response

Epicenter.works warns EU digital wallet lacks critical privacy protections

9 Sept 2024
Topic — The European Commission is consulting on rules for the new European Digital Identity Wallet.
Message — The organization calls for the draft proposal to be rejected and renegotiated to include human rights and privacy safeguards. They demand the inclusion of missing rules to prevent over-identification and the implementation of technical features that ensure user anonymity.123
Why — Strengthening these protections would ensure the wallet complies with European law and maintains public trust.4
Impact — Citizens face serious risks of being tracked and having their sensitive personal data exposed.56
Read full response

Epicenter.works Urges Major Privacy Repairs for EU Digital Wallet

9 Sept 2024
Topic — Proposed technical standards for protocols and interfaces of European Digital Identity Wallets.
Message — The organization calls for the inclusion of missing privacy safeguards and harmonized cross-border complaint mechanisms. They urge negotiators to ensure technical unlinkability and unobservability to prevent user tracking.12
Why — These changes would strengthen legal protections for citizens and reduce the risk of litigation.34
Impact — Citizens face risks of over-identification and tracking if current technical specifications are not fixed.56
Read full response

epicenter.works: EU Digital Wallet Draft Lacks Human Rights Safeguards

9 Sept 2024
Topic — The Commission is consulting on rules for the new European Digital Identity Wallet.
Message — The group urges negotiators to reject the draft and include mandatory privacy protections. They demand inclusion of a missing act to prevent over-identification.12
Why — This prevents service providers from tracking user behavior and correlating private transactions.34
Impact — Users face significant risks of data leakage if revocation details are made public.56
Read full response

Epicenter.works urges EU to reject 'fair share' network fees

28 Jun 2024
Topic — The Commission seeks feedback on scenarios for Europe's future digital infrastructure and connectivity.
Message — The group urges the abandonment of 'fair share' fees and the rejection of connectivity-cloud regulatory convergence. They prioritize net neutrality and user rights over the interests of large telecom operators.123
Why — Protecting existing net neutrality rules safeguards the core fundamental rights mission of the organization.45
Impact — Large telecom companies lose a proposed mechanism to extract payments from big tech firms.67
Read full response

Meeting with Cristian Terheş (Member of the European Parliament, Shadow rapporteur for opinion) and European Digital Rights

7 Nov 2023 · Digital euro file

Meeting with Chris Macmanus (Member of the European Parliament, Shadow rapporteur)

25 Oct 2023 · Digital Euro

Meeting with Monika Vana (Member of the European Parliament)

10 Oct 2023 · Digital rights

Meeting with Alexandra Geese (Member of the European Parliament)

20 Sept 2023 · Greens/EFA Experts' roundtable on the privacy implications of the legislative proposal on the Digital Euro

Meeting with Alexandra Geese (Member of the European Parliament) and European Digital Rights and

4 Sept 2023 · Digital policies and human rights

Meeting with Karima Delli (Member of the European Parliament, Rapporteur) and European Transport Safety Council and

1 Jun 2023 · Driving Licence Directive

Meeting with Mikuláš Peksa (Member of the European Parliament, Shadow rapporteur)

27 Apr 2023 · European digital identity

Meeting with Birgit Sippel (Member of the European Parliament)

13 Mar 2023 · eID (Staff-level)

epicenter.works urges EU to withdraw its technosolutionist child abuse regulation

12 Sept 2022
Topic — EU proposal defining online provider responsibilities to detect and report child sexual abuse material.
Message — The organization calls for the proposal to be withdrawn and replaced with a more nuanced solution. They warn it employs a technosolutionist approach that would result in mass surveillance and false accusations. They also argue the regulation would undermine end-to-end encryption vital for confidential communication.123
Why — Stopping this law ensures that fundamental privacy rights and secure communication technologies remain protected.45
Impact — Children and private citizens lose their right to anonymity and confidential online communication.67
Read full response

Meeting with Werner Stengg (Cabinet of Executive Vice-President Margrethe Vestager) and European Digital Rights and IT-Political Association of Denmark

8 Sept 2022 · Telecom, Open Internet Regulation.

Meeting with Marcel Kolaja (Member of the European Parliament, Shadow rapporteur for opinion)

2 Jun 2022 · discussion about the European Digital Identity framework

Meeting with Cristian Terheş (Member of the European Parliament, Rapporteur for opinion)

15 Mar 2022 · eIDAS file parliamentary activity

Meeting with Thierry Breton (Commissioner) and

9 Dec 2020 · Roundtable with NGOs on DSA and DMA

Meeting with Filomena Chirico (Cabinet of Commissioner Thierry Breton) and European Digital Rights and Access Now

6 Nov 2020 · Austrian NetzDG and Digital Services Act

Meeting with Werner Stengg (Cabinet of Executive Vice-President Margrethe Vestager) and European Digital Rights and Access Now

6 Nov 2020 · Austrian NetzDG and Digital Services Act

Response to Advance Information on Air Passengers

12 Aug 2020

epicenter.works welcomes the opportunity to provide feedback for the consultation process regarding the upcoming revision of Directive 2004/82/EC (API Directive) and hereby wants to contribute to the Inception Impact Assessment (Ref. Ares(2020)2916519 - 05/06/2020).1 We acknowledge parts of the identifed problems in the assessment, especially these concerned with missing conditions and safeguards for processing API data. As the API directive predates the GDPR we agree with the Commission’s view to implement new provisions which are in line with all EU data protection requirements. Processing sensible personal data by private companies (in this case airlines) needs clear and transparent rules, which refect the robust data protection framework set forth by the GDPR. We also think that it is vital to implement an exhaustive list of API data felds, which leaves no space for extending it at the member states’ level. An unspecifed set of data felds and vague processing rules are not compatible with fundamental data protection rights – therefore the new directive should refect this issue appropriately. The scope of the API Directive should stay limited to only inbound fiihts from extra Schengen countries. An extension to all fights (also intra EU fights), together with a systematic collection of API data by airlines should not be implemented. There is no evidence put forward that such a measure would be necessary to (better) achieve the objective of the API Directive (“improving border controls and combating illegal immigration”). Furthermore, such an expansion could be seen as limiting the free movement of people within the European Union. In addition, also the PNR Directive is limited to only extra Schengen fights. Regards the usage of API data for law enforcement purposes, we cannot see the necessity to implement this as an additional objective for a revised directive. In the inception impact assessment it is mentioned that the “combined use of API and PNR data is believed to improve the data quality of the latter, limiting the number of false positives currently experienced by Passenger Information Units in the automated processing of PNR data”. We think that major issues of the PNR Directive should not be mitigated by changing another directive but be tackled at its core: the PNR Directive itself needs to be modifed as can be seen by the pending cases before the CJEU. Furthermore, legislative changes should not be based on a mere “believe” – especially when it involves the expansion of personal data gathering and systematic surveillance for law enforcement purposes. As there is no robust evidence shown in the assessment, we do not see the advantages of harmonizing the usage of API data for law enforcement purposes, nor codify “law enforcement” as a new objective for the revised API Directive. See this response attached or available under this link: https://epicenter.works/document/2817
Read full response