All articles

Help us survive the year!


This February we have celebrated our 10 year anniversary as an association. At the time, we enjoyed our little office party and we had no idea about what we would soon be faced with: the Corona crisis, for which we outlined implications and recommendations for digital rights right away. Not only did the Corona crisis increase our workload immensely, but it also complicated our work due to political circumstances.

Austria's Biggest Data Privacy Scandal: Private Residential Addresses Made Public


Nobody took data protection into account for the so-called “Supplementary Register for Other Concerned Parties” (Ergänzungsregister für sonstige Betroffene). The Ministry for the Economy and the Finance Ministry are responsible for a data breach to which the Austrian Economic Chambers were an accomplice.

Analysis of the "Stopp Corona" App: Improvements through expert report


Experts from, and SBA Research evaluated the Austrian Red Cross' "Stopp Corona" app for data security and privacy. No critical security gaps were found, but some potential for improvement in data protection implementation was identified. 

Many recommended improvements have already been implemented by the Austrian Red Cross. Within the existing system, some of these have already been implemented, others require long-term changes - including by Apple and Google.

Digital Rights Implications of the COVID-19 Crisis

This is the start of a pandemic. The new challenges facing our society are enormous and we can only overcome them by working together. We all have to stick together and contribute towards shared solutions. At the moment, the most important thing we can do is follow the recommendations of the health authorities and the scientific community, especially when our own behaviour can help relieve the crisis. Nonetheless, we are convinced that we must make a contribution as a digital rights policy organisation.

Austria gets new legislation for Internet filters and they are for consumer protection


Last week, submitted legal analysis on the draft legislation on Consumer Protection Cooperation. This bill introduces a wide range of powers for consumer protection organisations to block websites, seize domains and oblige hosters to delete information that it deems dangerous or illegal under consumer protection law. We see a number of problems with the the idea of internet filters, but the EU obliges Austria to implement these measures.

Austrian Government Hacking-Law Is Unconstitutional

Karola Riegler

The Austrian constitutional court decided on 11.12.2019 that the surveillance law that permits the use of spying software to read encrypted messages violates the fundamental right to respect for private life (article 8 ECHR), the fundamental right to data protection (§ 1 Austrian data protection law) and the constitutionally granted right that prohibits unreasonable searches (Art 9 Austrian bill of rights – Staatsgrundgesetz).

Updating Net Neutrality in the EU: 5G, Zero-Rating, Parental Control, DPI

The Body of European Regulators for Electronic Communications (BEREC) is currently in the process of overhauling their guidelines on the implementation of the Regulation (EU) 2015/2120, which forms the legal basis of the EU’s net neutrality rules. At its most recent plenary, BEREC produced new draft guidelines and opened a public consultation on this draft.

Our PNR complaint to the Federal Administrative Court


A few weeks ago we have filed a complaint with the Austrian data protection authority about the Passenger Name Record. Our aim is to overturn the directive, in other words to virtually abolish it. Four weeks ago the data protection authority has rejected our complaint, which we think is good news, because that is the only way we can go to court. We now had four weeks to draft and file a complaint for the Federal Administrative Court.


Zero-rating in Portugal: Permissive regulator allows ISP to get away with offering some of the most expensive mobile data in Europe


This is a guest post by Eduardo Santos of the Portuguese digital rights organisation D3 - Defesa dos Direitos Digitais. You can find the Portuguese version of this story on D3's website.


  • ISPs ignored the Portuguese telecoms regulator ANACOM's recommendations, refusing, among other things, to increase the volumes of mobile data available to customers.

  • ANACOM does not show the will or courage to address the problem.

  • ISPs are protected from fines by a government that, since 2015, still has not changed the law to introduce them.

  • Little has changed with Portugal's zero-rating offers, which are considered the worst in Europe.

  • Mobile Internet Data in Portugal: We pay some of the highest prices in Europe and our traffic volumes rank among the lowest.