December 7, 2019

December 06, 2019

Subscribe to Latest Legal News and Analysis

December 05, 2019

Subscribe to Latest Legal News and Analysis

Trademark Enforcement Implications of Europe’s New General Data Protection Regulation (GDPR)

On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR), which regulates data protection and privacy for all European Union citizens, took effect.  The regulation has wide reaching impact, applying to companies processing and storing data of any individual in the European Union, regardless of location.  (Article 3(2) GDPR.)

Among the many implications, the ability of brand owners to enforce their trademarks is likely to be affected.  One of the first actions taken by companies who wish to enforce their trademarks against online infringers or counterfeiters is searching the WHOIS database to obtain information about the domain in order to conduct investigations and send cease and desist communications.  In addition to providing technical information about the date of creation and expiration of a domain, this free database provides contact information for the registrant of a website, including name, physical address, email address, and phone numbers.  The WHOIS database is regulated by the Internet Corporation for Assigned Names and Numbers (ICANN), which has agreements with domain registrars worldwide to maintain the WHOIS data.

In an effort to comply with the GDPR and given the difficultly of determining which domain owners are EU subjects, many registrars removed data for all domains, listing only the state/province and country of the registrant contact, and an anonymous email address directed to the registrar (for example, in the case of the domain owned by a French company and the registrar is Gandi SAS, the email address would comprise a long string of numbers/letters followed by @contact.gandi.net.)  Other registrars, such as WHOIS.com, appear to have selectively redacted the information for registrants providing an EU contact address.  In light of this WHOIS blackout, the GDPR has effectively made it easier for counterfeiters and infringers to evade detection.

One domain registrar, the German-based EPAG Domainservices GmbH, announced that it will stop collecting the administrative contact and technical contact information of a registrant, because it believes that mere collection of this data would violate the GDPR.  On the same day the GDPR took effect, ICANN filed a legal action in Germany for injunctive relieve against EPAG, seeking a determination that the GDPR permits the collection of information and merely prevents the public display of such information.  ICANN argued in its motion that the collection and preservation of information is required for the “stable and secure operation of the domain name system, as well as a way to identify those customers that may be causing technical problems and legal issues with the domain names and/or their content.”  On May 30, 2018, the Regional Court of Bonn rejected the motion for preliminary injunction, stating that the collection and storage of the administrative and technical contact information of the registrant violates the GDPR.  The Court also stated that the extra contact details, namely the administrative and technical contact, are not necessary for a domain to be registered, and indeed, many registrants list the same information provided for the registrant contact as the administrative and technical contact.

There are also implications for enforcement beyond the investigative stage.  Trademark rights holders can institute a Uniform Dispute Resolution Policy (UDRP) action to obtain cancellation or transfer of a domain.  Current UDRP rules require the Complainant’s complaint to provide the name of the respondent (the domain name registrant) and the respondent’s contact information.  However, complying with this requirement will be difficult in light of the WHOIS blackout.  In response to this concern, ICANN has adopted a Temporary Specification that allows the dispute resolution provider to accept a UDRP case in the absence of contact information for the respondent and requires the registrar to provide the dispute resolution provider with the full registration data of the registrant.  This is an interim resolution, which may be in effect for no more than one year, so it remains to be seen what the final ICANN policy will be.

© 2019 Brinks Gilson Lione. All Rights Reserved.

TRENDING LEGAL ANALYSIS


About this Author

Gerlinde (Linda) Nattler, Brinks Gilson Law Firm, Ann Arbor, Intellectual Property Law Attorney
Shareholder

With many years of international in-house patent prosecution experience, Linda Nattler knows how important it is to view patent applications in the context of a client’s business and technology. In the automotive supplier industry, Linda learned to be conscientious of costs and to focus on value.

While working in Europe, Linda was admitted to practice before the European Patent Office and thus has a truly international perspective.  The knowledge of different standards applied by different patent offices helps her draft patent applications that...

734-302-6003
Jennifer Theis, Brinks Gilson Law Firm, Ann Arbor, Intellectual Property Law Attorney
Associate

Jennifer’s diverse intellectual property law practice focuses on all aspects of trademark law, patent law, copyright law and unfair competition law. Her litigation experience includes civil litigation in federal district court as well as cancellation and opposition proceedings before the Trademark Trial and Appeal Board.

Jennifer’s practice also focuses on trademark and patent prosecution, both domestic and foreign.  Her international trademark practice includes international trademark prosecution, determination of international filing strategies, and international trademark litigation. She also has experience preparing and prosecuting patent applications in the chemical and mechanical arts. In connection with her foreign practice in both trademark and patent prosecution, Jennifer works closely with foreign associates around the world.

Jennifer’s unique background and experience make her a strong asset in cases presenting both trademark and patent issues.  She was a key part of a litigation team that defeated a trademark challenge on the basis that the trademark was functional, as demonstrated by strong utility patent evidence, and thus not entitled to trademark protection. 

734-302-6016