Crystal Broughan is grateful that E. Paul Cuffe, a summer law clerk at Marks Gray, P.A., co-authored this article.
You may have heard of the European Union General Data Protection Regulation (GDPR), and for good reason. The regulation, effective May 25, 2018, applies to European Union (EU) members as well as any company that markets goods or services to EU residents, regardless of location.
On its face, the regulation’s purpose is understandable – many internet users value privacy, especially in today’s post-Cambridge Analytica society. However, the regulation poses challenges to any individual or business wishing to fight illegal online trademark infringement or domain name dispute
The Impact of GDPR
Prior to the GDPR, intellectual property attorneys could access the WHOIS database controlled by the International Corporation of Assigned Names and Numbers (ICANN), to identify, locate, and contact those registrants infringing on clients’ intellectual property rights.
This information was publicly available, and included the name, physical address, and email address of the domain registrant. However, to comply with the GDPR, ICANN pre-emptively approved a Temporary Specification for generic top-level domain registration data, making it much harder for intellectual property owners to identify domain name registrants and fight back against fraud and illegal use.
The Temporary Specification now hides most relevant information from public display and instead provides an anonymous email address for domain registrants, preventing any direct communication.
Other specific information, used for sending cease and desist letters, has now been replaced with a vague regional location rather than a physical address. Because of the lack of specificity, intellectual property attorneys have to go to greater lengths to ascertain the violator’s identity, meaning enforcement costs may rise as a result.
What Options Are Still Available to Fight Back
All is not lost. Companies seeking relief from illegal infringement can still contact an intellectual property attorney, who can help your business navigate non-public WHOIS information by tailoring your request to get results.
An attorney can actively explore other avenues to protect your trademark and domain name from infringement, including serving subpoenas on registries and registrars that hold relevant identification information. Users with a legitimate and proportionate purpose for accessing the non-public Personal Data will be able to request information through Registrars and Registry Operators.
Another option is filing a Complaint with the World Intellectual Property Organization (WIPO) under the Uniform Domain Name Dispute Resolution Policy (UDRP).
The Registrar must provide the UDRP provider with the full Registration Data for each of the specified domain names, upon the UDRP provider notifying the Registrar of the existence of a Complaint. The Complainant may file a “Doe” complaint, and the UDRP Provider shall provide the relevant contact details of the Registered Name Holder after being presented with a “Doe” complaint.
The Complaint needs to allege:
- the domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights;
- the Respondent has no rights or legitimate interests in respect of the domain name; and
- the domain name was registered and is being used in bad faith.
If you or your business has been affected by trademark infringement or domain name disputes on the Internet, contact Crystal Broughan and the Marks Gray Intellectual Property Team to assist you in navigating the Temporary Specification for gTLD Registration Data and protecting your trademarks.