Are trademark payment notices always to be trusted?

Written by Dreyfus14/01/2022

Prepare and prevent, don’t repair and prevent…This saying also applies to trademarks, since fraudulent payment notices are becoming more and more common nowadays.

How is this happening?

Dishonest private companies, scammers, approach trademark applicants directly to ask them to pay certain service fees or other payments that are in fact neither necessary nor legally required.

It is therefore crucial to be vigilant.

Since trademark registration and management are already time-consuming and expensive enough, it goes without saying that paying scammers for their so-called trademark services is unnecessary. You should be extra vigilant when enquiries about trademark procedures do not come directly from your usual counsel.

However, fraud is not always easy to detect and the imagination of fraudsters is endless.

For instance, some fraudsters approach trademark owners directly by e-mail and demand payment of certain expenses, fees or additional charges to obtain trademarks’ registration when these expenses are purely fictitious. The payment notices are often for trademark monitoring services, additional registration services or services related to trademark renewal.

The problem is that trademark owners are very often approached by a so-called official agency, company or institution and sometimes even a so-called public authority or government. They use the same official templates, signatures and stamps as these types of entities and they provide the exact data of the trademark application or registration in question. After all, this kind of information is relatively easy to find online.

Another issue is the cross-border nature of these scams.

It may happen that trademark owners receive a notice from a Russian, Indian or Chinese company. While it is perfectly possible that payment notices from foreign countries are made in good faith, it is always beneficial to carefully check the accuracy and legitimacy of such notices.

Here are our advices.

Firstly, we invite you to check the stage of the proceedings in which your trademark is located. Isn’t it strange to pay fees for the registration or renewal of a trademark if the time limit has not even started or has already expired?

We encourage you to be vigilant. Do not hesitate to ask us questions when you receive documents that do not come from Dreyfus. Indeed, it is always wise to contact your legal adviser before making a payment. Dreyfus is specialised in these matters and is fully aware of the applicable time limits, procedural steps and expenses.

There are also official offices and agencies that can be contacted in the event of a suspicious or misleading trademark notice. For instance, the United States Patent and Trademark Office (USPTO) can be contacted. Although this office does not have the legal authority to prevent companies from engaging in these types of fraudulent practices, the USPTO does assist in the fight against fraudulent trademark notices. The USPTO issues reports and works with the Department of Justice and the Federal Trade Commission. Trademark owners can always file complaints with the Federal Trade Commission. This commission has the power to investigate and even prosecute if, for example, a particular company commits fraudulent business practices on a large scale. Dreyfus can assist you in filing such complaints and prevent you from being entrapped.

Fraudulent trade mark notices are becoming increasingly common. It is important to be very vigilant, to check the applicable time limits, to contact your Trademark Attorney before making any payments. At Dreyfus, we work with trademark offices and official agencies, such as the USPTO, in case of trademark notices that are suspicious or appear to be misleading.

About this topic…

♦ Why is the well-knownness of an earlier trademark not enough to qualify bad faith?

The Vinci’s case: how to set up an effective domain name strategy?

Written by Dreyfus29/06/2021

On November 22, 2016, at 4:05 p.m. sharp, the Vinci group is the victim of identity theft. Several media receive a false press release reporting a review of Vinci’s consolidated accounts for fiscal year 2015 and the first half of 2016 following alleged accounting embezzlement.

In 2019, the US news agency Bloomberg appealed a decision of the AMF’s sanctions commission. The hearing before the court of appeal will be held this Thursday. Bloomberg was sentenced to 5 million euros for relaying information from a false Vinci press release.

A fake press release from Bloomberg

The American news agency Bloomberg is accused of having disseminated, in 2016, false information about Vinci without having verified it.

On November 22, 2016, at 4:05 p.m. sharp, the Vinci group is the victim of identity theft. Several media receive a false press release reporting a review of Vinci’s consolidated accounts for fiscal year 2015 and the first half of 2016 following alleged accounting embezzlement.

The false statement also indicates that the chief financial officer was fired. Less than a minute later, between 4:06 p.m. and 4:07 p.m., Bloomberg picked up the information and disclosed it on his terminal.

This press release had even been signed with the name of the real person in charge of Vinci’s press relations, while referring to a false cell phone number.

In defense, the defendants point out before the commission that the tone, the absence of spelling errors, the careful layout, the exact references to certain directors of Vinci or to its auditors, the mention of the real spokesperson for Vinci as well as the plausibility of the foot of the press release, which contained a link to unsubscribe from the Vinci mailing list and alerted the recipient to the automated processing of data, mentioning the contact details of the real correspondent Cnil de Vinci , did not differentiate this press release from a real press release established by Vinci.

The domain name issue in the false press release

The only inaccuracies in the false press release: the domain name of the false Vinci site to which the press release referred and the false mobile phone number of the “media contact”.

The fraudulent press release was also received by AFP, which did not follow up after realizing that this document had been posted on a mirror website, very similar to the real site but with a separate address (vinci.group and not vinci.com).

How to protect your domain name?

Domain names represent an essential intangible asset for companies since they allow access to websites related to their activity. Now, protecting the domain names associated with the trademark or the business of the company has become almost as important to the company as the protection of its brands.

In addition, domain names are the preferred medium for cyber-attacks which calls for increased vigilance on the part of owners and Internet users.

Phishing, fake president fraud, identity theft, fake job offers, theft of personal or banking data, whaling… frauds are numerous and are constantly adapting to technological progress;

Fraud is facilitated by the very protective provisions of the GDPR, which prevent the direct identification of the domain name registrant; technical service providers tend to rely upon the provisions of the GDPR and the LCEN to justify their inaction and allow fraud to continue;

There is a great risk of damage to the company’s image and reputation. Such fraud also has a significant financial impact, given the risk of embezzlement and money laundering.

The AMF’s Guide to Periodic Disclosure for Listed Companies (dated June

To protect your domain name from cybersquatters or competitors, it is recommended to also register the domain name as a trademark in addition to the reservation of the domain name.

It is possible, before making a domain name reservation and trademark registration, to check its availability, to avoid conflicts between domain names, trademarks or corporate names.

Domain names are now an integral part of the international economic landscape. Like industrial property rights and traditional distinctive signs, they are instruments of competition and intangible assets of companies. It is of course essential to have it for anyone who wants to exist in a market.

But care must be taken not to come into conflict with one’s competitors by using, even in good faith, distinctive signs close to theirs. Conversely, it is also necessary to enforce its own distinctive signs by not allowing third parties to appropriate signs close to its own in order to offer the same or similar services.

How to mitigate the risks regarding domain names ?

– Proceed to an audit of the corporate trademark and the company’s flagship trademarks among domain names, in order to map the risks;

– Set up a 7/7 watch of the corporate trademark among domain names, and a 7/7 or at least weekly watch on the company’s trademarks dedicated to goods or services;

– Set up watches on social networks such as Facebook, Instagram, Twitter and LinkedIn;

– Proceed with the preventive registration of domain names in risky extensions (such as .COM, .CO, .CM, .GROUP);

– Take preventive action(s) against potentially dangerous domain names;

– Define procedures and set up a crisis management unit to quickly react to infringements in case of emergency;

– Draft or update the company’s domain name policy (registration procedures, compliance with legal obligations, best practices) to be shared internally and with the company’s service providers and suppliers.

Cyber threats are more numerous and more complex and it has also become increasingly difficult to take action against registrants of disputed domains. More than ever, monitoring is required with the implementation of risk mapping and a defense strategy.

Dreyfus advise you in setting up the appropriate strategy to limit the risks related to domain names and to integrate industrial property assets in your compliance plans.

Domain name right : bona fide offer of goods or services

Written by Dreyfus18/06/2021

A right or legitimate interest in a domain name may be demonstrated by its use in the context of a bona fide offer of goods or services. This assessment requires to take into account how the domain name has been used, but also the space-time framework: When was the domain name registered? By whom? In which country?

Founded in 2003, Ba & sh is a French company operating in the field of design, manufacturing and distribution of women’s ready-to-wear clothing and fashion accessories.

Having detected the registration of the domain names <bashshitever.com> registered in 2014 and <bashclothing.co> in 2020, Ba & sh filed a complaint with the WIPO Arbitration and Mediation Center in order to obtain the transfer of these domain names.

While the construction of the <bashshitever.com> domain name is somewhat intriguing, the fact that the <bashclothing.co> name contains the term “clothing” may have led Ba & sh to consider that its rights were being infringed.

In any event, since the domain names include the sign “BASH” except for the ampersand, the panellist acknowledges a likelihood of confusion.

Nevertheless, the panellist deems that Respondent has chosen these domain names independently of Complainant’s trademark and has used them in the context of a bona fide offer of its goods on the corresponding websites.

Indeed, Respondent is from Malaysia, where the company was founded in 2015, while Ba & sh has provided no evidence of actual use of its BA & SH mark in that territory. Khor Xin Yu, Respondent, explains that he co-founded “BASH CLOTHING” in 2013 when he was 18 years old and that the mark was also used in Singapore in 2017. Initially, the sign used was “Bash Shit Ever”, later changed in 2020 to “Bash Clothing” as part of a branding update.

Similarly, Respondent provided an explanation and documentation justifying the selection of the sign BASH because of the meaning of the dictionary term “bash”. Finally, Respondent used a logo that differs from that of Complainant.

Complainant has not shown that Respondent registered and used the disputed domain names in bad faith.

Indeed, when the first disputed domain name <bashshitever.com> was acquired by Respondent, Complainant had been operating in France and worldwide for about 11 years and had owned an international trademark for about 7 years, designating Malaysia. However, Complainant has not presented any evidence of actual use of its BA & SH trademark in Malaysia at the time of registration of the first disputed domain name.

In addition, a Google search for “bash” shows several results unrelated to Complainant or its trademark. Respondent has also provided a plausible explanation as to why he chose the term “bash”, an English dictionary term related to the idea of a party insofar as its initial target was female students.

Finally, although the parties operate in the same market segment (i.e. ready-to-wear and accessories), Respondent’s use of the disputed domain names does not show an intention to compete with Complainant and its trademark, given the different logos/layouts, the significantly lower prices at which the Respondent’s clothing is offered for sale, and the absence of any information on Respondent’s website that would lead users to believe that the website is operated by Complainant or any of its affiliated entities.

The complaint is, therefore, dismissed.

Ba & sh should have investigated Respondent’s motives before initiating a UDRP proceeding, including whether its trademark was known in Respondent’s country when the first domain name was registered. It should also have determined for how long Respondent had been using the “Bash” sign for fashion activities. An investigation could have revealed these elements. Respondent explains that he first marketed the Bash clothing on social networks. And, depending on the answers to these two questions, write a proper letter to the defendant

What are the new cookies regulations?

Written by Dreyfus04/05/2021

The Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) affects how you, as a website owner, can use cookies and online tracking of visitors from the European Union.

Wednesday March 31, 2021 was the very last limit set by the National Commission for Informatics and Freedoms (Cnil), for French advertisers to comply with European rules relating to cookies.

From Thursday, April 1, 2021, the banner on websites is required to enable much more explicitly Internet users to “refuse” these computer tracers much more explicitly.

This is one of the measures voted in 2016 by the European Union in the General Data Protection Regulation (GDPR) and entered into force in May 2018 in all 28 (now 27) member states.

When they browse the web or use mobile applications, Internet users are increasingly followed by various actors (service editors, advertising agencies, social networks, etc.) who analyze their browsing, their movements and their consultation or consumption habits, in particular in order to provide them with targeted advertising or personalized services.

This tracing is carried out by means of various technical tools, “tracers“, of which cookies are a part.

Cookies are small pieces of text inserted into your browser while you are browsing the web.

There are various types of cookies and have multiple uses: they can be used to remember your customer ID with a merchant site, the current content of your shopping cart, the language of the web page, an identifier allowing to track your navigation for statistical or advertising purposes, etc.

They are a source of concern for many users, while others are not even aware of their existence apart from the mandatory pop-ups on all websites that ask you to “Accept cookies“.

If you are a website owner, it is important that you make sure that the management of cookies and consent on your site complies with the very strict requirements of the GDPR.

In France, the National Commission for Informatics and Liberties (CNIL) carries out numerous checks and issues sanctions for non-compliance with the GDPR and French legislation.

Your website is required under the EU’s General Data Protection Regulation (GDPR) to allow European users to control the activation of cookies and trackers that collect their personal data.

This is the essential point of consent to the use of cookies according to the GDPR – and the future of our digital infrastructures.

The CNIL reminds that the consent requirement provided for by these provisions refers to the definition and the conditions provided for in Articles 4 and 7 of the GDPR.

It must therefore be free, specific, enlightened, unambiguous and the user must be able to withdraw it, at any time, with the same simplicity with which he has granted it.

In order to remind and clarify the law applicable to the deposit and reading of tracers in the user’s terminal, the CNIL adopted guidelines on September 17, 2020, supplemented by a recommendation aimed in particular at proposing examples of modalities consent collection practices.

Consent must be manifested by a positive action of the user, informed beforehand, in particular, of the consequences of his or her choice and having the means to accept, refuse and withdraw his or her consent. Appropriate systems must therefore be put in place to collect consent in practical ways that allow Internet users to benefit from easy-to-use solutions.

Acceptance of general conditions of use cannot be a valid method of obtaining consent.

The CNIL will therefore now carry out checks to assess compliance with the rules relating to tracers, in application of article 82 of the Data Protection Act and articles 4 and 7 of the RGPD on consent, as summarized in its guidelines.

Through this action, the CNIL intends to meet the expectations of Internet users who are increasingly sensitive to Internet tracking issues, as evidenced by the constant complaints it receives on this subject.

If breaches are noted following checks or complaints, the CNIL may use all the means made available to it in its repressive chain and issue, if necessary, formal notices or public sanctions.

The evolution of the applicable rules, clarified by the guidelines and the recommendation of the CNIL, marks a turning point and progress for Internet users, who will now be able to exercise better control over online tracers.

Dreyfus can assist you in the management of your trademarks portfolios in all countries of the world. Do not hesitate to contact us.

How to develop a reliable and flexible compliance strategy for intellectual property professionals?

Written by Dreyfus13/04/2021

With the rise of the digital age, setting up a reliable and effective compliance strategy as well as mobilizing the skills of professionals have become key factors in the company’s performance, particularly in the field of intellectual property.

From the outset, it seems important to remember that compliance includes all the processes intended to ensure that a company, its managers and its employees comply with the legal and ethical standards applicable to them.

FromLAW No. 2016-1691 of 9 December 2016 on transparency, the fight against corruption and the modernization of economic life. on anti-corruption measures to the implementation of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR) of April 27, 2016, and including the duty of vigilance of parent companies and ordering companies (law of March 27, 2017) or the prevention of cyber risk (implementing decree of May 25, 2018 of the NIS directive), an undeniable operational impact on companies and their managers can be observed.

Likewise, the challenges and risks of intellectual property have increased in the virtual world. Domain names as well as social networks are likely to be the targets of multiple attacks.

The key challenges of compliance with regards to intellectual property risks (I) raise questions both about the practical consequences of compliance in all aspects of intellectual property the role of the “compliance officer” in this framework (II) and the role of the “compliance officer” in this framework (III).

The challenges of intellectual property compliance

The environment as well as legal decisions revolve around the long-term development of the company and justify the establishment of real legal engineering within companies whose intellectual property is decisive. This is the key challenge of compliance, which is both a framework for thinking and a method of solving problems, involving a large number of tools and components oriented by company strategy.

Legal, regulatory and fiscal constraints are increasingly stringent and make companies bear increased responsibility in case of negligence, or even simple inaction. In particular, the regulatory framework sets out increased requirements regarding the protection of consumers and personal data.

In the field of intellectual property, domain names are key assets to contemplate when analyzing the risks and drafting compliance plans. While they are a major asset, essential to the very functioning of the business (for example, for e-mail servers, they are also risk vectors: phishing, fraud, identity theft, forged e-mail …

Online fraud can lead to loss of turnover, endangerment of consumers, and if so, risks of civil or criminal liabilities of directors for non-compliance with enforceable laws and regulations. impact the stock market price, thus causing loss of customers.

It is therefore very important to put in place the appropriate strategies to anticipate dangers, react effectively in the event of a breach and ultimately protect the company.

The practical consequences of compliance in all aspects of intellectual and digital property

Compliance has an immediate impact on all aspects of intellectual property. Also, while the legislation is more and more restrictive for companies and intellectual property professionals, compliance requirements are reinforced. How to bring your company into compliance with the laws? What are the risks of not including the Internet in your compliance plan?

Beyond its legal meaning of compliance with the requirements of laws, regulations, Codes or even directives, compliance aims to protect the company and intellectual property professionals against any non-compliance with internal and external standards and its values. Intellectual property frauds are growing and becoming increasingly complex in the digital era, which requires taking action to mitigate risks for the company business, including in terms of compliance. Its objective is to avoid adverse consequences for the company and its managers, both financial and civil or criminal liability, or damage to image and reputation. It is ultimately part of a desire for lasting growth in all aspects of intellectual property, both in France and internationally.

To cope with these new standards, companies must put in place a governance policy capable of minimizing their exposure to risk vis-à-vis their customers, their shareholders, but also regulatory authorities.

To begin with, it is essential to identify the risks through the relevant audits.

Then, it is important to assess those risks and map them. The risk management policy shall be defined accordingly.

In particular, a policy for the management of Intellectual Property related risks calls for a virtually systematic surveillance system of trademarks among domain names.

The role of the “compliance officer”

The compliance officer must protect the company from any risk of non-compliance, and therefore ensure that the organization adopts good conduct in business practice, respects the rules of ethics and finally, complies with the various laws, regulations, or even European directives. It must therefore undertake a proactive approach, organize and implement the means necessary to comply with the regulations.

Likewise, it is important to anticipate risks: once they have been defined and supervised, the mission of the compliance officer being to protect the group and its reputation, he will have to analyze the rules and standards according to the context, the activity, and the business sector.

According to a study “Who are compliance professionals?” published on March 27, 2019 and carried out by the firm Fed Legal, 92% of compliance officers have a legal background. They are operational professionals who have a strategic vision as well as a multiplicity of soft skills, in particular an ability to persuade and an interest for teaching. In addition, 60% of compliance officers belong to legal services in which there are many recruitments, both in large and small companies.

When a company is questioned, the consequences are at the same time financial, commercial and human: the company reputation will suffer greatly. The compliance officer thus takes care of protecting his company from the financial, legal and reputational risks that it incurs in the event that it does not comply with laws, regulations, conventions, or quite simply a certain code of ethics or professional conduct.

Dreyfus can assist you in the management of your trademarks portfolios in all countries of the world. Please feel free to contact us.

International Trademark: Islamic Republic of Pakistan joins the Madrid System

Written by Dreyfus09/03/2021

As of May 24, 2021, the Madrid System will officially welcome its 108th member: the Islamic Republic of Pakistan.

On February 24, 2021, Pakistan deposited its instrument of accession to the Madrid System with the Director General of the World Intellectual Property Office (WIPO). The arrival of this new member brings the number of countries covered by the Madrid System to 124, and highlights the importance of this international system for the filing and registration of Trademarks.

The Madrid System provides a practical and cost-effective solution for the registration and management of trademarks worldwide. More than 1.5 million international trademarks have been registered since its creation in 1891. While the system has been in place for more than 125 years, three quarters of its member countries have joined it in the last three decades. After the recent accessions of Canada, Samoa, Thailand, and the Sultanate of Brunei, it is now up to Pakistan to join the protocol.

Pakistan’s adhesion to the Madrid Protocol enables the harmonization of Pakistani trademark law at the international level. With the filing of a single international Trademark application, Pakistani applicants now have the possibility to apply for protection in 124 countries. Likewise, Pakistan can be designated by applications from any state party to the Madrid system and international Trademark owners can easily extend their protection in the Pakistani market.

The international trademark system is a major asset for the registration of your trademarks abroad at a lower cost.

Dreyfus can assist you in the management of your trademarks portfolios in all countries of the world. Please feel free to contact us.

THE NECESSITY OF PROMOTING THE TRADEMARK ON WHICH THE COMPLAINT IS BASED ON

Written by Dreyfus25/11/2020

(WIPO Arbitration and Mediation Center Natixis Intertitres v. Super Privacy Service LTD c/o Dynadot / Fredrik Lindgrent Case No. D2020-1383)

Being the owner of a trademark that is identical to the disputed domain name is a real advantage in the UDRP procedure. Nevertheless, it is necessary to prove that the respondent was aware of said trademark rights, which is quite complicated when the trademark at issue hasn’t been widely advertised.

Natixis Intertitres, the subsidiary of Natixis, a French internationally known corporate company, holds the registered trademark “INTERTITRES”. This subsidiary filed a complaint before the WIPO Arbitration and Mediation Center in order to obtain the transfer of the disputed domain name <intretitres.fr> registered by a third party without authorization.

During the procedure, the identity of the registrant was disclosed, revealing a Swedish owner.

The Complainant sustained that the domain name was registered in reference to its trademark without any relation to the generic definition of the term “intertitres” especially considering that, in the French language, as in the French dictionary, the term is generally used in the singular form.

Moreover, the complainant finds the configuration of mail servers on a domain name that doesn’t refer to any website “suspicious”. Natixis Intertitres sustained that the Respondent’s intention was to take undue advantage of the Complainant and its trademark’s reputation.

The Respondent didn’t submit a formal response to the complaint but stated that he had reserved the domain name in order to create a site related to literature.

The expert in charge of this dispute acknowledges the likelihood of confusion between the trademark and the subsequent domain name, as well as the lack of proof of legitimate interest by the Respondent, who didn’t really explain the choice of this domain name.

However, the expert is not convinced by the Complainant’s arguments as regards the bad faith criterion. In this respect, he highlights two important points.

Firstly, there is no evidence that the Swedish-based registrant was aware of the trademark “INTERTITRES”. Natixis is certainly internationally known as a company, but this is not the case for its “INTERTITRES” trademark, which designates lunch vouchers mainly available in France. These vouchers are rather known under the names of “CHEQUE DE TABLE” or “APETIZ”. Therefore, it is unlikely that the Respondent was aware of this trademark.

Secondly, “INTERTITRES” is mainly a generic term. The fact that dictionary definitions are given in the singular form does not mean that the term does not exist in its plural form.

The complaint is therefore rejected.

In view of the above, it is essential for right holders to be aware of the scope of protection that their trademark can enjoy. Is the trademark sufficiently well known in the registrant’s country so that it is reasonable to assume that they had it in mind when they reserved the name? This question must be carefully considered, especially when the trademark has also an everyday language meaning and the disputed domain name is not used for an activity similar to the one for which the prior trademark is used. In this regard, the expert rightly pointed out that using a domain name primarily for having a letterbox is not prohibited (referring to the presence of e-mail servers on the disputed domain name).

Dreyfus can assist you in the management of your trademarks portfolios in all countries of the world and in their enforcement. Do not hesitate to contact us.

An e-mail or IP address is not an address within the meaning of EU law

Written by Dreyfus20/10/2020

In its decision of July 9, 2020 (case C-264/19), the Court of Justice of the European Union stated that neither an IP address nor an e-mail address are “addresses” under Article 8 of the European Union Directive on the enforcement of intellectual property rights.

Un litige opposant une société de distribution à YouTube

A dispute between a distribution company and YouTube

Constantin Film, a German film distribution company, noticed that some of the films it distributed were uploaded on YouTube without its consent. Therefore, the company turned to YouTube to obtain the e-mail and IP addresses of the users who had put this content online.
As YouTube and Google (Google owns YouTube) refused to share such data, the case went to German courts.

Article 8 of the European Union Directive on the enforcement of intellectual property rights provides for the possibility for right holders to request information from infringers and/or persons who have provided services to them, here YouTube, about “the origin and distribution networks of goods or services which infringe an intellectual property right”, including the “names and addresses” of the persons involved.

The German Federal Court has questioned whether e-mail and IP addresses should be considered “addresses” within the meaning of the Directive. The German Court decided to stay the proceedings and referred to the European Court of Justice for a preliminary ruling on whether such information falls within the meaning of the term “address” in the Directive 2004/48.

2. A definition of “address” that does not include IP and e-mail addresses

The answer of the CJEU is clear: EU law does not assimilate IP addresses and e-mail addresses with addresses.
The notion of address in the above-mentioned article must be understood in the sense of a postal address.

In its press release No.88/20 of July 9, 2020, the Court states that: “as regards the usual meaning of the term ‘address’, it refers only to the postal address, that is to say, the place of a given person’s permanent address or habitual residence” when used without any further clarification.
Nevertheless, the CJEU indicates that Member States may grant holders of intellectual property rights a more extensive right to information.
In the above-mentioned press release, the Court specifically mentions, regarding Article 8 of the 2004/48 directive, that “the aim of that provision is to reconcile compliance with various rights, inter alia the right of holders to information and the right of users to protection of personal data”.

This decision limits the range of action of right holders, for whom it is increasingly difficult to identify persons infringing on their assets. In addition to this issue of IP addresses and e-mails that do not fall within the scope of what is understood by “address”, The Data Protection Regulation, known as the GDPR, of April 27, 2016, has also complexifed the defence of rights on the Internet, as privacy has been increased and information on the holders of domain names redacted.

Fashion ID & Facebook : a joint liability subject to debate

Written by Dreyfus13/08/2019

Like many digital players, Fashion ID inserted a Facebook “Like” button on its website. This plug-in automatically collects and transmits to Facebook the personal data of the website users, whether or not they click on the button, and whether or not they have a Facebook account. This process takes place without any control by the website operator. Arguing that users’ rights are being infringed, a consumer association brought an action before the German court in order to stop this infringement. On 20 January 2017, the competent trial court referred several questions for a preliminary ruling to the Court of Justice of the European Union (CJEU). The main question is whether the integration of this “Like” button is sufficient to make Fashion ID a ‘data controller’ (jointly with Facebook), for the purpose of Directive 95/46/EC of 24 October 1995, which has now been replaced by the General Data Protection Regulation of 27 April 2016 (GDPR).

Although the Court must rule on the notion of joint liability and the consequences of such liability in the light of Directive 95/46/EC, which has now been replaced by the GDPR. Both texts define the data controller in the same way. As a result, the scope of the CJEU decision will most likely go beyond the present case. Aware of the stakes involved in this future decision, Advocate General Michel Bobek, in his Opinion of 19 December 2018, expressed his support for joint liability between Fashion ID and Facebook.

In the past, the CJEU has already recognised the administrator of a Facebook page as a data controller who had freely chosen to host the page on Facebook and therefore could set up the statistical processing carried out by the social network (CJEU, “Wirtschaftsakademie”, 5 June 2018, C-210/16). The Court also said that this liability might be retained even if no direct processing is carried out by the page administrator (CJEU, 10 July 2018, “Jehovan”, C-25/17). The CJEU has therefore adopted a broad understanding of the notion of joint liability.

In his Opinion, Advocate General Bobek has invited the Court to reduce the scope of joint liability in order to better identify the liability of each involved. He considers that extending the notion of data controller to any third party allowing the processing in any way would actually dilute the liability, making the protection of individuals less effective. For this reason, he proposes to link the definition of data controller with the purpose of the processing operation, which must be unique in its means and purpose.

This approach requires splitting the processing into as many subprocesses as there are purposes to get to the part in which the website operator exercises effective control. This approach would limit the website operator’s liability to the processing phase for which he is actually responsible and would not include subsequent processing operations beyond his control. In this instance, Facebook and Fashion ID pursue a commercial and advertising purpose. Therefore, Facebook should be solely liable for processing operations carried out after the data collection, while Fashion ID’s liability would be limited to the collection and transmission of such data. However, this solution proposed by the Advocate General has several disadvantages.

Thus, reducing the notion of purpose to the functions of the processing, (i.e. the technical operations of collection), conceals the advertising purpose. However, users should be able to anticipate this. The processing cannot be examined as a whole and an analysis of its compliance with regard to the consequences for the persons concerned is not possible. In the end, adopting this narrow approach would exempt website operators from requiring the disclosure of information from their operating partners that would effectively inform users, because the different data controllers involved would not be required to know the processing operations carried out by their partners.

Indeed, a data controller could try to evade responsibility by arguing his actions did not cause damage and try to put blame on all others who have beeen held to be joint data controllers. Such presumption of solidarity could be considered if the provisions of Article 26 GDPR (requiring joint controllers to transparently determine responsibilities) are not met.

Moreover, the Advocate General does not address the question of cascading responsibilities. Indeed, in the case of multiple data controllers, a new division of the processing operation would have to be carried out under this solution. For example, if Facebook provides data to a partner, the company will have limited liability and it would be up to its partner to enforce the GDPR.

An extensive interpretation of joint liability in cascade would force operators to identify the relevant mechanisms for ensuring respect for the rights of individuals.

The choice of an extensive or restricted interpretation of joint liability now rests with the CJEU. Its decision is therefore highly anticipated since it will have a direct impact on website publishers and the protection of private individuals’ personal data.

Dreyfus assists its clients worldwide in their strategies to protect and defend their rights on the Internet. Do not hesitate to contact us!

Towards the protection of culinary creations by certificate?

Written by Dreyfus09/08/2019

To the delight of our taste buds, flavors and gourmet creations are part of our daily lives, but from a legal perspective, the situation is more delicate and the flavor more bitter. Indeed, there is a consensus on the need to protect culinary creations but intellectual property law currently offers only peripheral protection.

As we saw in a previous article, cooking recipes can be protected by author rights, the aesthetics or visual appearance of the creation is covered by designs, innovative techniques used in the creation may give rise to patent protection and the name can be registered as a trademark. None of these solutions protect the actual creations themselves. In addition, certain conditions must be met, which may not reflect practice. Under these circumstances, the most appropriate solution is usually author rights protection, which is intended to protect an original creation regardless of its form of expression (Article L. 112-1 of the French Intellectual Property Code). Nevertheless, the Court of justice of the European Union (ECJ, 13 November 2018, “Levola”, C 310/17) has refused to protect flavors in this way. The French Cour de Cassation has adopted a similar position on fragrances (Cass. Com., 10 December 2013, n°19872). In short, when it comes to culinary creations, the law remains speechless.

In order to fill this legal void, several deputies have submitted to the National Assembly a bill about the protection of recipes and culinary creations, on April 30, 2019.

The main purpose of the text is to clarify the situation of traditional recipes on one hand and culinary creations on the other hand.

Thus, the creation of a new institution, the “Fondation pour la gastronomie française”, is envisaged. This private non-profit legal entity would be in charge of listing and protecting traditional recipes in order to identify restaurateurs who respect them. The aim is to promote the knowledge, conservation and enhancement of French gastronomy as well as reassuring consumers.

Moreover, the bill provides for the creation of a public institution, the “Institut national de la création culinaire certifiée” (INCC), to ensure the protection of culinary creations. The INCC would issue a new industrial property title, the certificate of culinary creation, to provide protection for a period of 20 years. A hybrid between author rights and industrial property rights, this title includes economic rights as well as three moral rights (right of disclosure, right to the name, right to respect for culinary creation).

The conditions for granting such a certificate are:

the creation must be new with respect to the state of the culinary art;
the existence of a creative activity, not resulting in an obvious way from the state of the art for a skilled person;
an own gustatory character.

The bill excludes from protection a number of productions such as creations involving elements of the human body, narcotics or creations violating public order. The text also provides a specific regime for employees’ creations, close to the one existing in author rights, as well as an opposition procedure lasting two months from the publication of the application for the grant of a culinary creation certificate. Unsurprisingly, any infringement to this new property right would constitute an act of counterfeiting.

This bill, being a combination of trademark law and author rights, is not convincing. The Chefs themselves do not appear to be asking for such protection and the measure will probably mainly benefit the food industries. The bill has now been referred to the Committee on Cultural Affairs and Education. This is a case to follow.

Specializing in intellectual property, Dreyfus will know how to create the perfect recipe to enhance and protect your rights. Do not hesitate to contact us!

Non classé