Data Protection: WHOIS Ready to Enforce Your Trademarks?
Both global and US-based businesses have been advised by their EU counsel that as of May 25 2018, the EU General Data Protection Regulation (679/2016) will apply to all online offers of goods or services to EU-based natural persons. The law will make the collection of data and tracking of online activity illegal, except where express consent is obtained and where such consent is not “tied” to the receipt of goods or services (i.e., a ‘check the box’ form of consent is not expected to be usable).
While offers to corporate persons are exempt from this privacy regulation, businesses can expect would-be counterfeiters and trademark infringers to take advantage of the new regulation in order to avoid detection in the purchase and sale of counterfeit goods online. How will the established WHOIS system and domain name dispute resolution procedures such as the Uniform Domain Name Dispute Resolution Policy (UDRP) and the new Uniform Rapid Suspension (URS) mechanism deal with these changes?
Privacy advocates hail the new General Data Protection Regulation as a big step forward in the protection of personal data against misuse and abuse by commercial interests. The regulation confirms, they assert, that each natural person interacting on the worldwide web has “the right to be forgotten”. But how does our increasingly global internet-based society deal with bad actors, including criminals, in the face of these new privacy protections?