bonetta / iStockphoto.com
The International Trademark Association (INTA) will campaign for an “accessible, contactable and accurate” Whois database of domain name registration information to help tackle online counterfeiters.
In mid-May, ICANN announced that it had approved a temporary solution for storing registration data to comply with the EU’s General Data Protection Regulation (GDPR), which came into force on May 25.
The solution, called the “Temporary Specification for gTLD Registration Deal”, applies to the Whois model, under which domain registrants’ data are stored.
Access to personal data is now restricted to layered access, where only users with a “legitimate purpose” can request access to non-public data through registrars and registry operators, in order to comply with the GDPR.
But INTA voiced concerns about this temporary specification on Monday, June 18, claiming that the model seriously limits the amount of information that is publicly available. For example, it only provides an anonymous email address or web form rather than a personal contact.
Lori Schulman, senior director for internet policy at INTA, said that while INTA recognises the importance of personal privacy, more information is required.
“The information that remains publicly available under the Temporary Specification is insufficient to ensure a secure and reliable domain name system,” she said. “Ensuring continued access is absolutely necessary to protect consumers on the internet.”
INTA said that its members use information in the Whois database to contact website registrants that steal personal information and sell counterfeit goods.
Schulman continued: “With criminal online counterfeiting activity growing exponentially, we hope for a timely resolution that will allow access to information with respect to the privacy rules set by the GDPR.”
INTA said it is currently helping trademark professionals to understand the recent changes to the Whois system. On Friday, June 15, the association published a paper called “Whois Challenges: A Toolkit for IP Professionals”. The paper advises the industry to consider pursuing other legal means to obtain data, such as through a subpoena. It also recommended engaging with other relevant intermediaries to gather information, such as registries and internet service providers.
INTA’s work comes amid a German court case between ICANN and domain name registrar EPAG, which has said it will no longer collect some contact information in light of the GDPR. According to ICANN, the injunction proceedings, which it filed on the same day the GDPR came into effect (May 25), were launched to ensure that data collected for the Whois system is protected in accordance with the regulation.
The Regional Court in Bonn refused the injunction in May, claiming that ICANN did not demonstrate that it is necessary to collect additional information. The organisation appealed against the decision at the Higher Regional Court of Cologne on Wednesday, June 13.
However, ICANN announced yesterday, June 21, that the Bonn regional court has decided to revisit its ruling not to grant the injunction against EPAG.
Schulman told TBO that ICANN is monitoring the case carefully as it agrees with ICANN that there needs to be more clarity regarding the implementation of the GDPR.
“The speed at which the case was filed and decided underscores the importance of the matter,” Schulman explained.
“The fact that the court is revisiting its decision provides another opportunity for clarification and for the ensuring the integrity of the Whois system. This is important as we move forward with the practical applications of the regulation and achieving the balance the GDPR seeks to provide.”
INTA, Whois, GDPR, trademark, counterfeit, online, ICANN, online counterfeit, domain name