We are not going to explain this EU regulation but rather assess its impact on the domain industry. In short, it has provided a layer of anonymity for squatters and fraudsters to perpetuate their crimes and/or infringements.
Trade mark owners have to navigate privacy legislation and court orders that absorb time, money and effort all the while allowing the infringer to continue its business as usual.
While we understand that personal information should not be floating around the Internet uncontrolled taking a blanket piece of legislation is not in the interests of the community.
Companies House
All companies in the United Kingdom are incorporated and registered with the Companies House (registrar of companies). Companies House, under GDPR, provide freely accessible detailed information about each company and its directors. We have selected the random company MYCOMPANYPENSION.CO.UK LIMITED, its information is accessible at https://beta.companieshouse.gov.uk/company/05110235. If you peruse the tabs and click on “People” it lists the Director’s details, which include his Nationality, Date of Birth, Occupation, Country of residence and Address.
The address The Heights, 2 Wellington Road, Little Wenlock, Telford, England, TF6 5BJ if search on Google Maps shows the Director’s house as seen below.
Intellectual Property Office (“IPO”)
The IPO is the government department responsible for Intellectual Property, which includes trade marks. The IPO provides a free trade mark search service that allows user to search for a trade mark by a keyword, phrase, image, owner’s name or trade mark number. A search against the name Michael Smith brings up the mark Dawsons Originals (see https://trademarks.ipo.gov.uk/ipo-tmcase/page/Results/1/UK00003350652). Once again, if the select the Name and Addresses tab it will reveal the trade mark owner’s full name and address with the owner’s house, once again, viewable on Google maps.
Does a company name or trade mark pose a security risk? We would say NO. Does a rogue domain sending out phishing emails or associated website stealing credit information pose a security risk? We would say YES. The question is then why has ICANN and a substantial number of country code registries redacted crucial Whois information?
A UDRP complaint could be filed against a legitimate party or a registrant that has a commercial relationship with the Complainant, which wastes costs, time and could strain commercial relationships. Another issue not being able to identify a pattern of squatting since search domains by registrant is longer possible and the archive information is now out-dated.
Domain investigations now require more time, expertise and ultimately relying on assumptions, which is does not bode well for those that want to enforce the rights online.
Strategy
One way of mitigating the above issues is to centralise your domain names with one corporate registrar and formulating a domain policy requiring licensees, agents and franchisees to register domain names through this centralised channel. The presumption is then that any domain name outside the centralised environment is an infringement and if the policy is not followed by a licensee, agent or franchisee then they should be responsible for the associated costs.
The above is one of a few steps that can be taken as part of a comprehensive domain name policy and strategy exercise. Get in touch with the Lexsynergy Brand Protection Team if you need assistance.