Lidl won a dispute over lidl-de.website

The well-known German retailer Lidl won a domain name dispute before the WIPO Arbitration and Mediation Center.

The case concerns a registered domain name for lidl-de.website by an individual. The domain hadn’t been used before the arbitration procedure with exception of a period when there was a website offering a survey dedicated to Lidl and redirecting to third parties websites.

The German company initiated a complaint wanting transfer of the domain to the company because of bad faith registration. In order for such a procedure to be successful the following cumulative factors are necessary:

(i) the Domain Name is identical or confusingly similar to a trademark or a service mark in which the Complainant has rights; and

(ii) the Respondent has no rights or legitimate interests in respect of the Domain Name; and

(iii) the Domain Name has been registered and is being used in bad faith.

Lidl submitted many early registered trademarks such as:

– German registration No. 2006134 for LIDL registered on 11 November, 1991;
– German registration No. 30009606 for LIDL registered on 9 March, 2000;
– European Union registration No. 001779784 for 

 registered on 12 November, 2001;
– European Union registration No. 001778679 for LIDL registered on 22 August, 2002;
– European Union registration No. 013192752 for 

 registered on 27 February, 2015;
– International registration No. 748064 for LIDL registered on 26 July, 2000;
– International registration No. 974355 for LIDL registered on 9 May, 2008;

In addition, the company added a family of registered domain names that include lidl.

WIPO concluded that the domain name in dispute is confusingly similar to the earlier trademarks because they are included in the domain entirely. The rest of the domain elements .de and .website are generic and descriptive and are not able to create a difference.

According to Arbitrage, the domain registrant has no legitimate interest to use it because it associates with the business and geographical origin of Lidl as a company.

The domain was registered in bad faith because the registrant was aware of Lidl’s business taking advantage of its reputation.

Source: WIPO.

Advertisement

Whether links to copyrighted content is legal in the light of possible framing?

Advocate General of the European court M. SZPUNAR has issued his opinion in case C‑392/19 VG Bild-Kunst v Stiftung Preußischer Kulturbesitz.

The dispute concerns the following background:

Verwertungsgesellschaft Bild-Kunst (‘VG Bild-Kunst’) is a copyright collecting society for the visual arts in Germany. Stiftung Preußischer Kulturbesitz (‘SPK’) is a foundation under German law.

SPK is the operator of the Deutsche Digitale Bibliothek (DDB), a digital library devoted to culture and knowledge, which networks German cultural and scientific institutions.

The DDB website contains links to digitised content stored on the internet portals of participating institutions. As a ‘digital showcase’, the DDB itself stores only thumbnails, that is to say smaller versions of the original images. When a user clicks on a search result, he or she is redirected to the page for the object – on the DDB’s site – which contains an enlarged version of the image (440 x 330 pixels). When that image is clicked on or the ‘magnifying glass’ function is used, an enlarged version of the thumbnail, with a maximum resolution of 800 x 600 pixels, is displayed in a lightbox. Moreover, the ‘Display object on original site’ button contains a direct link to the website of the institution providing the object (either a simple link to its home page or a deep link to the page for the object). The DDB uses works with the authorisation of the holders of the copyright in those works.

VG Bild-Kunst makes the conclusion with SPK of a licence agreement for the use of its catalogue of works in the form of thumbnails conditional on the inclusion of a provision whereby the licensee undertakes, when using the protected works and subject matter covered by the agreement, to apply effective technological measures against the framing by third parties of the thumbnails of the protected works or subject matter displayed on the DDB website.

Taking the view that such a contractual provision was unreasonable from the point of view of copyright, SPK brought an action for declaratory relief before the Regional Court, Germany seeking a declaration that VG Bild-Kunst was required to grant the licence in question to SPK without making that licence conditional on the implementation of those technological measures. That action was initially dismissed by the Regional Court. On appeal by SPK, the judgment of the Regional Court was overturned by the Higher Regional Court, Germany. By its appeal on a point of law (Revision), VG Bild-Kunst seeks the dismissal of SPK’s action.

Federal Court of Justice, Germany points out, first, that, pursuant to the first sentence of Paragraph 34(1) of the VGG, collecting societies are required to grant to any person who so requests, on reasonable terms, a licence to use the rights entrusted to them for management. The referring court states, secondly, that, according to its case-law applicable in the present case, it is accepted that collecting societies may, in exceptional cases, derogate from their obligation and refuse to grant a licence, provided that that refusal does not constitute an abuse of monopoly power and that it is possible to rely, in opposition to the licence application, on overriding legitimate interests. In that regard, in order to determine whether there is an objectively justified exception, it is necessary to weigh up the interests of the persons concerned, taking into account the purpose of the law and the objective underlying that basic obligation of collecting societies.

The outcome of the appeal on a point of law depends on whether the embedding of a work – which is available on a website, such as that of the DDB, with the consent of the rightholder – in the website of a third party by way of framing constitutes communication to the public of that work within the meaning of Article 3(1) of Directive 2001/29/EC where it circumvents protection measures against framing taken by the rightholder or imposed by him or her on a licensee. If it does, the rights of the members of VG Bild-Kunst are affected and it could legitimately request that the obligation to implement technological measures against framing be included in the licence agreement with SPK.

Being uncertain as to the answer to be given to that question, in the light of the Court’s case-law on the use of hyperlinks on the internet, the Federal Court of Justice decided to stay the proceedings and to refer the following question to the Court for a preliminary ruling:

‘Does the embedding of a work – which is available on a freely accessible website with the consent of the rightholder – in the website of a third party by way of framing constitute communication to the public of that work within the meaning of Article 3(1) of Directive 2001/29/EC where it occurs through circumvention of protection measures against framing taken or instigated by the rightholder?’

The Advocate General’s opinion:

(1) Article 3(1) of Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society must be interpreted as meaning that the embedding in a webpage of copyright-protected works freely available to the public with the authorisation of the copyright holder on other websites, in such a way that those works are automatically displayed on that page as soon as it is opened, without any further action on the part of the user, constitutes a communication to the public within the meaning of that provision.

(2)  That article must be interpreted as meaning that the embedding of a work – which has been made freely available to the public on a website with the consent of the rightholder – in the website of a third party by means of a clickable link using the framing technique does not constitute a communication to the public within the meaning of that provision, where that embedding circumvents protection measures against framing taken or imposed by the copyright holder.

(3)  Technological protection measures against the embedding in a webpage of copyright-protected works freely available to the public with the authorisation of the copyright holder on other websites, where those works are embedded in such a way that they are automatically displayed on that webpage as soon as it is opened, without any further action on the part of the user, constitute effective protection measures within the meaning of Article 6 of Directive 2001/29.

Thumb and privacy issues – a European Court’s decision

The European Court has ruled in case C‑40/17 Fashion ID GmbH & Co. KG v Verbraucherzentrale NRW eV, interveners: Facebook Ireland Ltd, Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen.

This case concerns the following:

Fashion ID, an online clothing retailer, embedded on its website the ‘Like’ social plugin from the social network Facebook (‘the Facebook “Like” button’).

It is apparent from the order for reference that one feature of the internet is that, when a website is visited, the browser allows content from different sources to be displayed. Thus, for example, photos, videos, news and the Facebook ‘Like’ button at issue in the present case can be linked to a website and appear there. If a website operator intends to embed such third-party content, he places a link to the external content on that website. When the browser of a visitor to that website encounters such a link, it requests the content from the third-party provider and adds it to the appearance of the website at the desired place. For this to occur, the browser transmits to the server of the third-party provider the IP address of that visitor’s computer, as well as the browser’s technical data, so that the server can establish the format in which the content is to be delivered to that address. In addition, the browser transmits information relating to the desired content. The operator of a website embedding third-party content onto that website cannot control what data the browser transmits or what the third-party provider does with those data, in particular whether it decides to save and use them.

With regard, in particular, to the Facebook ‘Like’ button, it seems to be apparent from the order for reference that, when a visitor consults the website of Fashion ID, that visitor’s personal data are transmitted to Facebook Ireland as a result of that website including that button. It seems that that transmission occurs without that visitor being aware of it regardless of whether or not he or she is a member of the social network Facebook or has clicked on the Facebook ‘Like’ button.

Verbraucherzentrale NRW, a public-service association tasked with safeguarding the interests of consumers, criticises Fashion ID for transmitting to Facebook Ireland personal data belonging to visitors to its website, first, without their consent and, second, in breach of the duties to inform set out in the provisions relating to the protection of personal data.

Verbraucherzentrale NRW brought legal proceedings for an injunction before the Landgericht Düsseldorf (Regional Court, Düsseldorf, Germany) against Fashion ID to force it to stop that practice.

By decision of 9 March 2016, the Landgericht Düsseldorf (Regional Court, Düsseldorf) upheld in part the requests made by Verbraucherzentrale NRW, after having found that it has standing to bring proceedings under Paragraph 8(3)(3) of the UWG.

Fashion ID brought an appeal against that decision before the referring court, the Oberlandesgericht Düsseldorf (Higher Regional Court, Düsseldorf, Germany). Facebook Ireland intervened in that appeal in support of Fashion ID. Verbraucherzentrale NRW brought a cross-appeal seeking an extension of the ruling made against Fashion ID at first instance.

Fashion ID argues before the referring court that the decision of the Landgericht Düsseldorf (Regional Court, Düsseldorf) is incompatible with Directive 95/46.

First, Fashion ID claims that Articles 22 to 24 of that directive envisage granting legal remedies only to data subjects whose personal data are processed and the competent supervising authorities. Consequently, it argues, the action brought by Verbraucherzentrale NRW is inadmissible due to the fact that that association does not have standing to bring or defend legal proceedings under Directive 95/46.

Second, Fashion ID asserts that the Landgericht Düsseldorf (Regional Court, Düsseldorf) erred in finding that it was a controller, within the meaning of Article 2(d) of Directive 95/46, since it has no influence either over the data transmitted by the visitor’s browser from its website or over whether and, where applicable, how Facebook Ireland uses those data.

In the first place, the referring court has doubts whether Directive 95/46 gives public-service associations the right to bring or defend legal proceedings in order to defend the interests of persons who have suffered harm. It takes the view that Article 24 of that directive does not preclude associations from being a party to legal proceedings, since, pursuant to that article, Member States are required to adopt ‘suitable measures’ to ensure the full implementation of that directive. Thus, the referring court concludes that national legislation allowing associations to bring legal proceedings in the interest of consumers may constitute such a ‘suitable measure’.

That court notes, in this regard, that Article 80(2) of Regulation 2016/679, which repealed and replaced Directive 95/46, expressly authorises the bringing of legal proceedings by such an association, which would tend to confirm that the latter directive did not preclude such an action.

Further, that court is uncertain whether the operator of a website, such as Fashion ID, that embeds on that website a social plugin allowing personal data to be collected can be considered to be a controller within the meaning of Article 2(d) of Directive 95/46 despite the latter having no control over the processing of the data transmitted to the provider of that plugin. In this context, the referring court refers to the case that gave rise to the judgment of 5 June 2018, Wirtschaftsakademie Schleswig-Holstein (C‑210/16, EU:C:2018:388), which dealt with a similar question.

In the alternative, in the event that Fashion ID is not to be considered to be a controller, the referring court is uncertain whether that directive exhaustively regulates that notion, such that it precludes national legislation that establishes civil liability for a third party who infringes data protection rights. The referring court asserts that it would be possible to envisage Fashion ID being liable on this basis under national law as a ‘disrupter’ (‘Störer’).

If Fashion ID had to be considered to be a controller or was at least liable as a ‘disrupter’ for any data protection infringements by Facebook Ireland, the referring court is uncertain whether the processing of the personal data at issue in the main proceedings is lawful and whether the duty to inform the data subject under Article 10 of Directive 95/46 rests with Fashion ID or with Facebook Ireland.

Thus, first, with regard to the conditions for the lawfulness of the processing of data as provided for in Article 7(f) of Directive 95/46, the referring court expresses uncertainty as to whether, in a situation such as that at issue in the main proceedings, it is appropriate to take into account the legitimate interest of the operator of the website or that of the provider of the social plugin.

Second, that court is unsure who is required to obtain the consent of and inform the data subjects whose personal data are processed in a situation such as that at issue in the main proceedings. The referring court takes the view that the matter of who is obliged to inform the persons concerned, as provided for in Article 10 of Directive 95/46, is particularly important given that any embedding of third-party content on a website gives rise, in principle, to the processing of personal data, the scope and purpose of which are, however, unknown to the person embedding that content, namely the operator of the website concerned. That operator could not, therefore, provide the information required, to the extent that it is required to, meaning that the imposition of an obligation on the operator to inform the data subjects would, in practice, amount to a prohibition on the embedding of third-party content.

In those circumstances, the Oberlandesgericht Düsseldorf (Higher Regional Court, Düsseldorf) decided to stay the proceedings and to refer the following questions to the Court of Justice for a preliminary ruling:

‘(1) Do the rules in Articles 22, 23 and 24 of Directive [95/46] preclude national legislation which, in addition to the powers of intervention conferred on the data-protection authorities and the remedies available to the data subject, grants public-service associations the power to take action against the infringer in the event of an infringement in order to safeguard the interests of consumers?

If Question 1 is answered in the negative:

(2) In a case such as the present one, in which someone has embedded a programming code in his website which causes the user’s browser to request content from a third party and, to this end, transmits personal data to the third party, is the person embedding the content the “controller” within the meaning of Article 2(d) of Directive [95/46] if that person is himself unable to influence this data-processing operation?

(3) If Question 2 is answered in the negative: Is Article 2(d) of Directive [95/46] to be interpreted as meaning that it definitively regulates liability and responsibility in such a way that it precludes civil claims against a third party who, although not a “controller”, nonetheless creates the cause for the processing operation, without influencing it?

(4) Whose “legitimate interests”, in a situation such as the present one, are the decisive ones in the balancing of interests to be undertaken pursuant to Article 7(f) of Directive [95/46]? Is it the interests in embedding third-party content or the interests of the third party?

(5) To whom must the consent to be declared under Articles 7(a) and 2(h) of Directive [95/46] be given in a situation such as that in the present case?

(6) Does the duty to inform under Article 10 of Directive [95/46] also apply in a situation such as that in the present case to the operator of the website who has embedded the content of a third party and thus creates the cause for the processing of personal data by the third party?’

The Court’s decision:

1.  Articles 22 to 24 of Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data must be interpreted as not precluding national legislation which allows consumer-protection associations to bring or defend legal proceedings against a person allegedly responsible for an infringement of the protection of personal data.

2. The operator of a website, such as Fashion ID GmbH & Co. KG, that embeds on that website a social plugin causing the browser of a visitor to that website to request content from the provider of that plugin and, to that end, to transmit to that provider personal data of the visitor can be considered to be a controller, within the meaning of Article 2(d) of Directive 95/46. That liability is, however, limited to the operation or set of operations involving the processing of personal data in respect of which it actually determines the purposes and means, that is to say, the collection and disclosure by transmission of the data at issue.

3. In a situation such as that at issue in the main proceedings, in which the operator of a website embeds on that website a social plugin causing the browser of a visitor to that website to request content from the provider of that plugin and, to that end, to transmit to that provider personal data of the visitor, it is necessary that that operator and that provider each pursue a legitimate interest, within the meaning of Article 7(f) of Directive 95/46, through those processing operations in order for those operations to be justified in respect of each of them.

4. Articles 2(h) and 7(a) of Directive 95/46 must be interpreted as meaning that, in a situation such as that at issue in the main proceedings, in which the operator of a website embeds on that website a social plugin causing the browser of a visitor to that website to request content from the provider of that plugin and, to that end, to transmit to that provider personal data of the visitor, the consent referred to in those provisions must be obtained by that operator only with regard to the operation or set of operations involving the processing of personal data in respect of which that operator determines the purposes and means. In addition, Article 10 of that directive must be interpreted as meaning that, in such a situation, the duty to inform laid down in that provision is incumbent also on that operator, but the information that the latter must provide to the data subject need relate only to the operation or set of operations involving the processing of personal data in respect of which that operator actually determines the purposes and means.

Designs, novelty and a General Court decision

The General Court of the EU ruled in Case T‑651/16, Crocs, Inc. v EUIPO, Gifi Diffusion. This case concerns a registered EU design 257001-0001 by Western Brands LLC on 22.11.2004 with claimed priority based on a US design registered on 28.05.2004.

This EU design after that was transferred to Crocs. In 2013, the French-based company Gifi Diffusion filed an application for a declaration of invalidity of the design based on a lack of novelty.

As it is known, one EU design can receive protection only in the case that it is novel and has individual character.

EUIPO took a decision for invalidation of the design, which decision was confirmed by the General Court.

The reason for this was that information for the design was available in 2003 through the Corcs’ website, it was displayed on an exhibition in Florida and was available for sale.

Corcs argued that such information wasn’t accessible in EU at that time, but the Court dismissed it because there was no evidence that the Corcs’website wasn’t accessible in EU.

This case is indicative of the need for a good intellectual property planning. In the case of industrial designs and inventions, this is crucial because if these IP assets are not new, for example, they cannot be protected. Due to this, all information regarding them has to be managed very carefully in order to fulfill the respective legal requirements.