The General Data Protection Regulation - Fighting IP infringement on an anonymous internet - Clarivate
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
The General Data Protection Regulation Fighting IP infringement on an anonymous internet August 20, 2020
Accessing slides and questions
2
Speakers
Cyntia King Brian King, CIPP/E Griffin Barnett Gene Quinn
Founder & CEO Director of Internet Policy Attorney President& CEO
ModernIP & Industry Affairs, Clarivate Winterfeldt IP Group IPWatchdog
3
Agenda
• Background on ICANN and the DNS
• GDPR background
• DNS policy response to GDPR
• GDPR impact
• Strategies and best practices
• Call to action
4
Background on
ICANN and the DNS
• Internet Corporation for Assigned Names
and Numbers (ICANN)
• Domain Name System (DNS)
• WHOIS – aka domain registration data
– Name, organization (if applicable), postal
address, email, and telephone number
of the owner, known as the domain
name registrant
– WHOIS data supported investigations
into phishing, malware, ransomware, etc.
5GDPR background
• General Data Protection Regulation (GDPR)
• Went into effect in May 2018
• Regulation is automatically binding on all EU
Member States
• Applies to personal data – not exactly PII
– "any information relating to an identified or
identifiable natural person (‘data subject’)"
• Limited by territorial scope
• Penalties: massive fines, "cease processing"
orders
6DNS policy response
Key changes
• ICANN responded with a Temporary Specification
– Continued collection of WHOIS data
– Limited publication, no personal data published
– Registrars required to have a contact form
• Expedited Policy Development Process
(EPDP): attempt at a new GDPR-compliant policy
– Phase 1 addressed collection and redaction
– Phase 2 built "System for Standardized
Access/Disclosure (SSAD)"
– Phase 3?
7GDPR impact
The new realities
• Stopping bad actors is increasingly difficult Brand owners
• Counterfeits, piracy, phishing, fraud, must become
and malware, among other abuses, are more creative
generally harder to take down
• Traditional self-help tools like WHOIS are
no longer sufficient
Insert footer 8GDPR impact
The new realities
Brand owners must now • Brand owners proceeding directly to domain
work more closely with name disputes like the Uniform Domain Name
registrars:
Dispute Resolution Policy (UDRP) or litigation
• Requests to disclose
nonpublic • Without the registrant’s identity, brand owners
information struggle to develop a comprehensive case
• Send Cease and – Registrants’ prior infringements or indicators
Desist letters to of bad faith registration and use
registrants
Source: https://www.americanbar.org/groups/intellectual_property_law/publications/landslide/2018- 9
19/march-april/impact-gdpr-online-brand-enforcement-webinar/Strategies and
best practices
• Archived WHOIS data
Online enforcement in the
post-GDPR world • Website contacts
• “John Doe” Cease and Desist letters
• Notice and takedown letters to web hosts
• Registration authority abuse points of
contact
• Arbitral domain name disputes
• WHOIS data request templates
10Call to action
• IP owners should document the various challenges
associated with redacted WHOIS data
• Share data and anecdotes through:
– Trade organizations, INTA, IP Constituency,
Cybersecurity Tech Accord, etc.
– Enforcement vendors and corporate registrars can
help
• Support ongoing policy development within
ICANN
• Support legislative efforts in the US and EU to
clarify permissibility of WHOIS for transparency,
accountability, cybersecurity, law enforcement,
and other anti-abuse purposes
11Q&A
Please type your question into
the Q&A box on your screen.
12For more information please contact us: https://info.markmonitor.com/contact-us © 2020 Clarivate. All rights reserved. Republication or redistribution of Clarivate content, including by framing or similar means, is prohibited without the prior written consent of Clarivate. Clarivate and its logo, as well as all other trademarks used herein are trademarks of their respective owners and used under license.
You can also read
