In examining whether registration ought to be refused on the ground that that shape involved a technical solution, EUIPO and the General Court should also have taken into account non-visible functional elements represented by that shape, such as its rotating capability.
At the request of Seven Towers, a UK company which manages, inter alia, intellectual property rights relating to the ‘Rubik’s Cube’, the European Union Intellectual Property Office (EUIPO) registered in 1999, as a three-dimensional EU trade mark, the cubic shape in respect of “three-dimensional puzzles”.
In 2006, Simba Toys, a German toy manufacturer, applied to EUIPO to have the three-dimensional mark cancelled on the ground, inter alia, that it involved a technical solution consisting of its rotating capability, since such a solution may be protected only by patent and not as a trade mark.
EUIPO dismissed its application and Simba Toys thereupon brought an action before the General Court in which it sought annulment of EUIPO’s decision.
By its judgment of 25 November 2014 (see Case T-450/09 Simba Toys GmbH & Co. KG v OHIM), the General Court dismissed the action brought by Simba Toys on the ground that the cubic shape in question did not involve a technical function such as to preclude it from being protected as a trade mark. In particular, the General Court took the view that the technical solution characterising the Rubik’s Cube did not result from the characteristics of that shape but, at most, from an internal and invisible mechanism of the cube.
Simba Toys appealed to the Court of Justice against the judgment of the General Court.
By today’s judgment, the Court points out that Regulation No 40/94 on the Community trade mark, which is applicable in the present case, seeks to prevent trade mark law from granting an undertaking a monopoly on technical solutions or functional characteristics of a product. In that regard, the Court confirms that the essential characteristics of the shape at issue are the cubic form and a grid structure on each surface of that cube (see The Lego brick is not registrable as a Community trademark).
Next, with regard to the question as to whether registration of the shape in question as an EU trade mark is liable to confer on Seven Towns a monopoly on a technical solution, the Court highlights that it is necessary to examine whether that shape is necessary in order to obtain a technical result.
Contrary to what the General Court found, the Court of Justice notes that, in the context of the present examination, the essential characteristics of the cubic shape in issue must be assessed in the light of the technical function of the actual goods represented. In particular, it was for the General Court also to take into consideration non-visible elements of the graphic representation of that shape, such as the rotating capability of the individual elements in a three- dimensional “Rubik’s Cube”-type puzzle. In that context, the General Court ought to have defined the technical function of the product concerned and have taken this into account in its examination.
Moreover, the Court takes the view that the fact that Seven Towers requested registration of the contested sign for “three-dimensional puzzles” in general, without restricting itself to those that have a rotating capability, cannot preclude account from being taken of the technical function of the actual goods represented by the cubic form in question, and makes it even necessary, since the decision on that request is liable to affect all manufacturers of three-dimensional puzzles with cube–shaped elements.
In those circumstances, the Court sets aside the judgment of the General Court and annuls the EUIPO decision which confirmed registration of the shape in question as an EU trade mark. It will be a matter for EUIPO to adopt a new decision taking into account the findings set out by the Court in the present judgment.
On 2 February 2016 the European Commission and the U.S. Government reached a political agreement on a new framework for transatlantic exchanges of personal data for commercial purposes: the EU-U.S. Privacy Shield (see IP/16/216). The Commission presented the draft decision texts on 29 February 2016. Following the opinion of the article 29 working party (data protection authorities) of 13 April and the European Parliament resolution of 26 May, the Commission finalised the adoption procedure on 12 July 2016.
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce. On July 12, the European Commission deemed the Privacy Shield Framework adequate to enable data transfers under EU law.
The Privacy Shield program, which is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce, enables U.S.-based organisations to join the Privacy Shield Framework in order to benefit from the adequacy determination. To join the Privacy Shield Framework, a U.S.-based organization will be required to self-certify to the Department of Commerce and publicly commit to comply with the Framework’s requirements. While joining the Privacy Shield Framework is voluntary, once an eligible organisation makes the public commitment to comply with the Framework’s requirements, the commitment will become enforceable under U.S. law. All organizations interested in joining the Privacy Shield Framework should review its requirements in their entirety.
The new framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States as well as bringing legal clarity for businesses relying on transatlantic data transfers.
The EU-U.S. Privacy Shield is based on the following principles:
Since presenting the draft Privacy Shield in February, the Commission has drawn on the opinions of the European data protection authorities (Art. 29 working party) and the European Data Protection Supervisor, and the resolution of the European Parliament to include a number of additional clarifications and improvements. The European Commission and the U.S. notably agreed on additional clarifications on bulk collection of data, strengthening the Ombudsperson mechanism, and more explicit obligations on companies as regards limits on retention and onward transfers.
The “adequacy decision” will be notified today to the Member States and thereby enter into force immediately. On the U.S. side, the Privacy Shield framework will be published in the Federal Register, the equivalent to our Official Journal. The U.S. Department of Commerce will start operating the Privacy Shield. Once companies have had an opportunity to review the framework and update their compliance, companies will be able to certify with the Commerce Department starting August 1. In parallel, the Commission will publish a short guide for citizens explaining the available remedies in case an individual considers that his personal data has been used without taking into account the data protection rules.
The EU-U.S. Privacy Shield reflects the requirements set out by the European Court of Justice in its ruling on 6 October 2015, which declared the old Safe Harbour framework invalid.
In today’s Judgment in Case C-362/14 Maximillian Schrems v Data Protection Commissioner the Court rules that whilst the Court of Justice alone has jurisdiction to declare an EU act invalid, where a claim is lodged with the national supervisory authorities they may, even where the Commission has adopted a decision finding that a third country affords an adequate level of protection of personal data, examine whether the transfer of a person’s data to the third country complies with the requirements of the EU legislation on the protection of that data and, in the same way as the person concerned, bring the matter before the national courts, in order that the national courts make a reference for a preliminary ruling for the purpose of examination of that decision’s validity
The Data Protection Directive (1) provides that the transfer of personal data to a third country may, in principle, take place only if that third country ensures an adequate level of protection of the data. The directive also provides that the Commission may find that a third country ensures an adequate level of protection by reason of its domestic law or its international commitments. Finally, the directive provides that each Member State is to designate one or more public authorities responsible for monitoring the application within its territory of the national provisions adopted on the basis of the directive (“national supervisory authorities”).
Maximillian Schrems, an Austrian citizen, has been a Facebook user since 2008. As is the case with other subscribers residing in the EU, some or all of the data provided by Mr Schrems to Facebook is transferred from Facebook’s Irish subsidiary to servers located in the United States, where it is processed. Mr Schrems lodged a complaint with the Irish supervisory authority (the “Data Protection Commissioner”), taking the view that, in the light of the revelations made in 2013 by Edward Snowden concerning the activities of the United States intelligence services, in particular the National Security Agency (the “NSA”), the law and practice of the United States do not offer sufficient protection against surveillance by the public authorities of the data transferred to that country. The Irish authority rejected the complaint, on the ground, in particular, that in a decision of 26 July 2000 (2) the Commission considered that, under the “safe harbour” scheme (3), the United States ensures an adequate level of protection of the personal data transferred (the “Safe Harbour Decision”).
The High Court of Ireland, before which the case has been brought, wishes to ascertain whether that Commission decision has the effect of preventing a national supervisory authority from investigating a complaint alleging that the third country does not ensure an adequate level of protection and, where appropriate, from suspending the contested transfer of data.
In its Judgment, the Court of Justice holds that the existence of a Commission decision finding that a third country ensures an adequate level of protection of the personal data transferred cannot eliminate or even reduce the powers available to the national supervisory authorities under the Charter of Fundamental Rights of the European Union and the directive. The Court stresses in this regard the right, guaranteed by the Charter, to the protection of personal data and the task with which the national supervisory authorities are entrusted under the Charter.
The Court states, first of all, that no provision of the directive prevents oversight by the national supervisory authorities of transfers of personal data to third countries which have been the subject of a Commission decision. Thus, even if the Commission has adopted a decision, the national supervisory authorities, when dealing with a claim, must be able to examine, with complete independence, whether the transfer of a person’s data to a third country complies with the requirements laid down by the directive. Nevertheless, the Court points out that it alone has jurisdiction to declare that an EU act, such as a Commission decision, is invalid. Consequently, where a national authority or the person who has brought the matter before the national authority considers that a Commission decision is invalid, that authority or person must be able to bring proceedings before the national courts so that they may refer the case to the Court of Justice if they too have doubts as to the validity of the Commission decision. It is thus ultimately the Court of Justice which has the task of deciding whether or not a Commission decision is valid.
The Court then investigates whether the Safe Harbour Decision is invalid. In this connection, the Court states that the Commission was required to find that the United States in fact ensures, by reason of its domestic law or its international commitments, a level of protection of fundamental rights essentially equivalent to that guaranteed within the EU under the directive read in the light of the Charter. The Court observes that the Commission did not make such a finding, but merely examined the safe harbour scheme.
Without needing to establish whether that scheme ensures a level of protection essentially equivalent to that guaranteed within the EU, the Court observes that the scheme is applicable solely to the United States undertakings which adhere to it, and United States public authorities are not themselves subject to it. Furthermore, national security, public interest and law enforcement requirements of the United States prevail over the safe harbour scheme, so that United States undertakings are bound to disregard, without limitation, the protective rules laid down by that scheme where they conflict with such requirements. The United States safe harbour scheme thus enables interference, by United States public authorities, with the fundamental rights of persons, and the Commission decision does not refer either to the existence, in the United States, of rules intended to limit any such interference or to the existence of effective legal protection against the interference.
The Court considers that that analysis of the scheme is borne out by two Commission communications (4) according to which the United States authorities were able to access the personal data transferred from the Member States to the United States and process it in a way incompatible, in particular, with the purposes for which it was transferred, beyond what was strictly necessary and proportionate to the protection of national security. Also, the Commission noted that the persons concerned had no administrative or judicial means of redress enabling, in particular, the data relating to them to be accessed and, as the case may be, rectified or erased.
As regards a level of protection essentially equivalent to the fundamental rights and freedoms guaranteed within the EU, the Court finds that, under EU law, legislation is not limited to what is strictly necessary where it authorises, on a generalised basis, storage of all the personal data of all the persons whose data is transferred from the EU to the United States without any differentiation, limitation or exception being made in the light of the objective pursued and without an objective criterion being laid down for determining the limits of the access of the public authorities to the data and of its subsequent use. The Court adds that legislation permitting the public authorities to have access on a generalised basis to the content of electronic communications must be regarded as compromising the essence of the fundamental right to respect for private life.
Likewise, the Court observes that legislation not providing for any possibility for an individual to pursue legal remedies in order to have access to personal data relating to him, or to obtain the rectification or erasure of such data, compromises the essence of the fundamental right to effective judicial protection, the existence of such a possibility being inherent in the existence of the rule of law.
Finally, the Court finds that the Safe Harbour Decision denies the national supervisory authorities their powers where a person calls into question whether the decision is compatible with the protection of the privacy and of the fundamental rights and freedoms of individuals. The Court holds that the Commission did not have competence to restrict the national supervisory authorities’ powers in that way.
For all those reasons, the Court declares the Safe Harbour Decision invalid. This judgment has the consequence that the Irish supervisory authority is required to examine Mr Schrems’ complaint with all due diligence and, at the conclusion of its investigation, is to decide whether, pursuant to the directive, transfer of the data of Facebook’s European subscribers to the United States should be suspended on the ground that that country does not afford an adequate level of protection of personal data.
(1) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ 1995 L 281, p. 31).
(2) Commission Decision 2000/520/EC of 26 July 2000 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce (OJ 2000 L 215, p. 7).
(3) The safe harbour scheme includes a series of principles concerning the protection of personal data to which United States undertakings may subscribe voluntarily.
(4) Communication from the Commission to the European Parliament and the Council entitled “Rebuilding Trust in EU-US Data Flows” (COM(2013) 846 final, 27 November 2013) and Communication from the Commission to the European Parliament and the Council on the Functioning of the Safe Harbour from the Perspective of EU Citizens and Companies Established in the EU (COM(2013) 847 final, 27 November 2013).
H.E. Mr Maris Klišans, Ambassador of the Republic of Latvia, signed and deposited the instrument of approval of the 2005 Choice of Court Convention on behalf of the European Union, as the Republic of Latvia currently holds the rotating presidency of the Council of the European Union. The approval of the 2005 Choice of Court Convention by the European Union will trigger the Convention’s entry into force on Thursday 1 October 2015. Twenty-eight States (all EU Member States except Denmark — as well as Mexico, which was the first State to accede to the Convention on 26 September 2007) will then be bound by the Convention.
This is the third out of four instruments of the Hague Conference (after the 2007 Hague Convention and Protocol on Maintenance) to which the European Union becomes a party as a Regional Economic Integration Organisation. In addition, the Apostille, Child Abduction, and Intercountry Adoption Conventions are also in force in all EU Member States.
The Convention promotes trade by clarifying the rules governing international trade disputes, where the parties involved have chosen a competent court. In detail, the Convention provides clarity on: jurisdiction rules, which court is competent and on the recognition and enforcement of judgments given by courts in the countries which apply the Convention. In practice, this will ensure that EU companies have more legal certainty when doing business with firms outside the EU: they will be able to trust that their choice of court to deal with a dispute will be respected by the courts of the countries that have ratified the Convention, and that the judgment given by the chosen court will be recognised and enforced in the countries which apply it.
The Hague Convention of 30 June 2005 on Choice of Court Agreements is aimed at ensuring the effectiveness of choice of court agreements (also known as “forum selection clauses“) between parties to international commercial transactions. By doing so, the Convention provides greater certainty to businesses engaging in cross-border activities and therefore creates a legal environment more amenable to international trade and investment.
The Choice of Courts Convention was drawn up by a group of countries and trading blocks such as the EU, the US, Canada, Japan, China, Russia, all of them members of the Hague Conference on Private International Law that develops multilateral legal instruments. The Convention therefore has the potential to become a worldwide legal basis for the recognition and enforcement of judgments resulting from a choice of court agreement between the EU and these countries. It was signed by the EU in 2009.
The reform of the so-called Brussels I Regulation paved the way for the ratification of the Choice of Courts Convention. This regulation determines which national court has jurisdiction in cross-border cases involving EU firms and how court judgments issued in one EU country are recognised and enforced in another. The reform of these EU-internal rules will ensure coherence with the Convention.
In 2004 and 2005 Skype applied to the Office for Harmonisation in the Internal Market (OHIM) for registration of the figurative and word signs SKYPE as a Community trade mark for audiovisual goods, telephony and photography goods and computer services relating to software or to the creation or hosting of websites.
In 2005 and 2006, British Sky Broadcasting Group, now Sky Plc and Sky IP International, filed a notice of opposition, pleading the likelihood of confusion with its earlier Community word mark SKY, filed in 2003 for identical goods and services.
By decisions of 2012 and 2013, OHIM upheld the opposition, considering, in essence, that there existed a likelihood of confusion of the signs at issue on account, in particular, of their average degree of visual, phonetic and conceptual similarity and that the conditions for establishing a reduction of that likelihood had not been satisfied. Skype seeks annulment of those decisions before the General Court.
In its Judgment in Cases T-423/12, T-183/13 and T-184/13, the Court has dismissed Skype’s actions and by so doing confirmed that there exists a likelihood of confusion between the figurative and word sign SKYPE and the word mark SKY.
As regards the visual, phonetic and conceptual similarity of the signs at issue, the Court has confirmed that the pronunciation of the vowel “y” is no shorter in the word “skype” than it is in the word “sky”. In addition, the word “sky”, part of the basic vocabulary of the English language, remains clearly identifiable in the word “skype”, in spite of the fact that the latter is written as only one word. Last, the element “sky” in the word “skype” can perfectly well be identified by the relevant public, even if the remaining element “pe” has no specific meaning.
Moreover, the fact that, in the figurative sign applied for, the word element “skype” is surrounded by a jagged border in the shape of a cloud or a bubble does not affect the average degree of visual, phonetic and conceptual similarity. Visually, the figurative element does no more than highlight the word element and is, therefore, perceived as a mere border. Phonetically, the figurative element in the shape of a border cannot produce any phonetic impression, this latter remaining determined solely by the word element. Conceptually, the figurative element conveys no concept, except perhaps that of a cloud, which would further increase the likelihood of the element “sky” being recognised within the word element “skype”, for clouds are to be found “in the sky” and thus may readily be associated with the word “sky”.
So far as concerns the argument that the “skype” signs are highly distinctive because they are known by the public, the Court declares that, even if the term “skype” had acquired a meaning of its own for identifying the telecommunications services provided by the company Skype, it would be a generic, and consequently descriptive, term for services of that kind.
Lastly, the Court confirms that account cannot be taken of the peaceful coexistence of the signs at issue as a factor that could reduce the likelihood of confusion, the conditions in that connection not being satisfied. The peaceful coexistence of those signs in the United Kingdom concerns only one isolated, highly specific service (namely, peer-to-peer communications services) and cannot, therefore, lessen the likelihood of confusion in respect of the many other goods and services covered by the signs. In addition, that coexistence has not lasted long enough to give grounds for the assumption that it was based on the absence of any likelihood of confusion in the mind of the relevant public.
The Unfair Terms in Consumer Contracts Directive (see Council Directive 93/13/EEC of 5 April 1993 on unfair terms in consumer contracts) provides that consumers are not bound by unfair clauses that are set out in a contract concluded with a seller or supplier. However, according to that directive, the assessment of the unfair nature of the terms concerns neither the definition of the main subject-matter of the contract nor the adequacy of the price and remuneration, on the one hand, as against the services or goods supplied in exchange, on the other, provided that those terms are drafted in plain, intelligible language.
In 1998, Jean-Claude Van Hove concluded two mortgage loan contracts with a bank. At the time of concluding those loan contracts, he signed a “group insurance contract” with CNP Assurances in order to guarantee, in particular, 75% cover of the loan repayments in the event of total incapacity for work. Following an accident at work, Mr Van Hove was found to have a permanent partial incapacity rate of 72% within the meaning of French social security law. The doctor appointed by the insurance company concluded that Mr Van Hove’s state of health, although no longer compatible with him returning to his former post, allowed him to carry on appropriate employment on a part-time basis. The company therefore refused to continue to cover the loan repayments in respect of Mr Van Hove’s incapacity.
Mr Van Hove brought legal proceedings seeking recognition that the terms of the contract are unfair as regards the definition of total incapacity for work and the conditions under which repayments are covered by the insurance. According to Mr Van Hove, the term relating to total incapacity for work causes a significant imbalance to the detriment of the consumer, especially as its definition is worded in such a way as to be unintelligible to a lay consumer. CNP Assurances considers that the term at issue cannot constitute an unfair term because it concerns the very subject-matter of the contract. Moreover, it contends that the definition of total incapacity for work is clear and precise, even if the criteria which are taken into account for the purposes of fixing the functional incapacity rate are different to those used by the social security authorities. In those circumstances, the French court seised of the dispute (the tribunal de grande instance de Nîmes) asks the Court of Justice if it is possible to assess whether the term in question is unfair
In Judgment in Case C-96/14 Jean-Claude Van Hove v CNP Assurances SA, the Court states, referring to the nineteenth recital in the preamble to the directive, that, in insurance contracts, terms which clearly define or circumscribe the insured risk and the insurer’s liability shall not be subject to an assessment of unfair character, since those restrictions are taken into account in calculating the premium paid by the consumer. Thus, it cannot be ruled out that the term at issue concerns the very subject-matter of the contract, in so far as it seems to circumscribe the insured risk and the insurer’s liability while laying down the essential obligations of the insurance contract. The Court leaves it to the national court to determine this point, indicating that it falls to that court, having regard to the nature, general scheme and the terms of the contract taken as a whole, as well as its legal and factual context, to determine whether the term lays down an essential component of the contractual framework of which it forms part.
As regards the question whether the term at issue is drafted in plain, intelligible language, the Court points out that the requirement of transparency of contractual terms, laid down by the directive, cannot be reduced merely to their being formally and grammatically intelligible, but that that requirement is to be interpreted broadly. In the present case, the Court does not rule out that the scope of the term defining the concept of total incapacity for work was not understood by the consumer. Thus, it may be that, in the absence of a transparent explanation of the specific functioning of the insurance arrangements relating to the cover of loan payments in the context of the contract as a whole, Mr Van Hove was not in a position to evaluate, on the basis of precise, intelligible criteria, the economic consequences for him which derive from it. It is again is for the national court to make a finding on that point.
According to the Court, the fact that the insurance contract forms part of a contractual framework with the loan contracts could be also relevant in that context. Thus, the consumer cannot be required to have the same vigilance regarding the extent of the risks covered by that insurance contract as he would if he had concluded the insurance contract and the loan contracts separately.
The Court therefore declares that terms that relate to the main subject-matter of an insurance contract may be regarded as being drafted in plain, intelligible language if they are not only grammatically intelligible to the consumer, but also set out transparently the specific functioning of the insurance arrangements, taking into account the contractual framework of which they form part, so that that consumer is in a position to evaluate, on the basis of precise, intelligible criteria, the economic consequences for him which derive from it. If not, the national court may assess the possible unfairness of the term at issue.
The word “monaco” designates the origin or geographical destination of the goods and services concerned and is devoid of distinctive character.
In 2010, the government of the Principality of Monaco was granted, by the World Intellectual Property Organisation (WIPO), an international registration covering the territory of the EU. That registration, which was based on the word mark “monaco”, was transferred to the Office for Harmonisation in the Internal Market (OHIM) to be processed.
In 2013, OHIM refused protection of the trade mark in the EU in respect of some of the goods and services applied for (i.e.: magnetic data carriers, paper and cardboard goods not included in other classes, printed matter, photographs, transport, travel arrangement, entertainment, sporting activities and temporary accommodation).
OHIM based its refusal on the descriptive character of the mark, in so far as the word ‘monaco’ designates the territory of the same name and could, therefore, be understood in any of the EU’s official languages as designating the origin or geographical destination of the goods and services concerned. OHIM further considered that the mark at issue was clearly devoid of distinctive character. Les Marques de l’État de Monaco (MEM), a Monegasque public-limited company which succeeded the government of the Principality of Monaco as the proprietor of the trade mark, contests OHIM’s decision before the General Court and seeks the annulment of that decision.
In its Judgment in Case T-197/13, Monaco v OHIM, the General Court (Eight Chamber) dismisses the application and upholds OHIM’s decision.
The General Court points out, first of all, that under EU law any legal entity, including a public law entity, may apply to benefit from the protection of the Community trade mark. This is, of course, true for companies based in the territory of a State which is not a member of the EU, but also for the non-member States themselves, since those States are, within the meaning of EU law, public law entities. As a result, when the Principality of Monaco formulated its request to have the EU designated for the international registration of the trade mark at issue, it placed itself within the scope of application of EU law and, therefore, one of the absolute grounds for refusal could be relied upon against it. In other words, the Principality of Monaco sought to benefit from the application of EU law and, therefore, became subject to its rules, without being able to rely on its entitlement in principle to be the proprietor of the trade mark “monaco”.
Moreover, the General Court observes that the word “monaco” corresponds to the name of a globally-known principality, not least due to the renown of its royal family, its organisation of a Formula 1 Grand Prix and its organisation of a circus festival. Knowledge of the Principality of Monaco is even more established amongst EU citizens, notably on account of its borders with a Member State (France), its proximity to another Member State (Italy) and its use of the same currency as 19 of the 28 Member States, the Euro. There is therefore no doubt that the word “monaco” will evoke, regardless of the linguistic background of the relevant public, the geographic territory of the same name. In addition, the General Court notes that OHIM correctly defined the relevant public (namely citizens of the EU) and correctly attributed to that public, in respect of the goods and services concerned, either an average or high degree of attentiveness.
According to the General Court rulings, OHIM was also correct to find that the word “monaco” could be used, in trade, to designate origin, geographical destination or the place of supply of services, so that the trade mark has, in respect of the goods and services concerned, a descriptive character. Furthermore, as a descriptive mark is necessarily devoid of distinctive character, the General Court holds that the trade mark “monaco” is devoid of distinctive character.
In July 2014, the International Organization for Standardization (“ISO”) and International Electrotechnical Commission (“IEC”) published ISO/IEC 27018 (ISO 27018), a code of practice that sets forth standards and guidelines pertaining to the protection of data consisting of “personally identifiable information” processed by public cloud service providers.
ISO/IEC 27018 is the first International Standard that focuses on protection of personal data in the cloud. Although only a few months old, the new standard should finally give cloud users confidence that their service provider is well-placed to keep data private and secure.
ISO/IEC 27018 specifies certain minimum types of security measures that cloud providers should adopt, if applicable, including encryption and access controls. The cloud standard also requires cloud providers to implement security awareness policies and make relevant staff aware of the potential consequences (for staff, the cloud provider and the customer) of breaching privacy and security rules.
As the first-ever standard that deals with the protection of personal data for the cloud, ISO/IEC 27018 has the following key objectives:
ISO/IEC 27018 provides a practical basis to induce confidence in the cloud industry. At the same time, the public cloud industry will have clear guidance in order to meet some of the legal and regulatory concerns of its clients.
ISO/IEC 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect “personally identifiable information” in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.
In particular, ISO/IEC 27018:2014 specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of “personally identifiable information” which might be applicable within the context of the information security risk environment(s) of a provider of public cloud services.
ISO/IEC 27018:2014 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations, which provide information processing services as “personally identifiable information” processors via cloud computing under contract to other organizations.
The guidelines in ISO/IEC 27018:2014 might also be relevant to organizations acting as “personally identifiable information” controllers; however, “personally identifiable information” controllers can be subject to additional “personally identifiable information” protection legislation, regulations and obligations, not applying to “personally identifiable information” processors. ISO/IEC 27018:2014 is not intended to cover such additional obligations.
As a guiding principle, ISO/IEC 27018 standards and guidelines facilitate the retention by the cloud service customer of authority to determine the scope of any use and handling of its “personally identifiable information”. The following controls and implementation guidelines set forth in ISO/IEC 27018 as generally applicable to cloud service providers processing “personally identifiable information”:
The graphic representation of that cube does not involve a technical solution which would prevent it from being protected as a mark.
At the request of Seven Towns Ltd, a UK company which manages inter alia intellectual property rights relating to the ‘Rubik’s Cube’, the EU’s Trademark Office (OHIM) registered, in 1999, the shape of that cube in respect of “three-dimensional puzzles” as a three-dimensional Community trade mark.
In 2006, Simba Toys GmbH & Co. KG, a German toy manufacturer, applied to OHIM to have the three-dimensional mark cancelled on the ground inter alia that it involves a technical solution consisting of its rotating capability, since such a solution may be protected only by patent and not as a mark. OHIM dismissed its application and Simba Toys therefore brought an action before the General Court for annulment of OHIM’s decision.
In its Judgment in Case T-450/09, Simba Toys GmbH & Co. KG v OHIM, the General Court (Sixth Chamber) dismisses the action brought by Simba Toys.
In the first place, the Court finds that the essential characteristics of the contested mark are, first, the cube per se and, second, the grid structure which appears on each of its surfaces. According to the Court, the bold black lines which form part of that structure and which appear on the three representations of the cube by criss-crossing the inside of those representations are not suggestive of any rotating capability of the individual elements of the cube and therefore do not fulfil any technical function.
The rotating capability of the vertical and horizontal lattices of the Rubik’s Cube does not result either from the black lines or the grid structure, but from an internal mechanism of the cube which is invisible on its graphic representations. Consequently, the registration of the shape of the Rubik’s cube as a Community trade mark cannot be refused on the ground that that shape incorporates a technical function.
In the second place, the Court finds that the mark in question does not allow its proprietor to prohibit third parties from marketing all types of three-dimensional puzzles that have a rotating capability. The Court states that the proprietor’s marketing monopoly is limited to three- dimensional puzzles that have the shape of a cube the surfaces of which bear a grid structure.
In the third place, the Court finds that the cubic grid structure of the mark in question differs considerably from the representations of other three-dimensional puzzles available on the market. That structure therefore has distinctive character which enables consumers to identify the producer of the goods in respect of which the mark is registered.
The Insurance Block Exemption Regulation (“IBER”) is a sector-specific legal instrument that allows (re)insurers to benefit from an exemption to the prohibition of anti-competitive arrangements laid down in Article 101 (1) of the Treaty on the Functioning of the European Union (TFEU). At present, the exemption covers two types of agreements between (re)insurance undertakings:
The insurance sector is one of three sectors that still benefits from a block exemption regulation, since the concept of the direct applicability of the exemption of Article 101 (3) TFEU was introduced with Council Regulation 1/2003. The IBER expires on 31 March 2017 and the Commission will consider whether any parts of it would merit a renewal. In this regard, the Commission is required to submit a report on the functioning and the future of the IBER to the European Parliament and the Council by March 2016. The Commission is therefore gathering views and market information to carry out its assessment.
To that purpose the Commission has drawn a Questionnaire and invited all stakeholders to submit all relevant information on the functioning of the IBER, as well as their views on whether the Commission should renew any of the IBER provisions in a new block exemption regulation. Input from stakeholders will be a key element for the Commission’s assessment. The Commission welcomes comments in particular from (re)insurance undertakings, industry associations, insurance intermediaries, public authorities, consumer organisations and customers, as well as competition practitioners, researchers and think tanks. Comments from other stakeholders who have direct experience with the application of the IBER are also welcome.
On 24 October 2012, the Italian Constitutional Court declared invalid the provision of Legislative Decree n. 28 dated 4 March 2010 which had implemented the mandatory mediation procedure for the resolution of certain disputes.
Article 87 of the Italian Decree Law No. 69 of 21 June 2013 reintroduced the mandatory mediation for cross-border and domestic disputes, which had been covered by Italian Legislative Decree No. 28 of 4 March 2010.
The mediation procedure includes disputes on insurance matters (with the exception of motor third party liability litigation), medical and hospital liability.
Furthermore, among other changes it has been introduced Section 185 bis into the Italian Code of Civil Procedure, which requires the Court to “(…) formulate a proposal for amicable settlement or arrangement to the parties (…)”, also specifying that “(…) the rejection of the proposal made by the Court, without a justified reason, shall constitute conduct that may be considered (…) for the purposes of the ruling”.
The new provisions concerning the mandatory mediation shall enter into force on 21 September 2013.
The Safe-Harbour provision, in place since the early years of the tech boom in the late 1990s, allows US companies to satisfy EU rules by signing up to a self-reporting scheme, supervised by the US federal trade commission. It is based on the principle that US data privacy standards are equivalent to those in Europe.
Viviane Reding, the commissioner overseeing data protection, told that her office had begun an assessment of the “Safe Harbour” used by Google and Facebook, as well as thousands of smaller US tech companies.
The Safe Harbor agreement between the EU and US is under review as it may be a “loophole” for data transfers to take place at a lower standard of data protection than EU law permits, the European Commission has said.
The European Union has therefore launched a commission to review the U.S. Department of Commerce’s Safe Harbor agreement. The review comes in the wake of PRISM, the US National Security Agency’s data collection program. Safe Harbor is a voluntary program for U.S.-based companies with operations in the EU to transfer personal data across EU borders.
The EU, indeed, argues that the Safe Harbor program may be using “loopholes” to skirt EU data privacy rules. The International Trade Association (ITA), acknowledges the “criticisms,” but disagrees, saying that the program operates within its framework. Safe Harbor is based on the EU Data Protection Directive, and, as noted by the ITA, is limited when national security or defense matters are in question.
EU officials would like to review Safe Harbor for compatibility with new EU laws on data protection. While the U.S. is open to discussions on Safe Harbor, it is not likely that they will tighten any restrictions on it.
At issue is the reach of the draft EU legislation. It would require non-European companies to comply with EU laws in full when serving European customers – something that US officials argue is extraterritorial. It would also allow Brussels to fine companies that did not comply up to 2 per cent of their total annual turnover.
Advocate General’s Opinion in Case C-131/12 Google Spain SL, Google Inc. v Agencia Española de Protección de Datos, Mario Costeja González considers that search engine service providers are not responsible, on the basis of the Data Protection Directive, for personal data appearing on web pages they process.
In early 1998, a newspaper widely circulated in Spain published in its printed edition two announcements concerning a real-estate auction connected with attachment proceedings prompted by social security debts. A person was mentioned as the owner. At a later date an electronic version of the newspaper was made available online by its publisher.
In November 2009 this person contacted the publisher of the newspaper asserting that, when his name and surnames were entered in the Google search engine, a reference appeared linking to pages of the newspaper with these announcements. He argued that the proceedings had been concluded and resolved many years earlier and were now of no relevance. The publisher replied that erasure of his data was not appropriate, given that the publication was effected by order of the Spanish Ministry of Labour and Social Affairs.
In February 2010, he contacted Google Spain and requested that the search results show no links to the newspaper when his name and surnames were entered into Google search engine. Google Spain forwarded the request to Google Inc., whose registered office is in California, United States, taking the view that the latter was the undertaking providing the internet search service.
Thereafter he lodged a complaint with the Agencia Española de Protección de Datos (Spanish Data Protection Agency, AEPD) against the publisher and Google. By a decision on 30 July 2010, the Director of the AEPD upheld the complaint against Google Spain and Google Inc., calling on them to withdraw the data from their index and to render future access to them impossible. The complaint against the publisher was rejected, however, because publication of the data in the press was legally justified. Google Inc. and Google Spain have brought two appeals before the Audiencia Nacional (National High Court, Spain), seeking annulment of the AEPD decision. In this context, this Spanish court has referred a series of questions to the Court of Justice.
In today’s Opinion, Advocate General Niilo Jääskinen addresses first the question of the territorial scope of the application of national data protection legislation. The primary factor that gives rise to its application is the processing of personal data carried out in the context of the activities of an establishment of the controller (according to the Data Protection Directive, the “controller” is the person or body which alone or jointly with others determines the purposes and means of the processing of personal data) on the territory of the Member State. However, Google claims that no processing of personal data relating to its search engine takes place in Spain. Google Spain acts merely as commercial representative of Google for its advertising functions. In this capacity it has taken responsibility for the processing of personal data relating to its Spanish advertising customers.
The Advocate General considers that this question should be examined taking into account the business model of internet search engine providers. This normally relies on keyword advertising which is the source of income and the reason for the provision of a free information location tool. The entity in charge of keyword advertising is linked to the internet search engine. This entity needs a presence on national advertising markets and that is why Google has established subsidiaries in many Member States. Hence, in his view, it must be considered that an establishment processes personal data if it is linked to a service involved in selling targeted advertising to inhabitants of a Member State, even if the technical data processing operations are situated in other Member States or third countries. Therefore, Mr Jääskinen proposes that the Court declare that processing of personal data takes place within the context of a controller’s establishment and, therefore, that national data protection legislation is applicable to a search engine provider when it sets up in a Member State, for the promotion and sale of advertising space on the search engine, an office which orientates its activity towards the inhabitants of that State.
Secondly, as for the legal position of Google as an internet search engine provider, Mr Jääskinen recalls that, when the Directive was adopted in 1995, the Internet and search engines were new phenomena and their current development was not foreseen by the Community legislator. He takes the view that Google is not generally to be considered as a “controller” of the personal data appearing on web pages it processes, who, according to the Directive, would be responsible for compliance with data protection rules. In effect, provision of an information location tool does not imply any control over the content included on third party web pages. It does not even enable the internet search engine provider to distinguish between personal data in the sense of the Directive, which relates to an identifiable living natural person, and other data. In his opinion, the internet search engine provider cannot in law or in fact fulfil the obligations of the controller provided in the Directive in relation to personal data on source web pages hosted on third party servers.
Therefore, a national data protection authority cannot require an internet search engine service provider to withdraw information from its index except in cases where this service provider has not complied with the exclusion codes or where a request emanating from a website regarding an update of cache memory has not been complied with. This scenario does not seem pertinent in the present case. A possible “notice and take down procedure” concerning links to source web pages with illegal or inappropriate content is a matter for national civil liability law based on grounds other than data protection.
Thirdly, the Directive does not establish a general “right to be forgotten”. Such a right cannot therefore be invoked against search engine service providers on the basis of the Directive, even when it is interpreted in accordance with the Charter of Fundamental Rights of the European Union (in particular, the rights of respect for private and family life under Article 7 and protection of personal data under Article 8 versus freedom of expression and information under Article 11 and freedom to conduct a business under Article 16).
The rights to rectification, erasure and blocking of data provided in the Directive concern data whose processing does not comply with the provisions of the Directive, in particular because of the incomplete or inaccurate nature of the data. This does not seem to be the case in the current proceedings.
The Directive also grants any person the right to object at any time, on compelling legitimate grounds relating to his particular situation, to the processing of data relating to him, save as otherwise provided by national legislation. However, the Advocate General considers that a subjective preference alone does not amount to a compelling legitimate ground and thus the Directive does not entitle a person to restrict or terminate dissemination of personal data that he considers to be harmful or contrary to his interests.
It is possible that the secondary liability of the search engine service providers under national law may lead to duties amounting to blocking access to third party websites with illegal content such as web pages infringing intellectual property rights or displaying libellous or criminal information. In contrast, requesting search engine service providers to suppress legitimate and legal information that has entered the public domain would entail an interference with the freedom of expression of the publisher of the web page. In his view, it would amount to censorship of his published content by a private party.
Hungarian law authorises Hungarian companies to convert, but does not allow a company governed by the law of another Member State to convert to a Hungarian company.
The Italian company Vale Costruzioni S.r.l. was incorporated and added to the commercial register in Rome in 2000. On 3 February 2006, that company applied to be deleted from that register as it wished to transfer its seat and business to Hungary, and to discontinue business in Italy. On 13 February 2006, the company was removed from the Italian commercial register, in which it was noted that ‘the company had moved to Hungary.
Once the company had been removed from the register, the director of Vale Costruzioni S.r.l. and another natural person incorporated Vale Építési Kft. The representative of Vale Építési Kft. requested a Hungarian commercial court to register the company in the Hungarian commercial register, together with an entry stating that Vale Costruzioni S.r.l. was the predecessor in law of Vale Építési kft. However, that application was rejected by the commercial court on the ground that a company which was incorporated and registered in Italy could not transfer its seat to Hungary and could not be registered in the Hungarian commercial register as the predecessor in law of a Hungarian company.
The Legfelsőbb Bíróság (i.e.: Supreme Court, Hungary), which has to adjudicate on the application to register Vale Építési Kft., asks the Court of Justice whether Hungarian legislation which enables Hungarian companies to convert but prohibits companies established in another Member State from converting to Hungarian companies is compatible with the principle of the freedom of establishment. In that regard, the Hungarian court seeks to determine whether, when registering a company in the commercial register, a Member State may refuse to register the predecessor of that company which originates in another Member State.
In its Judgment in Case C-378/10 VALE Építési Kft. the Court of Justice of the European Union notes that, in the absence of a uniform definition of companies in EU law, companies exist only by virtue of the national legislation which determines their incorporation and functioning. Thus, in the context of cross-border company conversions, the host Member State may determine the national law applicable to such operations and apply the provisions of its national law on the conversion of national companies that govern the incorporation and functioning of companies.
However, the Court of Justice points out that national legislation in this area cannot escape the principle of the freedom of establishment from the outset and, as a result, national provisions which prohibit companies from another Member State from converting, while authorising national companies to do so, must be examined in light of that principle.
In that regard, the Court finds that, by providing only for conversion of companies which already have their seat in Hungary, the Hungarian national legislation at issue, treats, in a general manner, companies differently according to whether the conversion is domestic or of a cross-border nature.
However, since such a difference in treatment is likely to deter companies which have their seat in another Member State from exercising the freedom of establishment, it amounts to an unjustified restriction on the exercise of that freedom.
Moreover, the Court notes, firstly, that the implementation of a cross-border conversion requires the consecutive application of two national laws to that legal operation. Secondly, the Court states that specific rules capable of substituting national provisions cannot be inferred from Articles 49 TFEU and 54 TFEU. In such circumstances, national provisions must be applied in compliance with the principles of equivalence and effectiveness designed to ensure the protection of the rights which individuals acquire under EU law.
Consequently, the Court finds, firstly, that the application by Hungary of the provisions of its national law on domestic conversions governing the incorporation and functioning of companies, such as the requirements to draw up lists of assets and liabilities and property inventories, cannot be called into question.
Secondly, where a Member State requires, in the context of a domestic conversion, strict legal and economic continuity between the predecessor company which applied to be converted and the converted successor company, such a requirement may also be imposed in the context of a cross-border conversion.
However, the Court finds, thirdly, that EU law precludes the authorities of a Member State from refusing to record in its commercial register, in the case of cross-border conversions, the company of the Member State of origin as the predecessor in law of the converted company, if such a record is made of the predecessor company in the case of domestic conversions.
Finally, the Court answers that, when examining a company’s application for registration, the authorities of the host Member State are required to take due account of documents obtained from the authorities of the Member State of origin certifying that, when it ceased to operate in the Member State of origin, that company did in fact comply with the national legislation of that Member State.
In its Judgement in Case C-5/11 Titus Alexander Jochen Donner, the Court of Justice of the European Union ruled that a Member State may bring an action under national criminal law against a transporter for the offence of aiding and abetting the prohibited distribution of copyright-protected works on national territory, even where those works are not protected by copyright in the vendor’s Member State.
Mr Donner, a German national, was found guilty by the Landgericht München II (Regional Court, Munich II, Germany) of aiding and abetting the prohibited commercial exploitation of copyright- protected works. According to the findings of the regional court, between 2005 and 2008 Mr Donner had distributed replicas of furnishings in the so-called “Bauhaus” (these included chairs from the Aluminium Group, designed by Charles and Ray Eames, Wagenfeld lights, designed by Wilhelm Wagenfeld, seating, designed by Le Corbusier, the occasional table called the “Adjustable Table” and “Tubelight” lamps, designed by Eileen Gray, and tubular steel cantilever chairs, designed by Mart Stam) style, which was protected by copyright in Germany, for sale to customers residing in Germany.
These replicas originated from Italy, where they were not protected by copyright between 2002 and 2007, nor were they fully protected at the relevant time because, according to Italian case-law, that protection was unenforceable against producers who had reproduced or offered them for sale and/or marketed them for a certain time. The replicas had been offered for sale to customers residing in Germany by the Italian undertaking Dimensione Direct through advertisements and supplements in newspapers, direct publicity letters and a German-language internet website.
For transport to customers residing in Germany, Dimensione recommended using the Italian transport undertaking In.Sp.Em, of which Mr Donner was the principal director. The In.Sp.Em drivers collected the items ordered by German customers in Italy and paid the relevant purchase price to Dimensione. The In.Sp.Em drivers then collected the purchase price and freight charges from the customer on delivery in Germany. From a legal point of view, ownership of the goods sold by Dimensione was transferred in Italy to the German customers. The transfer of the power of disposal over the goods, however, did not take place until the goods were handed over to the purchaser in Germany, with the help of Mr Donner. Thus, according to the regional court, the distribution for the purposes of copyright did not take place in Italy, but rather in Germany, where it was prohibited in the absence of authorisation from the copyright holders.
Mr Donner appealed on a point of law against the judgment of the regional court to the Bundesgerichtshof (Federal Court of Justice, Germany). That court seeks to know whether the application of German criminal law gives rise, in the present case, to an unjustified restriction on the free movement of goods, as guaranteed under EU law.
In its judgment delivered today, the Court of Justice observes, firstly, that the application of criminal law in the present case presupposes that there has been, on the national territory, a “distribution to the public” for the purposes of EU law (Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society in OJ 2001 L 167, p. 10). In that regard, it finds that a trader who directs his advertising at members of the public residing in a given Member State and creates or makes available to them a specific delivery system and payment method, or allows a third party to do so, thereby enabling those members of the public to receive delivery of copies of works protected by copyright in that same Member State, makes, in the Member State where the delivery takes place, such a distribution. In the present case, the Court leaves it to the national court to determine whether there is evidence supporting a conclusion that that trader did actually make such a distribution to the public.
Secondly, the Court finds that the prohibition on distribution in Germany which is sanctioned by national criminal law does constitute a restriction on the free movement of goods. Such a restriction may, however, be justified by reasons relating to the protection of industrial and commercial property.
The restriction in question is based on the differing conditions of copyright protection operating across the EU. These differences are inseparably linked to the very existence of those rights. In the present case, the protection of the right of distribution cannot be deemed to give rise to a disproportionate or artificial partitioning of the markets. The application of criminal law provisions may be considered necessary to protect the specific subject-matter of the copyright, which confers inter alia the exclusive right of exploitation. The restriction in question thus seems to be justified and proportionate to the objective pursued.
Accordingly, the Court’s answer is that EU law does not preclude a Member State from bringing an action under national criminal law for the offence of aiding and abetting the prohibited distribution of copyright-protected works where such works are distributed to the public on the territory of that Member State (Germany) in the context of a sale, aimed specifically at the public of that State, concluded in another Member State (Italy) where those works are not protected by copyright or the protection conferred on them is not enforceable as against third parties.
Italian legislation on the reorganisation of local taxationauthorises the provinces and municipalities to organise their own revenues, including taxes, by means of regulations. Local authorities may choose to award the tasks of assessment and collection of taxes and all local revenues to third party operators. In that case, those activities are awarded by means of concessions which comply with EU legislation on the tendering of the management of local public services.
The concession holders first collect the tax revenue covered by the contracts and then, after retaining a “collection charge”, pay the amounts in question over to the public authorities at the end of each quarter. The profit of the concession holders is also generated by financial market transactions carried out using the funds which they hold.
Italian legislationalso provides that private companies seeking to carry out those activities must be entered in a register of private undertakings authorised to perform activities relating to the assessment and collection of taxes. They must have a fully paid-up share capital of EUR 10 million, whereas companies in which a majority of the share capital is in public ownership are not subject to that condition. The award of those services to operators which fail to satisfy that financial requirement is null and void. Such operators may not be awarded new contracts, and may not participate in tendering procedures initiated for that purpose, unless they increase their share capital accordingly.
The Tribunale Amministrativo Regionale per la Lombardia (Regional Administrative Court, Lombardy) is required to rule in several sets of proceedings between private companies and regional municipalities in Lombardy. Those private undertakings submitted tenders for the award of concessions but were excluded from the procedure because they did not have a fully paid-up share capital of EUR 10 million.
The Italian court has referred questions to the Court of Justice concerning the compatibility of the Italian legislation with European Union law and, in particular, with the rules on freedom to provide services and freedom of establishment.
In its Judgment in Joined Cases C-357/10 to C-359/10 Duomo Gpa Srl and Others v Comune di Baranzate and Others, the Court’s reply is that the Italian legislation amounts to a restriction on freedom of establishment and freedom to provide services inasmuch as it contains a condition relating to minimum share capital and forces private operators wishing to pursue those activities to incorporate and to have a fully paid-up share capital of EUR 10 million.
Consequently, such a provision impedes or renders less attractive the freedom of establishment and the freedom to provide services.
The Court then goes on to examine whether such a restriction may be justified by overriding reasons in the public interest.
The only ground of justification raised before the Court is the need to protect public authorities against possible non-performance by the concession holder, in the light of the high overall value of the contracts which have been awarded to it. In practice, the concession holders, by first collecting the tax revenue, hold and deal with millions of euros which they are required to pay over to the public authorities.
The Court does not rule out the possibility that such an objective may constitute an overriding reason in the public interest – and not a reason that is purely economic in nature. However, it notes that a restriction of the fundamental freedoms may be justified only if the relevant measure is appropriate for ensuring the attainment of the legitimate objective pursued and does not go beyond what is necessary to attain that objective.
According to the referring court, however, other provisions are capable of providing adequate protection for public authorities; proof, on the part of the operator concerned, of its technical and financial capacity, creditworthiness and solvency, or, in addition, the application of minimum thresholds for share capital that vary depending on the value of the contracts actually awarded to the concession holder.
Consequently, the Court finds that, as the Italian provision goes beyond the objective of protecting the public authorities against non-performance by concession holders, it contains disproportionate, and therefore unjustified, restrictions of the fundamental freedoms.
On those grounds, the Court ruled that Articles 43 EC and 49 EC must be interpreted as precluding a provision, such as that at issue, under which economic operators, except companies in which all or a majority of the share capital is in public ownership, are required, if necessary, to increase their fully paid up capital to a minimum of EUR 10 Million in order to be entitled to pursue the activities of assessment, verification and collection of taxes and other local authority revenue; and the award of those services to operators who fail to satisfy the minimum requirement of share capital is to be null and void, and it is prohibited to obtain new contracts or participate in tender procedures for the operation of those services until the abovementioned requirement to adjust share capital has been met.
Article 101 TFEU prohibits agreements which have as their object or effect the restriction of competition. Article 101(3) TFEU provides, subject to certain conditions, for agreements which improve the distribution of products or contribute to promoting economic progress to be granted an individual exemption. In addition, various regulations provide that certain categories of agreements may qualify for a block exemption. One of those regulations, the Vertical Agreement Block Exemption Regulation, provides such an exemption for distribution agreements which meet certain conditions. However, that regulation contains a list of agreements which may not benefit from a block exemption.
Pierre Fabre Dermo-Cosmétique (“PFDC”) is one of the companies in the Pierre Fabre group. It manufactures and markets cosmetics and personal care products and has several subsidiaries, including, inter alia, the Klorane, Ducray, Galénic and Avène laboratories, whose cosmetic and personal care products are sold, under those brands, mainly through pharmacists, on both the French and the European markets.
The products in question are not classified as medicines and are, therefore, not covered by the pharmacists’ monopoly laid down by French law. However, distribution contracts for those products in respect of the Klorane, Ducray, Galénic and Avène brands stipulate that sales must be made exclusively in a physical space and in the presence of a qualified pharmacist, thereby restricting in practice all forms of internet selling.
In October 2008, following an investigation, the Autorité de la concurrence (French Competition Authority) decided that, owing to the de facto ban on all internet sales, PFDC’s distribution agreements amounted to anti-competitive agreements contrary to both French law and European Union competition law. The Competition Authority found that the ban on internet selling necessarily had as its object the restriction of competition and could not benefit from a block exemption. The Authority also decided that the agreements could not benefit from an individual exemption either.
PFDC challenged that decision before the Cour d’appel de Paris (France), which has asked the Court of Justice whether a general and absolute ban on internet selling amounts to a restriction of competition “by object”, whether such an agreement may benefit from a block exemption and whether, where the block exemption is inapplicable, the agreement may benefit from an individual exemption under Article 101(3) TFEU.
In its Judgment in Case C-439/09 Pierre Fabre Dermo-Cosmétique SAS v Président de l’Autorité de la Concurrence and Others, the European Court of Justice recalls that in order to assess whether a contractual clause involves a restriction of competition “by object”, regard must be had to the content of the clause, the objectives it seeks to attain and the economic and legal context of which it forms a part.
As regards agreements constituting a selective distribution system, the Court has already stated that such agreements necessarily affect competition in the common market. Such agreements are to be considered, in the absence of objective justification, as “restrictions by object”. However, a selective distribution system is compatible with European Union law to the extent that resellers are chosen on the basis of objective criteria of a qualitative nature, laid down uniformly for all potential resellers and not applied in a discriminatory fashion, that the characteristics of the product in question necessitate such a distribution network in order to preserve the product’s quality and ensure its proper use, and, finally, that the criteria laid down do not go beyond what is necessary.
After recalling that it is for the referring court to examine whether a contractual clause which de facto prohibits all forms of internet selling can be justified by a legitimate aim, the Court provides the referring court for that purpose with guidance on the interpretation of European Union law to enable it to reach a decision.
Thus, the Court points out that, in the light of the freedoms of movement, it has not accepted – as it has already stated in the context of the sale of non-prescription medicines and contact lenses – arguments relating to the need to provide individual advice to the customer and to ensure his protection against the incorrect use of products, put forward to justify a ban on internet sales. Similarly, the Court rules that the need to maintain the prestigious image of PFDC’s products is not a legitimate aim for restricting competition.
As to whether a selective distribution contract may benefit from a block exemption, the Court recalls that the exemption does not apply to vertical agreements which have as their object the restriction of active or passive sales to end users by members of a selective distribution system operating at the retail level of trade. A contractual clause which de facto prohibits the internet as a method of marketing at the very least has as its object the restriction of passive sales to end users wishing to purchase online and located outside the physical trading area of the relevant member of the selective distribution system. Consequently, the block exemption does not apply to that contract.
However, such a contract may benefit, on an individual basis, from the exception provided for in Article 101(3) TFEU, if the referring court finds that the conditions laid down in that provision are met.
Under the regulation on the protection of geographical indications for spirit drinks (see Regulation (EC) No 110/2008 of the European Parliament and of the Council of 15 January 2008 on the definition, description, presentation, labelling and the protection of geographical indications of spirit drinks and repealing Council Regulation (EEC) No 1576/89), it is possible to register as a geographical indication the name of a country, region or locality from which a spirit drink originates, where a given quality, reputation or other characteristic of that drink is essentially attributable to its geographical origin. A registration of that kind is made upon application by the Member State of origin of the drink. The application must be accompanied by a technical file listing the specifications which the drink must meet if it is to be able to be designated by the protected geographical indication.
Furthermore, the regulation prohibits the registration of trade marks which may adversely affect a protected geographical indication and states that, as a general rule, where such a mark has already been registered, it must be invalidated. The regulation mentions “Cognac” as a geographical indication identifying wine spirits originating from France.
Gust. Ranin Oy, a Finnish company, applied in Finland for the registration, for spirit drinks, of two figurative marks in the form of a bottle label bearing descriptions of the spirit drinks containing the term “Cognac” and its Finnish translation, “konjakki”. Although the Finnish authorities have accepted the application for registration, the Bureau national interprofessionel du Cognac – a French organisation of cognac producers – contests the legality of that registration before the Finnish courts.
The Korkein hallinto-oikeus (i.e.: Supreme Administrative Court, Finland) asks the Court of Justice whether it is permissible under the regulation to register national trade marks containing the term “Cognac” for products which, in terms of manufacturing method and alcohol content, do not meet the requirements set for the use of the geographical indication “Cognac”.
In its judgment given today (see Judgment in Joined Cases C-4/10 and C-27/10 Bureau national interprofessionel du Cognac v Gust. Ranin Oy), the Court states, first of all, that although the contested marks were registered on 31 January 2003 – that is to say, before the regulation entered into force – that regulation is applicable in the present case. In that connection, the Court observes that the retrospective application of the regulation does not undermine the principle of legal certainty or the principle of the protection of legitimate expectations. The obligation on Member States to prevent the use of a geographical indication identifying spirits for alcoholic beverages which do not originate from the place designated by that indication has existed in EU law since 1 January 1996.
Next, the Court observes that the two Finnish trade marks, registered on 31 January 2003, cannot benefit from the derogation provided for under the regulation, in accordance with which the use of a mark which was acquired before the date of protection of the geographical indication in the country of origin (or before 1 January 1996) is permitted, even if it adversely affects the geographical indication concerned. In that regard, the Court points out that, independently of the protection it enjoys under French law, the term “Cognac” has been protected as a geographical indication under EU law since 15 June 1989.
The Court also finds that the use of a mark containing the term “Cognac” for products which are not covered by that indication constitutes a direct commercial use of the protected indication. Such a use is prohibited by the regulation in so far as it concerns comparable products. The Court finds that this may be the position in the case of spirit drinks.
Likewise, the Court finds that the fact that the two Finnish marks incorporate part of the name “Cognac” means that, when the consumer is confronted with the name of the marks on the bottles of spirit drinks not covered by the protected indication, the image triggered in his mind is that of the product whose designation is protected. The Court points out that such “evocation” is also prohibited under the regulation.
In those circumstances, the Court holds that the Finnish authorities must invalidate the registration of the contested marks.
In its Judgment in Case C-235/09 DHL Express France SAS v Chronopost SA the European Court of Justice ruled that the Council Regulation (EC) No 40/94 of 20 December 1993 on the Community Trade Mark (the Regulation) creates Community arrangements for trademarks whereby undertakings may obtain Community trademarks to which uniform protection is given and which produce their effects throughout the entire area of the European Union.
In order to ensure that protection, the Regulation provides that Member States are to designate in their territories “Community trademark courts” having jurisdiction for infringement actions and, if they are permitted under national law, actions in respect of threatened infringement relating to Community trademarks. Where a Community trademark court finds that a defendant has infringed or threatened to infringe a Community trademark, it is to issue an order prohibiting the defendant from proceeding with the acts which infringed or would infringe the Community trademark. It is also to take such measures in accordance with its national law as are aimed at ensuring that this prohibition is complied with.
In relation to this, the Court ruled that Article 98(1) of the Regulation shall be interpreted as meaning that the scope of the prohibition against further infringement or threatened infringement of a Community trade mark, issued by a Community trademark court whose jurisdiction is based on Articles 93(1) to (4) and 94(1) of the Regulation, extends, as a rule, to the entire area of the European Union.
Furthermore, Article 98(1), second sentence, of the Regulation No 40/94, shall be interpreted as meaning that a coercive measure, such as a periodic penalty payment, ordered by a Community trademark court by application of its national law, in order to ensure compliance with a prohibition against further infringement or threatened infringement which it has issued, has effect in Member States to which the territorial scope of such a prohibition extends other than the Member State of that court, under the conditions laid down, in Chapter III of Council Regulation (EC) No 44/2001 of 22 December 2000 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters, with regard to the recognition and enforcement of judgments.
Where the national law of one of those other Member States does not contain a coercive measure similar to that ordered by the Community trademark court, the objective pursued by that measure must be attained by the competent court of that other Member State by having recourse to the relevant provisions of its national law which are such as to ensure that the prohibition is complied with in an equivalent manner.