News / E-Bulletin

GDPR and domain names

Jun 29,2018

Janine Hollesen - Head of Intellectual Property and Donvay Wegierski - Director

By Janine Hollesen and Donvay Wegierski, Directors

On 25 May 2018 the EU’s General Data Protection Regulation (GDPR) came into effect which is applicable to anyone selling goods or providing services to those within the EU. Non-compliance with the GDPR could result in a fine of up to 4% of the company’s global revenues.

The implementation of the GDPR also affects domain names. Access to registrant particulars (on whois registries) have always been disclosed but now whois information is limited to registrar, dates of registration and name server information.

The concern is that the GDPR may have the accidental effect of protecting cyber squatters as tracing the registrant of an unauthorised domain name becomes more onerous, requiring assistance from domain name registries as opposed to finding the information previously available online. Domain name registration at the outset may prove to be the simplest defence. Trade mark registration also means that trade mark owners have priority when new top level domains are launched.

Trade mark owners should therefore ensure that their intellectual property strategy extends to the registration of the trade marks, company names and brands as domain names in relation to all top-level domain names of relevance.