This English translation is provided for information purposes only. The official version of this document is available in German.

Similar documents
- Defendant and Respondent-

This Engilsh translation is provided for information purposes only. The official version of this document is available in German.

.BOSTIK DOMAIN NAME REGISTRATION POLICIES

Attachment 3..Brand TLD Designation Application

MEMORANDUM. Internet Corporation for Assigned Names and Numbers. Thomas Nygren and Pontus Stenbeck, Hamilton Advokatbyrå

ANNEX 1: Registry Reserved Names. Capitalized terms have the meaning as specified in Article 1 of the.vistaprint Domain Name Registration Policies.


.VIG DOMAIN NAME REGISTRATION POLICIES

Form of Registration Agreement

.FARMERS DOMAIN NAME REGISTRATION POLICIES

Exhibit A. Registration Agreement

(i) the data provided in the domain name registration application is true, correct, up to date and complete,

.NIKE DOMAIN NAME REGISTRATION POLICIES

TUCOWS.INFO domain APPLICATION SERVICE TERMS OF USE

. 淡马锡 REGISTRATION POLICIES

.VERSICHERUNG. Eligibility Requirements Dispute Resolution Policy (ERDRP) for.versicherung Domain Names

Summary of Changes to Base Agreement for New gtlds Draft for Discussion

Background on ICANN s Role Concerning the UDRP & Courts. Tim Cole Chief Registrar Liaison ICANN

Application and Agreement.name WHOIS Extensive Search Database

dotberlin GmbH & Co. KG

For GNSO Consideration: Uniform Rapid Suspension System (URS) October 2009

ICANN s Contractual Compliance Program. Tuesday, 25 October 2011

This document contains the registry agreement associated with the Applicant Guidebook for New gtlds.

RULES FOR DOMAIN NAME DISPUTE RESOLUTION

Exhibit A. Registration Agreement

SIMON READHEAD Q.C. PRIVACY NOTICE

FRL Registry BV. Terms & Conditions for the registration and usage of.frl domain names

.BOOKING DOMAIN NAME REGISTRATION POLICIES

UNIFORM RAPID SUSPENSION SYSTEM ( URS ) 11 JANUARY 2012

The World Intellectual Property Organization

Rules for Uniform Domain Name Dispute Resolution Policy ( the Rules )

RULES FOR EXPEDITED ARBITRATION. of the Finland Chamber of Commerce

DUBAI INTERNATIONAL ARBITRATION CENTRE RULES 2007 AS OF 22 ND FEBRUARY Introductory Provisions. Article (1) Definitions

Primary DNS Name : TOMCAT.ASAHI-NET.OR.JP Primary DNS IP: Secondary DNS Name: SKYHAWK.ASAHI-NET.OR.JP Secondary DNS IP:

RULES FOR DOMAIN NAME DISPUTE RESOLUTION. of CEPANI, The Belgian Centre for Arbitration and Mediation

WIPO WORLD INTELLECTUAL PROPERTY ORGANISATION ARBITRATION RULES

Rules for CNNIC Domain Name Dispute Resolution Policy (2012)

EXPLANATORY NOTES B I L L. No. 97. An Act to amend The Arbitration Act, 1992

GNSO Report. Dr Bruce Tonkin Chair, GNSO Council ICANN Board Public Forum Marrakech, June 28, 2006

DOMAIN NAMES REGISTRANT AGREEMENT

(Note: This draft agreement is subject to approval, and to changes as the evaluation period progresses and additional input is received.

REGISTRY AGREEMENT ARTICLE 1. DELEGATION AND OPERATION OF TOP LEVEL DOMAIN; REPRESENTATIONS AND WARRANTIES

WIPO ARBITRATION AND MEDIATION CENTER

REQUEST FOR ARBITRATION

a) to take account of the policy rules that apply to.au domain names, that do not apply to gtld domain names; and

Business Day: means a working day as defined by the Provider in its Supplemental Rules.

REQUEST FOR ARBITRATION

Revised ICANN Procedure For Handling WHOIS Conflicts with Privacy Law

REGISTRAR AGREEMENT By and Between. And. Registry

RULES FOR NATIONAL ARBITRATION FORUM S SUNRISE DISPUTE RESOLUTION POLICY

REGISTRY AGREEMENT ARTICLE 1. DELEGATION AND OPERATION OF TOP LEVEL DOMAIN; REPRESENTATIONS AND WARRANTIES

COMPLAINT FOR IN REM RELIEF. Plaintiffs CostaRica.com, Inc. Sociedad Anonima ( CostaRica.com ) and

dotcoop will cancel, transfer, or otherwise make changes to domain name registrations as rendered by a WIPO ruling.

Business Day: means a working day as defined by the Provider in its Supplemental Rules.

EAA Court Procedural Rules

.Brand TLD Designation Application

Domain Name Dispute Resolution Policies

SINGAPORE INTERNATIONAL ARBITRATION CENTRE (SIAC)

Impact of the General Data Protection Regulation on the WHOIS system

Plaintiff SCOTT STEPHENS (hereinafter Plaintiff ) through his attorney respectfully alleges: INTRODUCTION

Hong Kong Internet Registration Corporation Limited Domain Name Dispute Resolution Policy for.hk and. 香港 domain names Rules of Procedure

Decision of the Dispute Resolution Chamber (DRC) judge

Guide to WIPO Services

Section 2 Competition and supervision cases (1) The Market Court considers as competition and supervision cases those assigned

Utility Model Law I. GENERAL PROVISIONS

If you are registering the domain for a third party, you further agree that they have read and agree to the Nominet T&Cs as well.

SCC Practice: Emergency Arbitrator Decisions

STATUTE OF THE COURT OF JUSTICE OF THE EUROPEAN UNION (CONSOLIDATED VERSION)

ARBITRATION RULES OF THE SINGAPORE INTERNATIONAL ARBITRATION CENTRE SIAC RULES (5 TH EDITION, 1 APRIL 2013)

TRADEMARK CLEARINGHOUSE

Terms and Conditions

Arbitration Rules of the Court of International Commercial Arbitration of the Chamber of Commerce and Industry of Romania

REGISTRANT AGREEMENT Version 1.5

PRIVACY POLICY DOT DM Corporation Commonwealth of Dominica cctld (.dm)

Decision of the Dispute Resolution Chamber

"We", "us" and "our" refers to Register Matrix, trading as registermatrix.com.

Dear ICANN, Best regards, ADR.EU, Czech Arbitration Court

Dominion Registries - Sunrise Dispute Resolution Policy

RULES OF PRACTICE AND PROCEDURE. May 14, 2015

Estonian Central Register of Securities Act 1

Registrar Agreement [Approved Version 4 12 July 2010]

QUALITY ASSURANCE AGREEMENT Production of packaging and/or services for the pharmaceutical industry

TENNIS ANTI-CORRUPTION PROGRAM (2018)

Summary of Changes to Registry Agreement for New gtlds. (Proposed Final version against v.4)

FILED: NEW YORK COUNTY CLERK 11/02/2013 INDEX NO /2013 NYSCEF DOC. NO. 68 RECEIVED NYSCEF: 11/02/2013 EXHIBIT 27

PROPOSED.AU DISPUTE RESOLUTION POLICY (audrp) AND RULES. auda Dispute Resolution Working Group. May 2001

Decision of the Dispute Resolution Chamber (DRC) judge

ADR INSTITUTE OF CANADA, INC. ADRIC ARBITRATION RULES I. MODEL DISPUTE RESOLUTION CLAUSE

NEW GENERIC TOP-LEVEL DOMAIN NAMES ( gtld ) DISPUTE RESOLUTION PROCEDURE OBJECTION FORM TO BE COMPLETED BY THE OBJECTOR

The Swedish Internet Foundation has appointed the WIPO Center as the dispute resolution organization to administer.se domain name disputes.

RULES OF THE SPORTS TRIBUNAL OF NEW ZEALAND 2012

STATUTE OF THE COURT OF JUSTICE OF THE EUROPEAN UNION

AUSTRIA Utility Model Law

ICC Rules of Conciliation and Arbitration 1975

Act CVIII of on certain issues of electronic commerce services and information society services 1

Top Level Design LLC January 22, 2015

21 December GNSO Council Review of the Hyderabad GAC Communiqué. From: James Bladel, GNSO Chair To: Steve Crocker, ICANN Board

STATUTES (version dated 20/06/2017)

LANEAXIS AXIS TOKEN SALE TERMS

WIPO Mediation, Arbitration, Expedited Arbitration and Expert Determination Rules and Clauses. Alternative Dispute Resolution

Transcription:

Translation of Court Order of Regional Court of Bonn of 30 May 2018 Docket no. 10 O 171/18 Certified copy Regional Court of Bonn Court Order In the preliminary injunction proceedings of Internet Corporation for Assigned Names and Numbers (ICANN), represented by its president, Göran Marby, 12025 Waterfront Drive, Suite 300, Los Angeles, CA 90094-2536, USA, Applicant, Attorneys of record: JONES DAY Rechtsanwälte, Breite Straße 69, 40213 Düsseldorf Versus EPAG Domainservices GmbH, Attorneys of record: Defendant, On May 29, 2018, the 10th Civil Chamber of the Regional Court of Bonn through presiding judge at the Regional Court and Judge at the Regional Court ordered:, Judge at the Regional Court The Application for preliminary injunction of May 25, 2018 is rejected at the expense of the Applicant. The value in dispute is set at 50,000.00 Euro.

I. The Applicant asks for an injunction to be issued prohibiting the Defendant from waiving the (additional) collection of data for a technical and administrative contact when awarding Internet domains. The Applicant is a non- profit organization that coordinates the allocation of unique names and addresses on the internet to ensure the stable and secure functioning of the unique identifier system on the Internet. This includes the coordination of the domain name system. In this function, the Applicant concludes agreements with other organizations on the allocation of so- called generic Top Level Domains and - here in dispute - Second Level Domains within the respective Top Level Domains. With regard to the specific Top Level Domains assigned by the Applicant, reference is made to Annex AS 1. Under the so- called "WHOIS'' service, data collected and stored in connection with new registrations are published on a publicly accessible internet portal for identification purposes. As a so- called "accredited registrar" of the Applicant, the Defendant is authorized by an agreement concluded between the parties to assign second level domains under a top level domain assigned by a separate agreement to registrants. Section 3.4 of the Agreement concluded between the parties, the "Registrar Accreditation Agreement" of 22.0-1.2014 (Annex AS 4, RAA), stipulates the following on the basis of the translation of the Agreement originally provided by the Applicant: 3.4.1 For each Registered Name sponsored by Registrar within a gtld, Registrar shall collect and securely maintain, in its own electronic database, as updated from time to time: [ ] 3.4.1.2 The data elements listed in Subsections 3.3.1.1 through 3.3.1.8; The sections referred to stipulate the following: 3.3.1.1 The name of the Registered Name; 3.3.1.2 The names of the primary nameserver and secondary nameserver(s) for the Registered Name; 3.3.1.3 The identity of Registrar (which may be provided through Registrar's website); 3.3.1.4 The original creation date of the registration; 3.3.1.5 The expiration date of the registration; 2

3.3.1.6 The name and postal address of the Registered Name Holder; 3.3.1.7 The name, postal address, e- mail address, voice telephone number, and (where available) fax number of the technical contact for the Registered Name; and 3.3.1.8 The name, postal address, e- mail address, voice telephone number, and (where available) fax number of the administrative contact for the Registered Name. Section 3.7.2 of the RAA provides that the registrar shall comply with applicable laws and government regulations. On the basis of this RAA, the Defendant, as a so- called registrar, assigns internet domains to "third parties willing to register", i.e. natural and legal persons. Up to now, in accordance with the above- mentioned contractual provisions, the Defendant has also collected (and stored) other personal data in addition to the domain holder's contact data, both for technical and administrative contact. Now - under the impression of the GDPR which recently entered into force - the Defendant announced to the Applicant that in the future allocation of domain names only the data of the domain holder itself will be collected and the additional collection of data of a technical and administrative contact will be waived. The Applicant is of the opinion that the Defendant is contractually obliged to also collect the data for the technical and administrative contact. These data are also absolutely necessary to achieve the Applicant's purposes. The GDPR, which recently came into force, is not opposed to this. The matter was urgent as the Defendant had announced that it wanted to change its previous practice. The Applicant requests, to order Defendant by way of a preliminary injunction, due to the urgency without prior oral hearing and issued by the presiding judge instead of the full bench, and under penalty of a disciplinary fine of up to EUR 250,000.00, to cease and desist, as an ICANN accredited registrar with regard to any generic Top Level Domain listed in Appendix AS 1, from offering and/or registering second level domain names without collecting the following data of the registrant that registers that second level domain name through the Defendant: The name, postal address, e- mail address, voice telephone number, and (where available) fax number of the technical contact for the registered second level domain names; and/or 3

The name, postal address, e- mail address, voice telephone number, and (where available) fax number of the administrative contact for the registered second level domain name. The Defendant requests in its protective letter to dismiss the application for an injunction. It is of the opinion that the collection (and storage) of personal data of the administrative and technical contact violates the provisions of the GDPR that came into force on 25 May 2018, in particular Article 5 (1) (c) in conjunction with Article 5 (1) in connection with Art. 25 GDPR, and it is therefore no longer admissible to require the Defendant to do so, especially since it is also regulated in the Contract that the Defendant must comply with the applicable law. For further facts and details of the case, reference is made to the Applicant's application together with its appendices and the Defendant's protective letter. II. 1. The Regional Court of Bonn has jurisdiction to decide on the application for an interim injunction. It is true that the parties have agreed on an arbitration clause in Art. 5.8 of the RAA in dispute, according to which the following applies: "In support of the arbitration and/or to protect the rights of the parties during the arbitration, the parties have the right to request interim relief from the arbitral tribunal or from a court in Los Angeles, California USA, which does not constitute a waiver of this arbitration clause. However, a derogation with regard to the state court located at the seat of the agreed arbitration court is not effectively possible in the area of interim legal protection, which is why it remains (also) within the jurisdiction of the state court competent according to general rules (see OLG Köln GRUR- RR 2002, 309). 2. The admissible application for the sought interim injunction had to be rejected, since it proves to be unfounded. A claim for relief was not substantiated. Although the Applicant may formally rely on the content of the Contract concluded with the Defendant, in particular 3.4.1 in conjunction with 3.3.1.7 and 3.3.1.8 RAA, according to which, in 4

addition to the data of the registrant, further data on the so- called Tech- C and Admin- C must be collected (and stored), which also corresponded to the Defendant's previous practice. However, the Contract also contains the - generally valid - regulation that the Defendant, for its part, as registrar, must comply with applicable laws and regulations. Against this background, the Applicant can only claim loyalty to the Contract from the Defendant to the extent that the contractual agreements are in accordance with applicable law, 242 BGB. According to the provisions of Art. 5 para. 1 lit. b) and c) GDPR, according to which "personal data which is at least partially undisputed - may only be collected for specified, explicit and legitimate purposes (lit. b) and must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (lit. c), a sufficient necessity in the aforementioned sense has not been substantiated by the Applicant in the view of the Chamber - even taking Art. 6 para. 1 GDPR into account. The Applicant has not demonstrated that the storage of other personal data than that of the domain holder, which continues to be indisputably collected and stored, is indispensable for the purposes of the Applicant. It is obvious that more data makes the identification of persons behind a domain and contacting them appear more reliable than if only one data record of the person generally responsible for the domain is known. However, the domain name holder registered or to be registered is the person responsible for the contents of the relevant website, who does not necessarily have to be different from the Tech- C and Admin- C categories, in other words, can combine all those functions on itself. In so far as the general interests to be ensured by the Applicant relate primarily to criminally relevant or otherwise punishable infringements or security problems which the Applicant watches over, the Chamber considers that this need is satisfied solely by the collection and storage of the data of the domain holder willing to register (whereby the Chamber does not see why less data is collected on the domain holder than on the additional categories Tech- C and Admin- C). Against the background of the principle of data minimization, the Chamber is unable to see why further data sets are needed in addition to the main person responsible. In any case, with regard to the so- called Tech- C, the Applicant also speaks decisively of the solution of (purely) technical problems, which, however, can only be indirectly related to the safety aspects in the foreground. Above all, it must be taken into account that according to the concurring argument of both parties in this respect, the same personal data could be used in all three categories, i.e. those of the domain holder himself, the so- called Tech- C as well as the Admin- C, i.e. with corresponding information from a registrant only one data record instead of three was collected and stored and this also in the past did not lead to the fact that a registration of the domain had to be denied in the absence of data going beyond the domain holder himself. However, if this was possible and should continue to be possible, this is proof that any data beyond the domain holder - different from him - was not previously necessary to achieve the purpose of the Applicant. If they had been necessary in the real sense, it would not have been possible to do without them before; rather, a registration would have been made dependent on the specification of different data records in terms of content and such a 5

registration would not otherwise have been approved. Insofar as the choice of providing different contact data for the Tech- C and Admin- C from the domain holder was in fact already made in the past by the person who wanted to register (and was not an indispensable prerequisite for registration by the Defendant), this means that the person wishing to register will also be able to voluntarily provide their consent to the collection and storage of corresponding personal data in the future (Art. 6 para. 1 lit. a) GDPR and para. 7.2.2 of the RAA) - but he was not forced to do so even before. It does not even matter whether the Defendant's information to the number of domain holders who have not provided different contact details is accurate. Insofar as the Applicant bases its claim to relief on a parallel of the so- called "WHOIS" system to international agreements on trade mark registers, the Chamber is unable to follow this. The legal basis for the trademark registers on the basis of international agreements is missing in relation to the "WHOIS" service claimed by the Applicant. The fundamental comparability of the respective general need for protection does not change this. The decision on costs follows from 91 Paragraph 1 ZPO. III. The amount in dispute was to be limited to EUR 50.000,00. Economic impacts in the amount indicated in the request have not been demonstrated by the Applicant, who describes itself as a non- profit organization, which is why the Chamber, failing further indications, refers to the amount herein set. 6

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback