Jurisdiction, territoriality and data protection: the Belgian Google case

Summary  |  This article deals with the private international law aspects in the Belgian Google case. With its decision of 14 July 2020, the Belgian Data Protection Authority confirms it is competent to hear a complaint filed against Google’s Belgian subsidiary, Google Belgium SA, even though the latter does not determine the purposes and means for the processing – which is determined solely by Google LLC, the mother company located in California. The reasoning of the Authority is three-ponged. First, it establishes that European data protection rules apply to the processing activity in question by applying the case law of the European Court of Justice. This results in the Authority having jurisdiction over the alleged infringement, conditional on the fact that the “one-stop-mechanism” would not be applicable. Then, the Authority establishes that the “one-stop-mechanism” does not apply and that there is thus no lead supervisory authority as the company responsible for the processing activity in question (i.e. Google LLC) is not established in the European Union. Lastly, it establishes that the complainant could bring a complaint only against Google Belgium SA because of the inextricable link between Google Belgium SA and its mother company Google LLC, the ambiguity created by Google themselves and the need for effective recourse for European data subjects. An appeal against the decision is currently pending before the Brussels Court of Appeal, section Market Court. A decision definitely worth keeping an eye out for.

Old, but not forgotten. On 14 July 2020, the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit, hereinafter “BDPA” or the “Authority”) published a decision in a case involving Google following a failure to erase personal data as requested by a data subject (you can read the decision here). Google was found to breach multiple provisions of the General Data Protection Regulation (hereinafter “GDPR”). After an extensive review of the facts and interests at stake, the BDPA imposed a fine of 600k. Not surprisingly, the decision of the BDPA received widespread media attention. The fine imposed on Google is the highest fine to date.

The decision comprises an interesting aspect of private international law. Transnational companies pose multiple problems for national authorities. One of them is the complexity to determine where the processing takes place. The division of tasks within those companies is not always clear. Those questions were precisely what the Authority had to address in the case at hand. Before establishing a breach and being able to impose a fine, the BDPA first had to address whether it had jurisdiction as to such a breach under the GDPR. This is not new. The debate takes place in the bigger context of European countries struggling to ensure proper application of their national rules against transnational companies. It provides us with the opportunity to review the rules of jurisdiction and their functioning in the context of data protection.

The analysis of the BDPA is without a doubt of keen interest to many data protection lawyers, data protection officers, academics and companies, not only in Belgium but across the world.

After a short description of the case at hand (I), we will remind the applicable rules of jurisdiction and applicable law and its evolution in the context of data protection (II). Finally, we will describe how the BDPA applied them in its decision (III)

Facts

The facts leading to the case are quite simple and resemble a common scenario. When looking for information about the complainant on Google – by using his name and surname -, the search results referenced websites revealing personal information about the complainant that he wished others would not see when “googling” his name. The search results were deemed harmful to his honour and reputation.

More concretely, the case concerned a Belgian citizen, heading a big company at the time of the dispute, who had previously been in charge of several public positions and was a member of a Belgian political party, which a series of google search results referred to. In addition to that, some search results referred to articles that described how a complaint for harassment had been directed against him, which had been dismissed. Those websites were all referenced on Google.

The complainant sent Google a request to dereference a number of websites. He used the online form made available by the Google search engine created specifically for people to exercise their “right to be forgotten”, which is directly managed by Google LLC, the parent company located in California.

After examining the request, Google refused for various reasons, such as pages that were inaccessible, or which did not meet Google’s criteria for removal, but also on the ground of the public’s right to information, with considerations for the fact that the complainant is a public figure.

Following Google’s refusal, the complainant filed a complaint against Google’s Belgian subsidiary, Google Belgium SA, with the BDPA, aimed at obtaining the effective dereferencing of the websites at stake.

Preliminary central points of discussion during the proceedings were whether or not the complaint should have been directed against Google Belgium SA, Google LLC or Google Ireland Ltd and whether or not the BDPA had jurisdiction with regard to those parties.

Rules of jurisdiction and applicable law

Although the question of jurisdiction of Member States’ courts and authorities is not new and many issues had already been raised and solved under the regime of Directive 95/46/EC (see more in detail below), it is the first time the question of the BDPA’s jurisdiction is dealt with in Belgium.

Under the directive it was not mandatory for the Member States to grant corrective powers to their data protection authorities, such decision being left at their own appreciation. In Belgium, no such powers had been recognised to the Authority under the Privacy Act of 8 June 1992. Its role at the time was mainly advisory. One exception was the ability of the President of the Authority to file a suit with civil courts in Belgium.

Such power had been used to launch a case against Facebook Belgium BVBA, Facebook Ireland Ltd and Facebook Inc.[1]. At the time, the Brussels Court of Appeal had dismissed it on grounds of lack of jurisdiction of the Belgian courts. Facing the absence of clear rules of jurisdiction, the Brussels Court of Appeal had applied the general regime of private international law to consider that:

The action of the Authority was of a public nature, which excluded the application of both the Brussels Ibis Regulation[2] and of the Belgian Code of Private International Law;

Such exclusion still allowed the Court to have jurisdiction as to the complaints directed towards Facebook Belgium BVBA when it comes to its own behaviour since it was a purely internal situation. This, however, could only lead to sentencing actions which the Belgian company was directly and personally responsible for;

Also, the Court found no ground of jurisdiction as to the case filed against Facebook Ireland Ltd and Facebook Inc. and, therefore, declared itself incompetent.

This approach, combined with the lack of power of the Authority to impose administrative fines, actually led to a lack of effective recourse in Belgium against breaches committed by transnational companies.

The GDPR brought forward an improvement in this regard:

First, it gave corrective powers to all national data protection authorities of the different Members States, effectively offering an additional recourse to data subjects;

It drew clear rules of jurisdiction and applicable law, building upon earlier case law of the European Court of Justice (hereinafter “CJEU”) under Directive 95/46/EC; and

It created a general competence for “lead supervisory authority” when it comes to cross-border processing carried out by data controllers or processors whose main establishment is located in their territory.

Under the GDPR, the European privacy rules are applicable to “processing of personal data in the context of the activities of an establishment of a controller or a processor in the European Union, regardless of whether the processing takes place in the European Union or not” (art. 3.1 GDPR). They are also applicable to “processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: (a) the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the European Union; or (b) the monitoring of their behaviour as far as their behaviour takes place within the European Union” (art. 3.2 GDPR).

Article 55 GDPR provides that “each supervisory authority shall be competent for the performance of the tasks assigned to and the exercise of the powers conferred on it in accordance with this Regulation on the territory of its own Member State”. Recital 122 of the GDPR clarifies that this should cover in particular “processing affecting data subjects on its territory or processing carried out by a controller or processor not established in the Union when targeting data subjects residing on its territory”.

These provisions result from previous case law of the CJEU under Directive 95/46/EC. The first and most well-known case rendered was the Google Spain judgment (CJEU, 13 May 2020, C-131/12, Google Spain et Google Inc. v. Agencia Española de Protección de Datos (AEPD) et Mario Costeja González). In this decision, the Court considered that the promotion of the processing activities of Google Inc by its Spanish subsidiary (offering advertising space to make the search engine profitable) was sufficient for considering the latter as an establishment in the sense of Directive 95/46/EC. Consequently, in this case, Spanish law was applicable to the processing undertaken by Google.

Later, in its Weltimmo judgement, the CJEU stated that any national law on the protection of personal data applies where the data controller exercises, “through stable arrangements in the territory of that Member State, a real and effective activity — even a minimal one — in the context of which that processing is carried out” (CJEU, 1 October 2015, C-230/14, Weltimmo s. r. o. v. Nemzeti Adatvédelmi és Információszabadság Hatóság). Where their national law is applicable, data protection authorities may exercise effective powers of intervention (e.g. impose penalties) on the data controller or processor within the territory of their own Member State.

The combined effect of those cases strengthened the power of data protection authorities to enforce European data protection law on transnational companies, provided that the transnational companies exercised part of their activity through an establishment in that territory. This would apply even if the local entity’s activities merely consists in advertising the services of its parent company (the data controller). It is, therefore, not required that the said establishment actively participates in the processing of personal data, as later confirmed in the Wirtschaftsakademie judgment (CJEU, 5 June 2018, C-2010/16, Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein v. Wirtschaftsakademie Schleswig-Holstein GmbH).

It is the application of those rules that the BDPA had to consider for the first time in the present decision.

The analysis of the BDPA

As explained above, in the case at hand, the BDPA had to determine whether or not it had jurisdiction with regard to the refusal of Google to dereference the websites at stake.

First, the BDPA examined whether or not the GDPR was to be applied. Territoriality is an important principle of the GDPR. The territorial competence stems from the principle in international public law where a State only has competence to enforce the law on its own territory. On that point, when interpreting article 3 GDPR, the BDPA observed a legal gap. The law does not address the situation where a data controller having an establishment in the European Union does not process personal data as part of the activities of that establishment. Applying the case law of the CJEU, the BDPA concluded that the GDPR was applicable because (i) the complainant resided in the European Union, and that (ii) otherwise, if the GDPR did not apply, no adequate, nor full protection could be offered to data subjects.

The next step consisted in determining whether the “one-stop shop” mechanism of article 56 GDPR applied. In other words, whether the BDPA lacked competence because another data protection authority enjoyed a prevailing jurisdiction as a lead supervisory authority. Google argued that this was the case, since the company had chosen its main establishment in Ireland through Google Ireland Ltd. Going through a detailed analysis of the division of tasks between the various companies (Google Inc LLC, Google Ireland Ltd, Google Belgium SA) the BDPA concluded that Google Ireland was not responsible for the processing at stake, i.e. (de)referencing results on the Google search engine. The responsibility for the functioning of the Google search engine and its three phases, namely exploration, indexation and selection of results, falls solely with Google LLC. Google Ireland only processes data for modifying the search results based on the search history of users. It thus concerned a different processing activity than the one in dispute, for which Google Ireland Ltd could not be seen as the main establishment in the sense of article 4.16 GDPR. This line of reasoning has been confirmed by the Council of State in a parallel case against Google in France by a decision of 19 June 2020. The Council of State held that the “one-stop shop” mechanism was not applicable. It confirmed that the French data protection authority (“CNIL”) was competent to impose a €50 million sanction on Google LLC (you can read the decision here).

Finally, the BDPA had to consider whether or not it was competent to hear the complaint filed specifically against Google Belgium SA and not against Google Inc or Google Ireland Ltd. For this part, the BDPA relied on the Google/CNIL judgement of the CJEU (CJEU 24 September 2019, C-507/17, Google LLC v. Commission Nationale de l’Informatique et des Libertés (CNIL)) to allow the complaint by virtue of the inextricable link between Google LLC and Google Belgium SA, and the requirement of adequate and complete protection of data subjects. It was not disputed that Google Belgium SA constituted a “stable establishment” in Belgium. It was also established that the processing was indeed carried out in the context of the activities of the Belgian establishment. The BDPA highlights the international reach and the ambiguity created by Google itself which made it difficult to clearly differentiate the responsibilities of the different entities within the Google group. Therefore, even though Google Belgium SA does not determine the purposes and means for the processing – which is determined solely by Google LLC – the inextricable link and the need for effective recourses that had been highlighted in the Wirtschaftsakademie judgement justified that the complainant directed his complaint to Google Belgium SA alone.  In the BDPA’s view, it is of little importance whether the processing of the data is actually performed outside the European Union by Google LLC employees.

Particular in the reasoning of the BDPA, is that “as its activities are inextricably linked to those of Google LLC, the Belgian subsidiary – given the role it plays and itself describes – can be treated in the same way as a data controller for processing conducted within the context of the operation of Google’s search engine and responses to delisting requests in Belgium”. In these circumstances, Google Belgium SA is responsible for ensuring the compliance of the GDPR in Belgium.

Other aspects of the decision

The decision also deals with other interesting aspects such as the balance of interests between the “right to information” and the “right to be forgotten”, the territorial reach of the dereferencing request (cf. Google/CNIL judgement) and the criteria for determining the height of the fine.

The decision was published on the website of the BDPA because of “the importance of transparency in decision-making process and the decisions of the Litigation Chamber, and in light of the scope of this decision, which concerns a very large number of data subjects – i.e. all Belgian residents, and by extension all residents of the EEA – who might be listed by Google’s search engine in search queries using their first and last names as keywords”.  In the case at hand, the BDPA has decided not to redact Google’s identifying information. This is exceptional. The BDPA is of the opinion “that these redactions are necessary to the pursuit of plaintiff’s objective, which is to be delisted by Google”. The argumentation of Google Belgium SA that the publication of the decision would be counterproductive and would stigmatise Google was rejected. In the reasoning of the BDPA “it is relevant to give this decision sufficient publicity to raise awareness among internet users of their rights under the GDPR”.

Conclusion

The decision, the first one by the BDPA addressing its international jurisdiction since the GDPR entered into force, gives much food for thought. The BDPA confirms it is competent to hear a complaint filed against Google’s Belgian subsidiary, Google Belgium SA, even though the latter does not determine the purposes and means for the processing – which is determined solely by Google LLC, the mother company located in California -.

In its reasoning, the BDPA considers all the existing case law and incorporates it in the recent legal development of data protection law. The BDPA comes up with a practical solution combining a strict legal formalism and the needed considerations for the right to an effective recourse recognised by the GDPR. For David Stevens, the president of the BDPA, this case is of great importance:

This decision is not only important for our Belgian citizens, it also demonstrates our ambition to better protect online privacy together with our fellow European regulators. Concrete actions against such global players are therefore required. In this way, we want to actively contribute to a true data protection culture on a European level as well.” (you can read the article here)

The decision of the BDPA has the potential to significantly impact the way in which global organisations should be thinking about their data protection strategy in Europe.

It remains to be seen if this line of reasoning will be confirmed by the Brussels Court of Appeal, section Market Court. In appeal, it is highly likely that a prejudicial question will be asked to the CJEU regarding the interpretation of the GDPR. In the parallel case in France, Google requested the Council of State – but was denied – that the following question would be asked:

Can a controller established in a country outside the European Union with several establishments in the European Union and a designated European registered office in the territory of a Member State have a “main establishment” within the meaning of Article 4(16) of the GDPR in that Member State in the event that decisions on the purposes and means of processing are taken in that third country?”

We look forward to seeing more development on this matter.

***

Eric De Gryse and Christopher Dumont

You may always contact us should you have any questions.
eric.degryse@simontbraun.eu – +32 2 533 17 52
christopher.dumont@simontbraun.eu – +32 2 533 17 58

With the contribution of Viktor Francq, summer intern 2020 at Simont Braun

 

[1] Brussel, 8 mei 2018, R.D.C.-T.B.H., 2020, nr. 1, p. 75.

[2] Regulation (EU) No 1215/2012 of the European Parliament and of the Council of 12 December 2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters, Pb.L. 20 December 2012, issue 351, 1.

Simont Braun recognised again for its patent expertise by iAM 1000

Our IP team has again been highly recognised in Silver Band for its expertise in patents by iAM Patent. The department is ranked in Silver with the following mention:

“Complex global patent litigation is meat and drink to the lawyers at Simont Braun, who conjure up ingenious solutions to contentious challenges in the life sciences, medical device, electronics sectors. Fernand de Visscher recently played a hand in a high-profile matter for weapons manufacturer FN Herstal, ensuring that his client could keep its key product on the international market. He also teamed up with colleague Eric De Gryse to represent OGI Systems, a diamond and gemstone manufacturer, in parallel infringement proceedings which are also ongoing in Israel and India. They both possess significant trial strength and an intuitive feel for the intricacies of each brief, giving every angle the attention it deserves to cover all bases and construct bulletproof arguments.”

Fernand de Visscher and Eric De Gryse are also individually ranked in Silver for their experience and capabilities.

Thank you to our clients and peers for your trust!

Patent dispute settlements under scrutiny by the CJEU: the crossroads between IP & competition law

Introduction and context

It is safe to say that on 30 January 2020, the Court of Justice of the European Union (hereafter the “CJEU”) handed down a landmark decision in EU IP and competition law. The CJEU writes a new chapter in the patent dispute settlements saga, and more particularly in the debate commonly known as “pay-for-delay”. To recall, in the context of the pharmaceutical sector, “pay-for-delay” is a term used for agreements between originator pharmaceutical companies and generic manufacturers where the latter agrees for a certain period not to enter the market with generic medicines in exchange for a value transfer.

The question arose whether there was an issue with competition law. It is particularly hard to answer when it takes place in the context of a settlement between the originator company and the generic manufacturer following a real dispute (i.e. patent dispute settlements). Ever since the European Commission launched its sector inquiry regarding patent dispute settlements that ended in 2009 (the full first report available here and the latest report of 2018 here), where the issue was brought to the surface, market players and practitioners have been eager to know the CJEU’s take on the matter.

There has been a belief that competition rules on restrictive agreements do not apply to settlement agreements between originator pharmaceutical companies and generic manufacturers who have not yet entered into the market as the companies are not in competition. The pharmaceutical context – and patent law specifically – would constitute an insurmountable barrier to enter the market. There is also the belief that, even if competition law would apply, agreements to settle ongoing court proceedings pursue a legitimate objective which is from the outset incompatible with the categorisation of an agreement as restricting competition by its object, since such settlement agreements have a public interest and are encouraged by the public authorities.

The question of whether a patent dispute settlement agreement would constitute a restrictive agreement by object or by effect is of great importance. When it is considered a restrictive agreement by object, the restrictive effect of the agreement on competition does not need to be proven for there to be an infringement of competition law, as opposed to when it is considered a restrictive agreement by effect.

By way of preliminary ruling, the CJEU, in line with the reasoning of AG Kokott (which you can read here), sheds light on the matter and inter alia (figuratively) bursts these two assumptions. You can read the judgement here.

By way of information, the present case takes place within the context of Lundbeck (case T-472/13) and Servier (T-691/14), currently pending before the CJEU, in which the European Commission found that agreements in settlement of patent disputes constituted infringements of article 101 of the Treaty on the Functioning of the EU (“TFEU”) and with regard to Servier, article 102 TFEU.

 It should also be mentioned that the debate is not only taking place in Europe but also elsewhere in the world. For instance, in California (US), Assembly Bill No. 824 – commonly referred to as the “Pay for Delay” bill (here) – passed, which makes it unlawful for companies to settle patent infringement claims filed by generic manufacturers by providing “anything of value” in exchange for settlement. Any attempts to settle in such a fashion will be considered anti-competitive and open the company to civil litigation. The bill is aimed at lowering the cost of prescription medicines and fostering greater access to healthcare. It became effective on 1 January 2020. Not completely surprising considering that the Supreme Court of the United States had already found in 2013 that these settlements could violate antitrust laws (here).

The position of the CJEU

In the judgement of 30 January 2020, the CJEU responds to 10 questions (which the CJEU boiled down to 5) referred to by the Competition Appeal Tribunal (UK). The latter wonders, in essence, whether an agreement to settle a medicinal product patent dispute constitutes a restriction of competition by object or by effect and whether the conclusion of that agreement, possibly combined with entry into other agreements, constitute an abuse of dominance.

Before going into the decision, it is important to recall the facts briefly. It concerns an originator pharmaceutical company that is the holder of a manufacturing process patent for an active ingredient that is in the public domain, and generic manufacturers who have not yet entered but are preparing to enter the market with generics having the same active ingredient. The originator pharmaceutical company and the generic manufacturers were in dispute as to whether the process patent is valid and/or whether the generics infringe the patent.

Given that the originator pharmaceutical company only held a process patent, there was uncertainty of whether or not there was an infringement. Against that background, the originator pharmaceutical company and the generic manufacturers, even the ones with whom at that time no patent litigation was yet pending, concluded settlement agreements. The generic manufacturers undertook not to enter the market and not to pursue their actions challenging the validity of the patent for the duration of that agreement, in return for transfers of value.

In light of those circumstances, the CJEU responds very precisely by ruling that:

  • the pharmaceutical company and the generic manufacturers are potential competitors provided that the latter have a firm intention and an inherent ability to enter the market, and do not meet barriers to entry that are insurmountable;
  • the settlement agreement where the net gain has no other explanation than the commercial interest of the parties not to engage in competition on the merits, constitutes an agreement that has as its object the prevention, restriction or distortion of competition unless the settlement agreement is accompanied by proven pro-competitive effects capable of giving rise to a reasonable doubt that it causes a sufficient degree of harm to competition;
  • the strategy of the dominant undertaking, which leads it to conclude settlement agreements, which have, at least, the effect of keeping temporarily outside the market potential competitors who manufacture generics, constitutes an abuse of dominant position, provided the strategy has exclusionary effects going beyond the specific anti-competitive effects of each of the settlement agreements.

What should you take away from the judgment?

The decision is without a doubt of significant interest to pharmaceutical company patent holders, generic manufacturers as well as competition and IP lawyers. It provides much food for thought for those presently involved in or contemplating settlement agreements.

In general, the decision teaches us that patent dispute settlements are not immune from competition law review. In particular, it will be important to keep in mind that the mere fact of a dispute between a pharmaceutical company patent holder and a generic manufacturer may be sufficient to demonstrate that they are potential competitors and thus any settlement between them involving a value transfer is likely to attract antitrust scrutiny.

In that regard, the mere existence of the patent, or the likelihood of success in litigation (for example, in proceedings about validity or whether a patent has been infringed) is irrelevant to whether the parties are potential competitors and whether an agreement can affect competition. The question is rather whether, notwithstanding the existence of the patent, the generic manufacturer has real and concrete possibilities of entering the market at the relevant time. To that end, the CJEU explicitly recognised the ‘at risk launch of a generic medicine’ as inherent to the pharmaceutical market.

Positively, the CJEU affirms that patent dispute settlements are not as such prohibited by competition law and neither is the transfer of value in that setting. However, there is a high probability that where agreements involve significant value transfers and the sole consideration given for that value transfer is the generic manufacturer refraining from market entry and from challenging the patent during an agreed period, there will be a finding of a ‘restrictive agreement by object’ prohibited under article 101 TFEU.

The attentive reader might have spotted that the CJEU, as it only responds to the facts presented by the referring judge, leaves certain issues open. For example, one might wonder how the analysis might change if it was not a process patent but a compound patent or whether the transfer of value is not made solely in return for market exit and no-challenge commitments, but reflects other considerations between the parties.

Another interesting issue to further develop is the consequences of pro-competitive effects on the finding of a ‘restrictive agreement by object’. Of great value is the explicit recognition by the CJEU that pro-competitive effects are not completely excluded from the debate of whether or not there is a ‘restrictive agreement by object’. What is certain is that the CJEU does not require a balancing test to be carried out or consider that the mere existence of pro-competitive effects would be sufficient to exclude the finding of a ‘restrictive agreement by object’. The pro-competitive effects should be considered with the other circumstances of the case to verify if it raises a reasonable doubt on the conclusion that the agreement, by its nature, would result in a sufficient degree of harm to competition and whether it should thus be categorised as a ‘restrictive agreement by object’.

We look forward to the CJEU further expanding on the above and its guidance on patent dispute settlements in general when it delivers its Servier and Lundbeck judgement.

***

Eric De Gryse and Christopher Dumont
You may always contact the authors should you have any questions:
eric.degryse@simontbraun.eu – +32 2 533 17 52
christopher.dumont@simontbraun.eu – +32 2 533 17 58

When should a pharmaceutical company apply for a trademark for its medicinal products?

The pharmaceutical market presents unique challenges to pharmaceutical companies seeking to launch new medicinal products. Before they can introduce a new medicinal product on the market, they must go through a lengthy process of executing clinical trials as a prerequisite for obtaining a market authorisation. A crucial question in this context is whether they could already register their trademark during the clinical trials phase, without risking revocation of their trademarks (i.e. due to non-use when the marketing approval process outlasts the five-year grace period).

In its decision dated 3 July 2019, the CJEU stated that when choosing to register a trademark for their medicinal product early on, pharmaceutical companies will either have to make sure that they are certain to obtain a marketing authorisation within the five-year timeframe or to make sure that they invest sufficient financial resources to reasonably expect obtaining a marketing authorisation within the five-year timeframe.

The case brought before the CJEU

On 3 July 2019, the Court of Justice of the European Union (CJEU) rendered an important decision for pharmaceutical companies. The case revolved around a trademark dispute, in relation to medicinal products, that raised two far-reaching issues concerning the scope and definition of the requirement of genuine use within the provisions of Article 58 of Regulation (EU) 2017/1001 of the European Parliament and of the Council of 14 June 2017 on the European Union trademark (“EUTMR”). You can read the judgement here (in Dutch, currently not available in English).
The decision was given in the context of an appeal brought by Viridis Pharmaceutical Ltd. (“Viridis”) against the judgment of the General Court in Case T-276/16, Viridis v European Union Intellectual Property Office (“EUIPO”). The primary proceedings concerned the revocation by the EUIPO of the EU trademark “Boswelan”, registered by Viridis for class 5 of the Nice classification (pharmaceutical and sanitary preparations), following the application filed by Hecht-Pharma GmbH to have the trademark revoked due to lack of genuine use for a period of more than five years by Viridis.

In short, the main points of discussion were whether the use of the trademark during clinical trials may constitute genuine use and, if not, whether conducting clinical trials, as a prerequisite for receiving a market authorisation, may constitute a proper reason for non-use.

Genuine use

According to settled case law, genuine use is made of a trademark within the meaning of Article 51(1)(a) of Regulation No 207/2009 (now article 58.1(a) EUTMR), when it is used, in accordance with its essential function of ensuring the identity of the origin of the goods or services in respect of which it is registered, to find or preserve an outlet for those goods or services, to the exclusion of any symbolic use intended solely to enforce the rights conferred by the trademark (judgements of 11 March 2003, Case C-40/01 Ansul, EU:C:2003:145, paragraph 43, and 8 June 2017, W.F. Gözze Frottierweberei and Gözze, Case C-689/15, EU:C:2017:434, paragraph 37 and the case law cited there).

Thus, the normal use of the trademark presupposes that it is used on the market for the goods or services protected by the trademark and not only within the undertaking concerned. The use of the trademark must relate to goods or services which have already been placed on the market or which can be placed on the market at any time, and the company is preparing to do so with a view to winning customers, in particular in the context of advertising campaigns (see, to that effect, Case C-40/01 Ansul v Commission [2003] ECR I-145, paragraph 37).

On the other hand, the affixing of a trademark to goods which are not supplied to the customer with a view to their penetration into the market for the goods covered by the trademark registration cannot be regarded as genuine use of that mark, since such affixing does not help to find a market for those goods or to distinguish them, in the interests of consumers, from goods originating from other undertakings (see, to that effect, Case C-495/07 Silberquelle v Commission [2009] ECR I-10, paragraph 21).

After recalling the settled case law and general principles on genuine use, the CJEU went on to address the first plea.

The CJEU affirmed the observations of the General Court:

  • That Viridis had adopted preparatory acts which consisted in the conduct of a clinical trial carried out in view to apply for marketing authorisation and which included certain acts in the form of advertising for that trial;
  • However, the use of the trademark during the clinical trials could not be equated with marketing or even with a direct preparatory act, but had to be regarded as an internal use, since that use had taken place outside competition, within a limited circle of participants, and without its purpose being to obtain or maintain market shares. Also, the use (400.000 capsules) had not been shown to be significant in the pharmaceutical sector;
  • In addition, Viridis did not demonstrate that the marketing of the medicinal product designated by the trademark was imminent since it had not produced any evidence to show that the clinical trial was almost complete; and
  • In any event, only the acquisition of a marketing authorisation by the competent authorities could have allowed a public and outward-looking use of the trademark, since the legislation on medicinal products prohibits the advertising of medicinal products which have not yet been the subject of marketing authorisation and, consequently, any communication intended to gain or maintain a market share. It was therefore impossible to use the trademark designating a medicinal product on the relevant market as required by the settled case law.

The CJEU dismissed the following two arguments of Viridis as irrelevant:

  • The fact that the acts of use relied on were in conformity with the applicable legal provisions; and
  • The argument that the five-year period to make genuine use is inadequate for the pharmaceutical sector and does not take into account the specific circumstances of the pharmaceutical market.

The CJEU thus followed the reasoning of the General Court and declared the first plea in law partly unfounded and partly irrelevant.

Proper reasons for non-use

Again, the CJEU started with recalling the settled case law and general principles on proper reasons for non-use. According to the case law of the Court, only obstacles which are sufficiently directly related to a trademark and render its use impossible or unreasonable and which are beyond the control of the proprietor of that mark can be regarded as ‘valid reasons’ for non-use of that mark. It must be determined on a case-by-case basis whether a change in the business strategy in order to overcome the obstacle in question would render the use of that mark unreasonable (judgments of 14 June 2007 in Case C-246/05 Häupl, EU:C:2007:340, paragraph 54, and of 17 March 2016 in Case C-252/15 P Naazneen Investments v OHIM, not published, EU:C:2016:178, paragraph 96).

Regarding the second plea, the CJEU affirmed that conducting a clinical trial may constitute a proper reason for non-use, but observed that the acts and events in the present case, were within the sphere of influence and under the responsibility of Viridis and, therefore, could not be regarded as obstacles which arose outside its control.

The CJEU argued that Viridis had already, on the basis of its own choice and not on the basis of any legal obligation, applied for registration of the trademark even though there was considerable uncertainty as to both the date and the possibility of marketing the goods designated by that mark, since those goods were in the clinical trials phase. It noted that Viridis’ application for a clinical trial had been submitted more than three years after the registration of the trademark. Also, the difficulties alleged during the clinical trial in question were, in view of the specific characteristics of the sector concerned, due to insufficient investments by Viridis.

With the above reasoning, the CJEU declared the second plea unfounded and dismissed the appeal in its entirety.

Key takeaways

It can be tricky to register a trademark in relation to a medicinal product for which no market authorisation has yet been obtained. Pharmaceutical companies will have to determine whether or not the benefit of registering the trademark early on outweighs the risk of losing the trademark due to non-use.

The judgement, read together with the opinion of AG SZPUNAR, makes it clear that the chances for a pharmaceutical company to make genuine use of their registered trademark during the clinical trial phase are, although not fully excluded, very low. The use during clinical trials, no matter how quantitatively large, is aimed at testing the medicinal product (scientific objective) and is not aimed at maintaining or creating a share in the market for the goods or services protected by the mark (economic objective). The restrictions flowing from the legal framework relating to medicinal products (prohibition of sales and advertisement of non-authorised medicinal products) make it (nearly) impossible to make genuine use of the registered trademark during the clinical trial phase.

When choosing to register a trademark for their medicinal product early on, pharmaceutical companies will thus either have to make sure that they are certain to obtain a marketing authorisation within the five-year timeframe or to make sure that they invest sufficient financial resources in order to reasonably expect to obtain a marketing authorisation within the five-year timeframe.

The CJEU confirmed that a clinical trial and the restrictions of use flowing from the legal framework relating to medicinal products that go with it may constitute a proper reason for non-use.

However, pharmaceutical companies’ own behaviour in coping with the legal barriers to use its trademark is also taken into consideration when examining the proper reasons for non-use. Waiting three years after registering the trademark to start the clinical trials with insufficient funds will clearly not suffice for the CJEU. Conversely, the reasoning of the Court does seem to suggest that a pharmaceutical company that registers a trademark and starts the clinical trials early on with sufficient funds and reasonable expectations of finishing the clinical trials and obtaining a market authorisation to make use of the trademark before the expiry of the five-year period, may successfully invoke clinical trials and the unexpected delay during the clinical trials as a proper reason for non-use.

In sum, the decision teaches us that timing, careful assessment and awareness are essential when it comes to applying for and maintaining a trademark for medicinal products in the pharmaceutical context.

***

Eric De Gryse and Christopher Dumont

You may always contact us should you have any questions.
eric.degryse@simontbraun.eu – +32 2 533 17 52
christopher.dumont@simontbraun.eu – +32 2 533 17 58

New Copyright Directive approved by the EU Parliament

On 26 March 2019, a fierce battle took place in the arena of the EU Parliament. Arguments flowing back and forward resulted in a close majority in favour of the supporters of the new Directive (EU) 2019 of the European Parliament and of the Council on copyright and related rights in the Digital Single Market and amending Directives 96/9/EC and 2001/29/EC (hereinafter: the New Copyright Directive). You may find the debate here and the final text as adopted here.

The fact that the European Commission launched the proposal back in September 2016 with a legislative process lasting nearly two and a half years and only 348 Members of the European Parliament (hereinafter: MEP) voting in favour, while 274 MEP voted against and 36 MEP abstained, illustrates the controversial nature of the New Copyright Directive. This led to the adoption of the current text containing merely 32 articles to be accompanied with almost three times that amount of recitals, i.e. 86.

Closing the value gap

The biggest battle was fought over the new obligations and the personal scope of Online Content-Sharing Service Providers (hereinafter: OCSSP). When reading between the lines of the personal scope, the thresholds and the exemptions, it seems that the new rules on the internet are tailored towards big information society service providers such as YouTube, Facebook and similar platforms. The goal of the New Copyright Directive is clear: the EU only intends to regulate the internet to the extent necessary to tackle the famous “value gap” and ensure appropriate remuneration for rightholders for the use of their protected works on the internet.

Under the New Copyright Directive, an OCSSP means “a provider of information society service of which the main or one of the main purposes is to store and give the public access to a large amount of copyright-protected works or other protected subject matter uploaded by its users, which it organises and promotes for profit-making purposes”.

Despite clear indications, the New Copyright Directive still leaves room for interpretation of this new key concept. It will be interesting to see how courts will define the boundaries and interpret the open notions like “main” and “large”. What is certain, is that activities of providers of services like Wikipedia (online encyclopaedia), Dropbox (online storage), eBay (online marketplace) and Telenet or Belgacom (electronic communication services) are not included in the scope as they are explicitly excluded for the reason that they do not have as their main purpose to give to the public access to a large amount of copyright-protected works.

The new obligations on OCSSP flowing from the New Copyright Directive include amongst others that OCSSP must now obtain an authorisation in exchange for an appropriate remuneration from the rightholders in order to communicate the protected works to the public. In the event that they cannot obtain such authorisation, they must demonstrate best efforts to obtain it, demonstrate best efforts to make unavailable unauthorised content for which relevant and necessary information was provided and organise an expeditious notice, take down and stay down mechanism for unauthorised content. The latter must include an effective and expeditious complaint and redress mechanism with a human review in the event of disputes. At the same time, the OCSSP must refrain from general monitoring and over-blocking.

Other key features of the New Copyright Directive

Besides the above-mentioned, other key features of the New Copyright Directive include:

  • New exceptions and limitations covering text and datamining, the use of works in digital and cross-border teaching activities and copies made for the preservation of cultural heritage
  • Measures to ensure wider access to out-of commerce works by providing the grant of non-exclusive licences to cultural heritage institutions for non-commercial purposes, together with measures to ensure transparency and stakeholder dialogue
  • Measures to facilitate collective licensing and rules governing collective management organisations offering such collective licenses
  • Negotiation mechanism to assist parties facing difficulties related to the licensing of rights for the purpose of making available audiovisual works on VOD platforms
  • New publisher’s rights with regard to online uses of their press publications
  • A right for authors and performers to receive information as well as appropriate and proportionate remuneration when they license or transfer their exclusive rights
  • A right of revocation for authors and performers in case of a lack of exploitation after transferring or licensing their rights on an exclusive basis

Conclusion

The journey is far from over. The Council of Ministers still has to give its final opinion over the New Copyright Directive and it is expected that it will accept the final text on 9 April 2019. After that, the text will be published in the Official Journal and the Member States will have 2 years after the date of entry into force of the directive to transpose it into their national laws.

The rules laid down in this new directive aim at creating a fair balance between access to creative works and appropriate remuneration for the rightholders. It would be in the interest of all stakeholders that users and rightholders come to a mutual understanding and conclude the necessary licenses to keep contents available while at the same time ensuring appropriate remuneration of the rightholders, and ultimately prove the sceptics wrong.

We will keep monitoring the progress of the New Copyright Directive and its implementation and keep you updated.

*     *     *

For any question, do not hesitate to contact our IP team.

Unveiling the new Belgian law on the protection of trade secrets

At last, after roughly two years, the EU Directive 2016/943 (hereinafter: The Directive) of 8 July 2016 has finally been transposed by the long-awaited Belgian Law of 30 July 2018 on the Protection of Trade Secrets (hereinafter: The Law) that entered into force on 24 August 2018.

The Law brings clarity, among other things, by giving a legal definition of “trade secrets” and provides useful mechanisms that allow more effective enforcement of the right to the protection of trade secrets.

Considering that The Law is in large part a copy/paste-exercise from The Directive, we first recollect the main objectives and principles of The Directive.

Main objective

It is clear from the recitals and the preparatory documents that The Directive has as its primary objective to establish effective and comparable legal means for protecting trade secrets across the Union in order to facilitate cross-border activities within the internal market.

Globalisation, digit(al)isation, the internet, the lack of common definitions and legal concepts are reoccurring phenomena that create the need for most of the regulatory actions at the European level.  These were specifically problematic in the area of trade secrets considering the high economic value attached to trade secrets, the ease of copying and transferring huge amounts of data, as well as the multinational aspects and strategic considerations that go with a possible leak of trade secrets.

Principles

To achieve the objective mentioned above, The Directive does not only contain articles on substantive law, but also several articles dealing with the procedural side of the coin.

The Directive starts with a homogenous definition of “trade secrets” in order to have a common legal understanding of the concept across the internal market.

Further, it outlines the circumstances in which legal protection of trade secrets is justified. Bearing in mind lawful means of acquisition, use or disclosure of a trade secret, The Directive strikes a careful balance between the interests of the various stakeholders, amongst which, the companies concerned, journalists, whistleblowers and employees. It aims at providing sufficient protection to the right holders, while at the same time not aiming at stifling competition nor innovation, nor restrict the fundamental freedom of others.

Finally, it contains articles aimed at facilitating, but also encouraging those harmed by a breach to seek and find legal redress. The Directive prescribes that Member States put in place procedures that are not overly burdensome, whilst at the same time providing the persons seeking redress with adequate legal means to address specific issues relating to their trade secrets. The preservation of confidentiality of trade secrets is essential during these procedures.

Key features of The Law

The Law does not deviate noticeably from The Directive and copies the wording of The Directive almost literally in many aspects. There are, however, several articles from The Directive that did not make it into The Law, merely because the legal concepts or mechanisms already existed under Belgium Law, such as the legal remedies against abusive exercise of a right.

Just like The Directive, it is worth mentioning that The Law brings clarity to the domain of trade secrets by, for the first time, providing a written legal definition of this concept. It has done so by enumerating the different requirements that need to be fulfilled in order for information to be protected as “trade secrets”. It is interesting to note that these requirements are substantially in line with those already known from the TRIPS Agreement. The new definition reads as follows:

The information needs to be

  • secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question;
  • it needs to have commercial value because it is secret;
  • and finally it needs to be subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret;” (art. 2, 1° The Law, own emphasis).

In light of this new definition, and especially the last requirement, it is recommended that companies re-examine and document their current measures undertaken to keep their valuable information secret to ensure that they can continue enjoying protection under the new legal regime, in addition to documenting the valuable information itself.

A most welcomed novelty in Belgian procedural law is the new confidentiality obligations and mechanisms aimed at protecting trade secrets, not only during but also after the procedure involving these trade secrets. This should provide those harmed effective legal protection and facilitate the enforcement of their rights. In this regard, The Law gives the possibility to the judge to impose a fine on anyone in breach of their confidentiality obligations, ranging from € 500 to € 25.000.

It is worth noting that The Law provides for legal remedies similar to those that already exist for intellectual property rights such as, but not limited to, cessation of unlawful use or disclosure, recall, destruction of infringing goods and damages. This enhances the strength and effectiveness of the right to the protection of trade secrets. However, despite being debated during the parliamentary discussions, the descriptive seizure procedure will not be available to the holders of a trade secret.

Lastly, in light of enhanced specialisation, The Law centralises most litigation concerning trade secrets to the commercial courts regardless of the parties’ capacity, although there are several exceptions in favour of labour courts in cases involving employees. One should keep in mind that the statute of limitation has been set to five years from the discovery of the unlawful breach and the identity of the alleged infringer, similar to the regime of non-contractual liability.

Conclusion

Remains to be seen the impact in practice, but in theory, The Law should be able to provide sufficient means to combat the phenomena of industrial espionage and employees copying substantive amounts of (confidential) documents, in particular before they leave. The enhanced legal remedies put the holders of a trade secret almost on par with the holders of an intellectual property right, which should enable them to take action more efficiently against a possible leak of their trade secrets.

In conclusion, the change is most welcomed, in particular considering that the most valuable information sometimes is information that precedes intellectual property rights, and is thus not protected by the latter.

*     *     *

Philippe Campolini and Christopher Dumont

For more information or any question, please contact the authors:
philippe.campolini@simontbraun.eu – +32 2 533 17 52
christopher.dumont@simontbraun.eu – +32 2 533 17 58