In a nutshell: Sweden is holding the Presidency of the Council of the EU in the first half of the year. The geographical indications reform is moving through the clogs of the EU legislative machine, with the Council being slightly more ahead with the discussions on the crafts and industrial products. The NIS 2 Directive entered into force, paving the way towards its upcoming implementation phase in the Member States. Member States are divided over the provisional agreement on the e-Evidence package, while the European Parliament endorsed the ratification of the Second Additional Protocol to the Budapest Convention. The European Commission is expected to reform the Consumer Protection Cooperation Regulation.
Sweden took over the presidency in the Council of the EU
From 1 January, Sweden is holding the presidency in the Council of the EU, and leading negotiations on the key legislative and policy initiatives on behalf of the co-legislator. Regarding the ongoing legislative initiatives that are important for technical internet infrastructure actors, the Swedish presidency pledges to support “continued and intensified efforts to ensure and develop access to communication data and eEvidence”; move the work forward on the European Chips Act, with the aim of “strengthening Europe’s semiconductor ecosystem and creating diversification opportunities for an increasingly digital economy”; focus on “informal trilogues” on geographical indications (GIs) protection for craft and industrial products; support measures that “promote the open exchange of knowledge and data within the European Research Area” and “accelerate the transition to open science”; initiate negotiations with the European Parliament on the European electronic ID and to “advance them as far as possible”; and advance the negotiations on the Cyber Resilience Act. When it comes to new initiatives on the Presidency’s agenda, Sweden pledges to initiate negotiations on a review of the design protection legislation, and begin the Council’s work on the “Connectivity Infrastructure Act, which is designed to reduce the costs of expanding the high-speed electronic communications networks”.
Geographical indications: the Council of the EU adopted its General Approach for the craft/industrial products proposal
On 1 December, the Council of the EU adopted its General Approach on the proposal for the reform of GI protection for craft and industrial products (see our previous reporting here). Most notably for domain name actors, like TLD registries, the Council’s position is to delete all references to the establishment of a domain name information and alert system that obliges registries to share all relevant data and information necessary to run a monitoring system alerting GI applicants on potentially conflicting domains upon their registration, with the EU Intellectual Property Office. The justification provided by the Council in its introduction to the General Approach is that such a system as proposed by the Commission would put a disproportionate burden on domain name registries. ccTLD registries established in the Union and offering alternative dispute resolution (ADR) procedures to solve disputes relating to domain name registration “should be encouraged to ensure that such procedures also cover geographical indications”, according to the General Approach. European Commissioner for Internal Market Thierry Breton addressed Member States during the Competitiveness Council on 1 December expressing his regret in reducing GI protection when it comes to domain names, while hoping for “balance” to be preserved in trilogues.
Geographical indications: Czech Presidency issued a progress report on the progress of the agricultural products proposal
Before the end of 2022, the outgoing Czech presidency issued a progress report on the status of the discussions over the proposal revising the current EU legislation on GI protection for wines, spirit drinks and agricultural products in the Council of the EU. According to the Czech progress report, one of the “particularly challenging” elements during the discussions within the Council was deemed to be the protection of GI rights in domain names. Regarding the domain name related provisions, most delegations would like to take the same approach as in the General Approach reached on the crafts and industrial products proposal, i.e. “to delete the proposed provisions and shift some of them to the recitals”. Some delegations would however prefer specific provisions on domain names for GIs for wine, spirit drinks and agricultural products, according to the progress report. The progress report ends with the Czech Presidency's hope to build on this “legacy” under the Swedish Presidency and find “a solution on the most controversial elements such as[...] domain names”. Meanwhile, independent legal research commissioned by CENTR in the end of 2022 has found a marginal number of domain name disputes over GIs within the European domain name space in the last two decades, with the vast majority of cases being resolved in favour of the GI rightsholders.
Geographical indications: JURI received amendments on its Draft Opinion on craft/industrial products proposal
Members of the European Parliament in the Legal Affairs Committee (JURI) submitted numerous amendments to the Draft Opinion on the agricultural products proposal (see here and here). A few notable amendments on domain name related provisions include a suggestion to involve EUIPO in assessing GI domain name disputes in non-EU ccTLD registries, “in cooperation with the international dispute settlement systems already in place, such as the ones managed by WIPO and ICANN”; expanding the scope of the GI protection to all TLDs operating in the Union; the expansion of the GI protection within domain names to “core platform services provided or offered by registries to business users established in the Union or to end-users established or located in the Union”; and clarifications to the provisions on revoking or transferring domain names only by a request from an existing GI rightsholder or by a mandate from a producer group with legitimate interest in a protected GI, following an appropriate ADR procedure.
The NIS 2 Directive entered into force
On 27 December 2022, the Directive on measures for a high common level of cybersecurity across the Union (NIS 2) was published in the EU Official Journal, entering into force on 16 January 2023 (see our previous reporting here). Member States have 21 months to implement the NIS 2 Directive in their national legal frameworks. The NIS 2 Directive introduces a specific data accuracy obligation on TLD registries and entities providing registration services, such as registrars, to collect and maintain accurate and complete domain name registration data in a dedicated database, containing the registrants’ name, contact email address and phone number. The data accuracy obligation also includes verification procedures for both legal and natural persons who register a domain name, and require registries and registrars to cooperate with each other to avoid collecting the same data multiple times. To help registries, registrars and national authorities in their efforts to implement the data accuracy requirements under NIS 2, CENTR has published a White Paper, compiling experiences from the European national domain registries.
Member States are divided over the provisional agreement on the e-Evidence package
On 5 December 2022, the Czech Presidency issued a progress report on the negotiations regarding the e-Evidence legislative package. According to the progress report, during the Czech Presidency the most difficult discussions focused on the following aspects: 1) the notification regime for orders to the authorities in the state in which the legal representative of the service provider is located, where the Council strived to ensure that pre-dominantly national cases would not need to undergo the notification process; 2) the rules on whether the European Production Orders (EPOCs) should be addressed to the service provider acting as data controller rather than to the service provider processing the data on behalf of the data controller; 3) the rules on the grounds for refusal, where the Council insisted that judicial authorities must retain some margin of discretion. However, the progress report does indicate that although the co-legislators were able to reach a provisional political agreement at the end of November 2022 (see our previous reporting here), some technical issues remained that needed to be addressed together with the European Parliament before the end of the year. Some reports suggest that the provisional political agreement is fragile in the Council, as Member States are divided in their support for the agreement, and the discussions might be reopened.
The European Parliament endorsed the ratification of the Additional Protocol to the Budapest Convention on Cybercrime
On 17 January, members of the European Parliament endorsed the ratification of the Second Additional Protocol to the Council of Europe's Budapest Convention on Cybercrime (see our previous reporting here). The Additional Protocol would allow authorities across the signatories to the Budapest Convention to directly contact service providers in other countries and request domain name registration information, subscriber information and traffic data. The Protocol was opened to signatories on 12 May 2022, and will enter into force once it has been ratified by the five parties. The endorsement by the European Parliament effectively allows EU Member States to ratify the protocol. In 2022, 30 states signed the protocol, including the US, Japan, and a number of EU Member States.
The European Commission is expected to reform the Consumer Protection Cooperation Regulation
At the end of 2022, the European Commission consulted the public on the upcoming revision of the Consumer Protection Cooperation (CPC) Regulation, preliminarily scheduled for Q2 2023. According to the Commission's Call for Evidence which accompanied the public feedback round, "consumers are increasingly exposed to unfair commercial practices" and the "increasing digitalisation of consumer markets[...] makes it easier for businesses that do not always fully comply with the EU laws protecting consumers and for rogue traders to target EU consumers". According to the Commission, there have been diverging interpretations among Member States regarding their authorities' competence to act against non-EU based businesses on the basis of the CPC Regulation. To this aim, the revision of the CPC Regulation will potentially tackle the following issues: 1) the speed and flexibility for CPC authorities to respond to emerging market threats; 2) CPC authorities' powers to impose fines more effectively; 3) the role of the European Commission in coordinating more effectively the work on CPC authorities. From the examination of possible solutions to respond to these issues, the Commission could propose to explicitly include third country traders; to provide for a strengthened role for the Commission when it comes to sanctioning non-compliant traders; or direct powers for the Commission to enforce the CPC Regulation in relation to infringements committed by large market players. CENTR provided feedback to the Call for Evidence, outlining a few key points that are relevant for domain name registries and that are currently in scope of the CPC Regulation.