Opinion of the European Data Protection Supervisor on (i) the proposal for a directive of the European Parliament and of the Council to approximate the laws of the Member States relating to trade marks (recast) and (ii) the proposal for a regulation of the European Parliament and of the Council amending Regulation (EC) No 207/2009 on the Community trade mark.
The EDPS notes that these two proposals – the objective of which is to harmonise further all aspects of substantive trade mark law as well as procedural rules within the EU - establish a few processing operations, which may have an impact on individuals' right to privacy and data protection.
The proposed regulation amends the current legal framework applicable to the Community trade mark
set forth in Regulation (EC) No 207/2009. The Office for Harmonization in the Internal Market (‘OHIM’) is renamed ‘European Trade Marks and Design Agency’. The proposed regulation clarifies substantive and procedural rules that apply to the European trade mark. It provides for the establishment by the Agency of a register and of an electronic database. It also clarifies the role and tasks of the Agency, in particular in relation to its cooperation with the national central industrial property offices in the EU.
In particular, the EDPS recommendations are to:
· insert a substantive provision underlining the need for any processing of personal data carried out by national industrial property offices to respect applicable data protection law, in particular national laws implementing Directive 95/46/EC;
· underline in a substantive provision that any processing of personal data by the Agency in the context of the cooperation between national offices and the Agency is subject to compliance with the rules set forth in Regulation (EC) No 45/2001;
· clarify in a substantive provision whether the common or connected databases and portals planned under the Directive involve the processing of personal data as well as their scope and purpose(s);
· clearly establish in a substantive provision the modalities for the exchanges of information through the common or connected databases and portals, in particular by determining the authorised recipients of personal data, the types of data, the purpose of such exchanges, and the length of the retention of the data in those IT systems.