WF_Brexit

Intellectual Property & Data Protection – Top 5 Issues (March 2021)

  1. Divergence of intellectual property systems – The EU–UK Trade and Cooperation Agreement (the "TCA") agreed at the end of December 2020 sets out minimum standards of IP protection and enforcement to which the EU and UK will remain committed. These minimum standards are largely consistent with current IP law in the UK and EU, but the TCA also provides for flexibility in certain areas which may result in a divergence of intellectual property systems in each jurisdiction in the future.  The TCA does not alter the arrangements set out under the Withdrawal Agreement agreed in 2019. These arrangements deal on a more granular level with the impact of the UK leaving the unified EU intellectual property regimes. The following measures have been provided for under the Withdrawal Agreement to reduce the disruption to rights-holders:

      Trade Marks: Under the Withdrawal Agreement, since 1 January 2021, a European Union trade mark ("EUTM") registration will no longer extend to include protection in the UK.  To deal with this, on 1 January 2021 the UK Intellectual Property Office ("UKIPO") automatically converted all EUTMs existing as of 31 December 2020 into "cloned" UK trade marks without any loss of priority, filing or seniority dates and at no cost to the owner.  EUTM applications which were pending on 31 December 2020 were not converted into "cloned" UK trade marks by the UKIPO but applicants with a pending EUTM application may apply to register a comparable UK trade mark (retaining the original filing date) until 30 September 2021. Standard UKIPO fees apply to these applications. As of 31 December 2020, brand-owners seeking trade mark registration in the EU and the UK are now required to make separate applications for trade mark protection in each of the EU and UK going forward. Brand owners should be aware that only EEA based representatives will be permitted to act on their behalf before the EUIPO.

      Design Rights:
    Design protection in the UK is now solely governed by domestic UK design legislation. Like the approach taken by the UK in respect of registered EUTMs, any published Registered Community Design rights which existed as of 31 December 2020 have been cloned by the UKIPO on to the UK designs register.  Changes have also been made to UK law to facilitate the continuing protection of unregistered designs in the UK. The UKIPO has created two new types of unregistered design right which are intended to fill the gap left by the EU Unregistered Community Design ("UCD"). The first of these new rights, the Continuing Unregistered Design will protect any design previously protected by the UCD that still has time left to run (ie any design which was made publicly available less than three years ago). The second new right, the Supplementary Unregistered Design Right is intended to replace the UCD in the UK going forward. One point that is important to note with regard to unregistered design protection in the UK is that the TCA does not provide for a system of reciprocal protection for unregistered design rights. As a result, designers will now need to choose between disclosing in the UK and getting UK-wide protection or disclosing in the EU and getting EU-wide protection under the unregistered community design right.

      Copyright: The UK has indicated that it will not participate in the implementation of the new EU Copyright Directive (due to be effective across the EU in June 2021), marking a potential area for the development of a substantial divergence between UK and EU copyright law.  Nevertheless, as the UK will remain a signatory to international treaties such as TRIPS, the Berne and Rome Conventions, the UK will not have complete freedom to amend its statutory copyright regime.

      Enforcement: Pan-European injunctions granted by an EU Court in respect of an intellectual property right can no longer apply in the UK. However, any pan-European injunction grounded on a EUTM or UCD which was in place and still effective on 31 December 2020 will be enforceable as against any the equivalent "cloned" UK trade mark or design right created by the UKIPO.  Similarly, decisions of the EU Court of Justice issued after the expiry of the transition period will no longer be binding in the UKThis is likely to lead to an increase in the cost of enforcement of rights as separate proceedings will have to be taken in the UK.
  2. Risk of differing frameworks for patent protection - In recent years there has been a push towards a Unitary Patent System with a Unified Patent Court (UPC). The UK has announced it no longer intends to participate in the UPC system. Accordingly, patents will continue to require a separate UK registration to ensure protection in the UK even if the UPC system is put into effect and commenced in due course.
  3. Transfer of data between EEA and the UK - Under the terms of the TCA, a temporary preservation of the status quo put in place by the Withdrawal Agreement was extended for a period of up to 6 months from 1 January 2021. This allows for data transfers between the EU and UK to continue during this "bridging" period without additional safeguards – provided that the UK does not deviate from data protection laws in place in the UK as at 31 December 2020, nor exercises certain powers relating to international transfers without the EU's consent. During the bridging period transfers of personal data from the EEA to the UK are not considered to be transfers to a 'third country' under EU law. Since then the European Commission ("EC") issued a draft adequacy decision in favour of the UK which is subject to receipt of an opinion (non-binding) by the European Data Protection Board and ratification by representatives of the 27 Member States. If ratified, the decision will enable the seamless transmission of personal data from the EEA to the UK and cure the uncertainty around such future of transfers. The EC adequacy decision, if formally granted, will be reviewed every four years. Reciprocally, the UK government has taken the initial position that the EU will be treated as an adequate jurisdiction for the purpose of personal data transfers from the UK to the EU and will keep this decision under review. Until the EC's adequacy decision is formalised, the bridging period provided for under the TCA will continue to apply to transfers of personal data.
  4. Risk of divergence in data protection regimes now minimised – The UK has absorbed the General Data Protection Regulation ("GDPR") into its domestic Data Protection Act 2018 and UK GDPR. Under the TCA (and until an EC adequacy decision is formally granted), the UK is prohibited from deviating from data protection laws in place in the UK as of 31 December 2020 lest the bridging period automatically terminate. If divergence takes place this would cause the UK to become a third country for the purposes of GDPR and require that all transfers of personal data to the UK be accompanied by appropriate safeguards. The bridging period will avoid a divergence in data protection rules between the UK and the EU, for the time being at least. The EC adequacy decision will cement that position, thus further minimising possible future divergence. Companies with operations in Ireland and the UK should however be aware that they are now subject to two separate, albeit substantively similar, data protection regimes.
  5. Appointment of Article 27 Representatives - Organisations located solely in the UK but who offer goods or services to, or monitor the behaviour of, individuals in the EEA will likely need to appoint an EU-based representative (in a state in the EEA in which the personal data are being processed). The EU-based Representative is also responsible for maintaining records of processing activities, as required of the organisation under Article 30 of GDPR. Additionally, organisations located solely in a jurisdiction other than in the EEA or UK, but who offer goods or services to or monitor the behaviour of individuals in the EEA and/or UK will now need to appoint an EU-based representative and/or a UK-based representative (as required under UK GDPR). The nomination of representatives will invariably involve business and legal analysis for relevant organisations, especially where the personal data of individuals in multiple jurisdictions is processed. Once an appointment of a representative has been made this should be documented in relevant data protection notices and privacy policies along with the contact details of the representative(s).

Contact:

 David Cullen    Laura Scott

David Cullen
Partner

Email David
+353 1 639 5202

 

Laura Scott
Partner

Email Laura
+353 1 489 6508