IN THIS ISSUE
THREE STRIPES AND YOU’RE OUT: ADIDAS WINS SUMMARY JUDGMENT AGAINST ETONIC
RAISING THE PRIVACY SHIELD AND OTHER PROTECTIONS: HOW U.S. ORGANIZATIONS CAN RECEIVE PERSONAL DATA FROM THE EU
THREE STRIPES AND YOU’RE OUT: ADIDAS WINS SUMMARY JUDGMENT AGAINST ETONIC
In an unusual opposition proceeding involving the fame of a design, the U.S. Trademark Trial and Appeal Board (TTAB) granted summary judgment to adidas AG and adidas America, Inc. (both companies begin their names with a lower-case “a”) based on their Three-Stripe Design mark as used with footwear. adidas AG and adidas America, Inc. v. Etonic Holdings, LLC, 121 USPQ2d 1188 (TTAB Dec. 22, 2016) [not precedential].
Etonic Holding, LLC (Etonic) filed an intent-to-use application to register the mark E and Design for use with “athletic footwear; bowling shoes; footwear; footwear for track and field athletics; golf shoes; headwear; jackets; pants; running shoes; shirts,” in International Class 25.
Etonic’s application, Serial No. 85790175, was opposed by adidas AG and adidas America, Inc. (collectively, adidas) on the basis of several U.S. registrations as well as their common-law rights; however, the TTAB focused primarily on Registration No. 3029129 for this adidas mark
as used since 1952 with “footwear” in Class 25. The TTAB said that because the design mark shown in Registration No. 3029129 was the adidas mark closest to Etonic’s mark, there was no need to consider the likelihood of confusion with respect to any of adidas’s other marks.
Claiming that there was no genuine issue of material fact, adidas moved for summary judgment on the issues of likelihood of confusion and dilution, and Etonic filed a cross-motion for summary judgment on those two issues as well as the issues of whether Etonic lacked bona fide intent to use its mark and whether Etonic was barred by contract from registering its mark. The TTAB noted that the “mere fact that cross-motions for summary judgment on a claim have been filed does not necessarily mean that there is no genuine dispute as to a material fact, and that trial is unnecessary” (citations omitted). Then the TTAB found that adidas had standing to bring the opposition and had priority in its marks.
Turning to the likelihood-of confusion issue, the TTAB based its analysis on five of the thirteen factors from In re E. I.DuPont DeNemours & Co., 476 F.2d 1357 (CCPA 1973), that were most relevant to the facts in the case: the similarities between the marks, the similarities between the goods (i.e., footwear), the channels of trade, the fame of the opposers’ marks, and the conditions under which sales of the goods were made. The TTAB considered the issue of fame first, noting that “the fame of the prior mark, if it exists, plays a ‘dominant role in the process of balancing the du Pont factors,” (citing Recot, Inc. v. Becton, 214 F.3d 1322 (Fed. Cir. 2000), and Kenner Parker Toys, Inc. v. Rose Art Industries, Inc., 963 F.2d 350, 353 (Fed. Cir. 1992) (a strong mark “casts a long shadow which competitors must avoid”) (other citations omitted)).
The TTAB said that the fame of a mark may be measured “in a number of ways: by the volume of sales and advertising expenditures of the goods . . . identified by the marks at issue, ‘the length of time those indicia of commercial awareness have been evident,’ widespread critical assessments and notice by independent sources of the products identified by the marks, as well as the general reputation of the products” (citations omitted). Based on adidas’s use of the Three-Stripe Design mark since 1952, sales of footwear branded with the mark in over 300 retailers in the United States, sales of millions of pairs of branded shoes totaling billions of dollars, extensive advertising and other promotion of the mark, and a statement by one of Etonic’s owners that the mark is “one of the most widely recognized trademarks for athletic footwear,” the TTAB found that the Three-Stripe Design is famous and therefore entitled to a broad scope of protection.
The TTAB also found that because Etonic’s application covers, among other goods, “footwear,” the parties’ relevant goods are identical. Although Etonic argued that its mark is a stylized letter “E” and that consumers would associate that letter with the word mark ETONIC, the TTAB said that because each design mark includes “three thick stripes,” the “subtle distinctions in the marks are not likely to be recalled by purchasers seeing the marks at different times.” Thus, the TTAB held that the overall commercial impression created by Etonic’s mark is “highly similar” to adidas’s Three-Strip Design mark. Likewise, given that the parties’ relevant goods are the same, the TTAB ruled that the trade channels, purchasers, and conditions of sale are similar.
Based on the foregoing analysis, the TTAB granted adidas’s motion for summary judgment and sustained the opposition. The TTAB then said that having determined that adidas was entitled to judgment on the issue of likelihood-of-confusion, the TTAB did not need to rule on the parties’ motions concerning the issues of dilution, lack of bona fide intent, or contract claims.
RAISING THE PRIVACY SHIELD AND OTHER PROTECTIONS: HOW U.S. ORGANIZATIONS CAN RECEIVE PERSONAL DATA FROM THE EU
The transfer of personal information from European Union (EU) members to U.S. subsidiaries and other organizations is governed by strict legal requirements imposed by the European Commission, the U.S. Department of Commerce, and the U.S. Federal Trade Commission (FTC), depending on the transfer mechanism implemented. The personal information subject to transfer restrictions includes any information relating to an identified or identifiable natural person. In deciding which transfer mechanism to implement, an organization has to take into account financial and business factors as well as its tolerance for risk.
If a U.S. organization is subject to the jurisdiction of the FTC or the Department of Transportation (DOT), one way the organization can receive personal information from the EU is by certifying the organization’s compliance with the “Privacy Shield.” This process began on August 1, 2016.
To make such a certification, an organization must take several steps. Those steps include: (1) developing a Privacy Shield-compliant privacy policy; (2) engaging a third-party that provides a dispute resolution program; (3) cooperating and complying with EU Data Protection Agencies with respect to any transfer of human resources data; (4) self-assessing or engaging a third-party to assess compliance with the Privacy Shield; and (5) designating an individual within the organization to handle questions, complaints, access requests, and other issues arising under the Privacy Shield.
The organization’s privacy policy will need to address the following principles: notice; choice (an opt-out or opt-in for sharing an individual’s personal information); accountability for onward transfer; security; data integrity and purpose limitation; and access recourse, enforcement, and liability. The risk associated with using the Privacy Shield is that the shield will most likely face legal challenges based on concerns about the scope of U.S. government surveillance.
Other transfer mechanisms that U.S. organizations can use to legally receive data from the EU are model contractual clauses and binding corporate rules. The model contractual clauses amount to pre-approved adhesion contracts with terms that cannot be negotiated.
The type of model contractual clauses that an organization may use depends on whether the organization receiving the information is a data controller or a data processor. Although the model contractual clauses consist of “boilerplate” language, parties must specify in an appendix the relevant categories of data and types of data processing. For multinational organizations that regularly engage in data transfers among multiple jurisdictions, the use of model contractual clauses is not efficient or cost-effective because the organization would have to enter into multiple contracts.
Binding corporate rules (BCRs) allow multinational organizations to develop and adopt internal privacy policies that mandate EU-style data protections across the entire organization. Once approved by the appropriate privacy authority in each jurisdiction in which the organization transfers data, BCRs allow an organization to transfer data without having to enter into separate model contractual clauses or get approval for each transfer. There is no model form of BCRs—each organization must develop its own specific set of rules to fit its particular needs. BCRs can be used by organizations that are data controllers or data processors.
Each of the three mechanisms has distinct advantages and disadvantages. In determining how best to meet the EU data protection requirements, U.S. organizations should consider those advantages and disadvantages carefully and consult legal counsel experienced with all three mechanisms.