Τετάρτη, 8 Ιουλίου 2009

The three main criteria’s (prior rights, bad faith and absence of interest) under the UDRP system

Katerina Ahlm Koutsoubakis

Computer and Cyber Law
Spring term of 2009

The three main criteria’s (prior rights, bad faith and absence of interest) under the UDRP system

1 Introduction

1.1 Purpose, source material and the disposition

In order to solve conflicts between already existing trade names and domain names, in a more effective way, a new resolution was adopted in 1999: the Uniform Domain Name Dispute Resolution Policy (UDRP). The UDRP system was created in order to settle disputes due to unfair registrations of generic Top-level domains (TLDs) such as .com, .net and .org, and has

My intention with this essay is to explain the three main criteria’s (prior rights, bad faith and the absence of interest) under the UDRP system.
The criteria’s for enabling the UDRP’s effects, suspension or transfer of the domain name to the plaintiff, are stated in the resolution’s article 4 a. My opinion is that the first point of article 4 a, represent two diverse but equivalent criteria’s, which in reality makes the criteria’s four, why I have also chosen to treat them as that in the essay.
I will go through the meaning, interpretation and the possible problems each of the four criteria give rise to. In order to highlight the interpretations made by the designated dispute resolution bodies, as well as the eventual problems I find in the criteria’s, I will briefly refer to some decisions that I consider relevant.

I would like to underline that my analysis cannot be considered to provide a comprehensive explanation of all the factors and problems arising in the decisions, but rather should be handled as a brief explanation of the observations and issues I consider prominent.

In my work I have used the UDRP, the UDRP Rules, WIPO's first and second report and
the comments to those, available at ICANN and the WIPO website.
My conclusions are based primarily on an analysis of a series of panel decisions under the UDRP, which I’ve found relevant. In the selection of cases, I have proceed from the WIPO "Overview of WIPO Panel Views on selected UDRP Questions" and from references in doctrine, while others are randomly selected since I found relevant in one way or another.

2 The background to the birth of the UDRP

2.1 Internet

The Internet has in the last decade undergone an almost unimaginable development and while the number of users is now close to one billion. From being a network for research and defence under the U.S Department of Defence, Internet has turned in to an everyday necessity for hundreds of millions of people worldwide.

Internet has been described as “a network of networks” and its impact on people and communities can hardly be overestimated.
In the course of just a few years, Internet has fundamentally changed the way we communicate, inform and enter into relationships, both on a personal and work related level. Through the fantastic possibilities of limitless worldwide communication, at any time, and to the relatively low cost of connection and equipment, the Internet can be said to have brought globalization into our living room.

One of Internet’s main functions is to act as forum for commercial activities. In this forum, with million’s of enterprises competing daily for the attention of the consumers, domain names have come to play an increasingly important role in the identification of the origin of products and services. Even in the marketing of a company, the domain plays a crucial role, since the domain name alone more and more often stands for the contact information, that previous addresses and phone numbers formed. to use domain names alone.

Internet is unique in that it is an invisible, global network without central or governmental control. According to the WIPO, Internet can be said to belong to all states, while no state has exclusive jurisdiction over the net. At the rise of problems or conflicts, national law is being used on the effects that the information on Internet may have on a national plane. Internet extraordinary qualities, has increased the need of a uniform procedure for dispute settlement. This is something which often creates problematic situations, where the interests to take into account are many and widespread.

2.2 The Domain Name System (DNS)

Each computer connected to the Internet has a unique identification number known as the “IP address” (Internet Protocol Address). The DNS provides the service of converting the numerical address to a much more user friendly domain name. Without the system, in order for a user to search for information on e.g. WIPO’s webside, instead of www.wipo.int, he or she would need to remember the underlying numerical address “”.

There are two separate groups of TLD’s (Top-Level Domains), generic and national. The generic ones can either be closed or open. By open generic domains, means that there are no restrictions on who may register names under them. These include, inter alia .com, .net, and . org. Under the generic TLD’s that are closed, can only those who meet certain requirements register domain names. These TLD’s include .int (designed international organizations), .edu (referring to college and universities that offers four-year educations), .gov (referring to the U.S Government), and .mil (referring to the military).

The domain name is the distinctive part of the Internet address which marks the holder, e.g. “ikea.com”. Although the domain name originally was only meant as a user-friendly equivalent of the IP-number it has now come to represent a very important part of corporate marketing and branding. In short terms, the domain name works as s the holder of the trade mark or the business name on the Internet. Both existing and new customers today, expects to find the company or the product they are searching for, through typing the name directly into the browser. Since a large proportion of consumption of goods and services is made through the Internet (how many uses nowadays e.g. a physical agent when purchasing an airline ticket?), it is not very difficult to understand the economic value of a domain name can be estimated to huge amounts. In many cases, the domain name is probably just as valuable as the brand itself.

One problem is that the domain names, just as Internet, shows no boundaries, unlike trade marks, why there may be many who are entitled to the same domain name. The fact that a domain name that a company wants to register is already taken’, can be problematic enough, without that the registration is made with bad intentions. When a enterprise features a situation, where the wanted domain name is already registered by a competitor, a dissatisfied customer or someone else who uses the domain name in a negative way for the company, it may have serious consequences though. Even so-called “Cybersquatting” or “domain thieving”, which means that someone registers a well-known company’s characteristics in hope of selling it back to the same for high amounts of money, has led to great problems for many companies.

2.3 The Wipo Process –
the development of a dispute settlement system relating to domain names

Until the year of 1998, the Internet Assigned Numbers Authority (IANA) was the responsible organization of domain names management of gTLD’s. In February of 1997 the first publication of a proposal for how the future administration of the gTLD’s . The proposal was framed by the International Ad Hoc Committee (IAHC).
The goal was to create balance between the interests involved, in order to in the best way promote the development of corporate activities on the web. A significant number of organizations and companies signed the Memurandum of Understanding , which IAHC had prepared. To work came to ground to halt though, after the U.S government came with the initiative to a new proposal. The Clinton Administration published its Green Paper in January of 1998, including a proposal for the formation of a private organization for the overtaking of responsibility for the Domain Name System. The position of the organization would be in the USA, but managed by a Board representing the international Internet. A final proposal in the form of a White Paper also gave WIPO (World Intellectual Property Organization) instructions to prepare recommendations for, among others, a resolution of disputes between domain names and trademarks.

Intellectual property rights has been a strongly protected right for a long time, as a result of the idea that the protection provides incentives for the development of products and ideas and thus drive society forward. These rights are most often limited to a certain territory, which is a difference that often creates conflicts between the two systems. In this process, these two rights would be put in a global context, not with the intention to strengthen the protection of intellectual property, but to ensure that it worked in cyberspace.

Wipo’s recommendations endorsed in October of 1999 and the first organ of dispute settlement was appointed just over a month later, after which claims could be received by the 1st of December 1999. Already the next day the first claim relating to the domain name “worldwrestligfederation.com” was submitted.

Since then, ICANN has appointed four panels for the task to resolve administrative disputes under the UDRP. These are the WIPO Arbitration and Mediation Center, The National Arbitration Forum, e.Resolution and the CPR Institute for Dispute Resolution.
From the start of using the UDRP in December 1999 to the end of 2001, in accordance with the calculations of WIPO’s second report about 4155 claims has been treated under the UDRP, from which 2821 of there have been addressed by the WIPO Arbitration and Mediation Center.

3 The Uniform Name Dispute Resolution Policy (UDRP)

3.1 A system against “Cybersquatting”

The main purpose of the UDRP was to create an effective, economical and coherent alternative to ordinary court processes. The WIPO process, which led to the formation of the administrative dispute settlement system, agreed on a number of principles that could form the basis for the new system. Basic dispute resolution practice is, that only cases concerning unfair registration of generic top-level domain names, which infringe on another’s right to goods or service marks, known as “Cybersquatting” is covered.

The concept of “Cybersquatting” is relatively unclear and thus could lead to confusion (for example it could be confused with “warehousing”, which is a broader concept, or “Cyberpiracy”, which rather implies copyright infringing content on a web page). There fore WIPO instead uses the concept of “abusive registration” in theire reports. This excludes entirely the treatment of disputes between parties acting in good faith, and where the conflict instead deals with the question of who has the best right to the name. These dispute scan only be addressed by national courts.

3.2 UDRP’s restriction to the extent of product and service marks

An important limitation of the UDRP's scope, is that protection is only given to trademarks and service marks. At the creation of the resolution, many suggestions were made regarding the extent of the scope of the dispute settlement system. However, it was finally agreed that the scope of UDRP would only include protection to just product and service marks, as this was the area which the problem of unauthorized registration of domain names had been greatest. The idea was, however, that after
a time use and evaluation of the system, extending the scope to also include business names, personal names and geographical names . Although this has not yet been done, there are plenty of cases showing that disputes concerning personal names, geographical names and business names are often determined under the UDRP, since the names were considered to be protected though thanks to the extensive use, it has become established on the market.

3.3 The UDRP procedure

The UDRP is an example of so-called online arbitration, which means that all the communication between the parties is made virtually via the Internet. This system is only suitable for the treatment of certain issues and never to resolve major disputes. But when it works, as it proved to do concerning the domain name disputes, it is a very cost- and time- effective way to solve less complicated conflicts.

UDRP is a mandatory procedure that each applicant of a domain name registration under .com, .net or .org, commits itself to through the registration agreement. Moreover, by the agreement every applicant is obliged to follow the panel’s decision. In the case where a defendant refuses to submit to a dispute resolution process, it is therefore a brach of the contract. The WIPO report, concluded that the system would only be effectice if it was mandatory, which was particularly important since only registrations in bad faith are covered. It is very unlikely that anyone who registers a domain name in bad faith, would accept to submit to a voluntarily, administrative process, and the risk that innocent domain name holders would be called in front of the panel, was considered low.

The right to be heard in court, however, has not been removed. The UDRP does not in any way interfere with any of the parties right to transfer the case to court. The UDRP decision is not final binding in the same way as an arbitration award.

Since the registration of a domain is easy and fast, without its conditions being actually checked in advance, the opinion was that there should also be a possibility to abolish or transfer the same, relatively quickly if the registration has been made on unfair grounds. This is now possible through the UDRP, which in other words works as a kind of “corrector”, or after control of already registered domain named.

The critic against the decisions under the UDRP, has been that the process is made too quick and easy, why there are risks of the accuracy of the decisions. However, one should remember that the results of a decision under the UDRP can never be more serious than that a domain name registration is canceled or transferred, if bad faith at the registration can be proved. Moreover the possibility for a party to apply to a competent national court always remains.

4 Prerequisuties for the applicability of the UDRP

A domain name dispute shall be settled according to the criteria’s of the UDRP’s fourth paragraph. As I have explained above, the UDRP is a private system where the decision is binding upon parties, through the agreement in the registration of the domain name.

Article 3 a in the UDRP Rules, states that any person or entity may initiate a claimant under the UDRP and the UDRP Rules, to any of the dispute settlement body ICANN has approved. The claimant shall, among others, always contain the grounds, where it’s especially crucial that the conditions in article 4 a can be considered fulfilled.

As stated in article 4 a you are required to submit to a mandatory administrative proceeding in the event that a third party (a "complainant") asserts to the applicable Provider, in compliance with the Rules of Procedure, that

(i) your domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights; and
(ii) you have no rights or legitimate interests in respect of the domain name; and
(iii) your domain name has been registered and is being used in bad faith.
In the administrative proceeding, the complainant must prove that each of these three elements are present.
Under the articles point b, it’s further explained that for the purposes of paragraph 4(a)(iii), certain circumstances, shall be evidence of the registration and use of a domain name in bad faith. These circumstances are explained as:
(i) circumstances indicating that you have registered or you have acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the complainant who is the owner of the trademark or service mark or to a competitor of that complainant, for valuable consideration in excess of your documented out-of-pocket costs directly related to the domain name; or
(ii) you have registered the domain name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that you have engaged in a pattern of such conduct; or
(iii) you have registered the domain name primarily for the purpose of disrupting the business of a competitor; or
(iv) by using the domain name, you have intentionally attempted to attract, for commercial gain, Internet users to your web site or other on-line location, by creating a likelihood of confusion with the complainant's mark as to the source, sponsorship, affiliation, or endorsement of your web site or location or of a product or service on your web site or location.
It shall always be remembered that the UDRP procedure is limited to just the domain name. The content of a web page, links and meta tags, can always be transferred in full to another domain address.

5 The plaintiff’s right to a trademark or a service mark –
Article 4 a (i)

The first requirement that must be met for the applicability of the resolution, is that the domain name is identical or confusingly similar to the mark in which the plaintiff has a right. My personal opinion is, that this criterion consists of two separate criteria; first the one concerning the plaintiffs eventual right to the trademark or service mark in conflict, the second concerning whether the sign is identical or confusingly similar to the mark that the plaintiff has a right to.

Concerning the requirement that the appellant shall hold a right in the disputed trade or service mark, it is important to note that the UDRP does not statue any requirement that the mark is registered for protection to be obtained. In other words, the resolution even protects trade and service marks, that has received protection through incorporation.
Whether a trade or service mark is well known is also of less importance, as well as if the mark is internationally known. The size of the geographical area in which the rights apply is also irrelevant concerning registered marks. In the case of Digital City, Inc. v. Small Domain , it was enough for the plaintiff to show rights in one single jurisdiction.

That is not the situation regarding unregistered trade or service mark though. In the case of Tommy Lee v. Netico. Inc , the discussion was whether a person named Tommy Lee, who had been using the name professionally as an artist’s name, since 1981, could fall under the applicability of the UDRP. WIPO’s Final Report , makes no difference between the registered or unregistered marks, in the assessment of disloyally registered domain names. The plaintiff though, when the trade or service mark is not registered, has to prove that the mark in question meets the requirement that it has to be a well known, and that goodwill is associated with the mark.

In the assessment of whether a trade or service mark is well known, it’s taken into account, for example how long and to what extent the mark has been used on the market. As proof of the establishment of a mark on the market, consumer surveys are often being used.

In the case of the artist name, Tommy Lee, the panel considered that although the name is relatively weak as a trademark, it is a protected one, since it has been known by many for a long time, as the name of the famous rock artist, and can therefore be considered established.

Even in the case of Tribeca Film Center, Inc. v. Lorenzo Brusasco-Mackenzie , the panel found that the plaintiff, although the U.S. patent and trademark office had rejected the registration application (since the mark constitutes a geographic indication), had the right to the mark through incorporation. The name “Tribeca Film Center” had existed since 1989, and was well known in the city of New York as well as in the film industry. The plaintiff in the case was actually world famous actor and film producer Robert De Niro, who was found to be strongly associated with the mark and which, in the specific case, appears to have been the decisive factor in determining whether the mark would be considered established or not.
The Panel has also stated that it is to be considered irrelevant to the assessment, whether the trade or service mark is being used or not. However, it was found in Global Print Exhange Pte. Ltd. V. Mr. Robert Paul Solden , that a distinction between the use of the name in question as a trademark, to distinguish its goods and services, and its use to identify company or business, must be done.

5.1 Generic words as trade or service marks

It sometimes occurs that the defendant argues that the plaintiff’s mark is generic and therefore can’t be protected. For example, in the case Marketing Mix, Inc. v. Mix 27 , the dispute related to the domain name “marketingmic.com” and the term “marketingmix”. The defendant pleaded that the term is a generic industry term. In support of this pleading, a submission of results of a web-search based on the disputed term was used. The arbitrator noted, however, that it was outside his competence in such a summary process, to take consideration to whether a trademark is, or has become generic. His role was only to determine whether a trademark registration existed, which was believed to be the case. Questions about the validity of the registration of the product or the characteristics, should not be treated under the UDRP, but instead by the competent court in the case.

To a generic word, which does not have the status of a registered trade or service mark, is obviously more difficult for plaintiffs to prove their rights to. However, it doesn’t seems to be entirely impossible, though the claimant may have obtained the right ( "right of user") to the generic word, if the word has become distinctive through extensive use. Decisive is the meaning of
the relevant public's perception of the word. A very widespread use of the generic word as a trade or service mark is required, however, for such a right to arise.

After the plaintiff proved an acceptable right of the mark, the next step is to show that the domain name is identical or confusingly similar to the trade or service mark.

5.2 Identical trade or service marks

Whether the domain name is identical or not with a sign, is the easiest requirement to determine, and hence the least discussed in the cases.
The Panel has in several cases pointed out though, that smaller
changes in the domain names, does not exclude that they may be considered identical. As an example is the case of Dale Bock v. LÆ Limited , in wchich the panel stated that the domain name “las-vegas-direkt.com ", actually can be considered to contain identical terms with the trademark "las vegas", and that the
simple change in the form of a hyphen between the words do not change the perception that the marks
are identical.

In most cases though, minor differences between the mark and the domain name are considered as a risk of confusion. Removed spaces between words in a domain name depends on the domain name system and can not be considered to change the words, so that the risk of confusion disappears. For example, the domain name "worlwrestlingfederation.com" was considered confusingly similar to the mark "World Wrestling Federation” .

5.3 Confusingly similar marks

The assessment of whether a risk of confusion between the domain name and the mark, under UDRP, in my
sense differs quite a bit. In some early cases it’s stated that a comparison is made solely on the basis of the disputed domain name and mark. In a few other cases, however, the panel ruled that the comparison is not based on factual terms, but also takes into account how the marks are being used. It has also been considered relevant assessing how the domain name looks, sounds and is being perceived, why the assessment of these cases appears similar to the confusion assessment usually being made in trademark law. Such an assessment was made, in the case Yahoo . The panel took into account that the complainant's characteristics are well known and highly regarded by millions of users, with a widespread variation in the provision of goods and services. The Panel found that similarity existed regarding the sign and its use – as well as the offer of products and services.

6 Absence of right or legitimate interest in domain name – 4 a (ii)
The second condition for the plaintiff to prove, is that the defendant has no right to, or
no legitimate interest in the domain name. According to article 5 b in the UDRP, the defendant has to prove its right or legitimate interest in the domain name. In order to prove this, he or shemay refer, inter alia, to Article 4c (i) - (iii) of UDRP. As
mentioned in the Royal Crown Company, Inc. V. New York Broadcast Services, Inc. Article 4.c however, is not exhaustive, but other factors as well may be taken into account, to demonstrate a legitimate interest.
(As noted above, there’s no requirement of registration of the goods or service mark to claim rights to the domain name for any of the parties. A party may also be entitled to the name by incorporation.)

6.1 Use of the domain name in connection with sale of goods and services - Article 4.c (i)

If the defendant uses the name in connection with the sale of goods or services, before he becomes aware of the dispute, he or she may be deemed to have legitimate interest in the
domain name. Also preparations to use the domain name in connection with the offering of goods or services can be an acceptable legitimate interest to the name. I Easyjet Airline Company v. Easymaterial.com , the defendant could show a business plan and five letters from independent parties, who testified that the defendant made great preparations for the use of the domain name in connection with the offering of goods and
services, before the reach of information about the conflict. The facts of the case shows that there are relatively high demands on the defendant's evidence of plans, but that the possibility clearly exists.

Several cases shows that a legitimate interest to the domain name, can never be said to exist, through offering the same for sale. This behaviour has been a major problem for many companies, since they have had to buy "their" domain name from the parties that were simply quick to register them, and of fundamental importance to regulate.

6.2 The case when the defendant is generally known by the domain name - Article 4c (ii)

If the defendant has been unable to demonstrate any right to the trademark, a legitimate interest is deemed to exist in accordance with Article 4c (ii) if the defendant can show that he has been generally known under the domain name. One example is the case of
Stricker Corporation v. James B. Strickland,
Jr , in which the defendant had registered, and used the disputed domain name
"strick.com", which he, among others, used in communication with clients. The defendant had since his childhood been generally known by the nickname "Stricker" and the Panel therefore considered that he had a legitimate interest in the name.

6.3 The defendant's use of the domain name for non-commercial purposes -
Article 4.c (iii)

If the defendant can prove use of the domain name for a non-commercial purpose, without financial gain, attempt to mislead consumers, or offending another trademark, a legitimate interest can also be deemed to exist, in accordance with article 4 c (iii).

To register a domain, in order to criticize a company, may also give rise to the view of that a legitimate interest exists. This is only applicable on domains without any financial gain, which was the case in Ahmanson Land Company v. Save Open Space and Electronic Imaging Systems . Also the freedom to express religious views have been considered to be a non-commercial legitimate interest, as well as so-called fan-sites.

7 Registration and use of domain names in bad faith -
Article 4.a (iii)

As mentioned earlier, the intention with creating the intended UDRP, was to limit the
coverage of the convention to cases of deliberate, unfair registrations in bad faith conflicting with a trademark. Domain name registrations in good faith, such as in the case of Allocation, mentioned above, is not unfair. Domain Name Registrations, which are justified by legitimate non-commercial purposes, or the legitimate freedom of expression, can not be considered unfair. UDRP was created, and addressed to conflicts, where the party has no legitimate right to the domain name, while the other party holds such a right.

7.1 What is meant by the concept of bad faith?

Already in the first decision under the UDRP, World Wrestling Federation
Entertainmet v. Michael Bosman, it was clarified that bad faith at the time of registration has to be proved. Bad faith is defined in the case of Taylor Corporation v. TechniCard , as "the concious doing of a wrong because of dishonest purpose or moral obliquity. "
However, this definition broadened by some other cases, which instead has fixed on whether the defendant knew or should have known about a label at the time of the registration of the disputed domain name. This means that the concept of bad faith, also includes actions based on negligence.

UDRP applies also to cases where the domain name was registered in bad faith,
before the UDRP was taken into effect. In the case of Skipton Building Society v.
Peter Colman the defendant argued that the registration of the domain name had been made in 1997, when the UDRP did not even exist yet. The Panel found that "it is quite clear that the UDRP applies equally to domain names registered prior to its implementation in 1999, as to those registered after this", why the panel did not give ear to the defendant's argument.
8 Example situations of bad faith in Article 4.b

The assessment of whether bad faith has existed or not, in the individual case, is of course a difficult assessment to make. Since the panels can’t read anyone’s mind, they have to rely on circumstantial evidence and on that basis draw reasonable conclusions. As help of interpretation, article 4 b, is being used, which contains a list of circumstances indicating that the registration and use has occurred in bad faith.

8.1 Bad faith on the basis of the offer of sale or other transfer of the domain name - Article 4 b (i)

Article 4 b (i), brings up examples of evidence that for registration and use of a domain name in bad faith. One situation is when the primary purpose has been to sell, lease or transfer the domain name to the claimant, or to a competitor to him. The requested compensation for this, should have been higher than the direct costs of the domain name registration, which includes for example investigation costs, lawyer expenses and registration fees. How much the compensation must exceed the cost of the
domain name registration, for the presumption of bad faith, is not stated within the rules of the UDRP. In the case of Parfums Christian Dior v. QTR Corporation , the defendant had registered the domain name dior.org without having any link to the Dior brand. The Whois record set out, in connection to the address, that it was for sale, which clearly showed that the defendant was looking to sell the domain name. The panel considered
thereof that the respondents registration and use of the domain was made in bad faith, despite the fact that the domain name was never connected to a website or used in any other way online. In the case it was said by the arbitrator Andrew F. Christie that: "the distinction between undertaking a positive action in bad faith and acting in bad faith may seem a rather fine distinction, but it is an important one.”

8.2 Bad faith on the basis of the registration of domain names in order to prevent the holder of the rights use of the same - Article 4.b (ii)

To register a domain name, in order to prevent the holder of a trade or service mark, from using his mark as a domain name, is considered as if bad faith exists according to article 4 b (ii).

8.3 Bad faith because of the disturbance of a competitor's business –
Article 4.b. (iii)

If a domain name have been registered in order to disrupt a competitor's business, bad faith is showed in accordance with article 4 b (iii). The term competitor has been interpreted differently in the panel decisions, and in certain decisions the panel has completely omitted a position on whether the parties in dispute are competitors or not. Even on the meaning of the term "disturb", which originally was "disrupt", discussions have been made. In some cases, such as the case of Dixon Group Plc v. Mr.. Abu Abdullaah , the panel ruled that the concept of a competitor not only aimed at the person selling oroffering competing products, but that the importance also includes a person acting in opposition to another, without the requirement for commercial or business competition. Such a broad interpretation of the concept, have I not found in any other case, why it seems likely that a more restrictive approach to the concept is more common.

8.4 Bad faith because of the use of domain
names, in order to create confusion at Internet users - Article 4.b (iv)

When the domain name holder intentionally, for financial gain, is trying to attract
Internet users by using a name similar to A famous brand, creating confusion, bad faith is considered to exist. The reason for such conduct can e.g. be to use an advertising banner on a website, that generates money for each click on the page. Users are usually on the site in the belief that this belongs to the company that they really searched for.

In the case of Nokia Corporation v. Nokiagirls.com aka IBCC, it was evident that the domain name "Nokiagirls.com", was registeres and used to bring economic benefit from Nokia's well-known name. On the website there was no information on the brand Nokia, but instead there was images of Asian women in uniforms, and a large number of advertising banners, why you could assume that the defendant was bringing inmoney from the domain. The Panel considered that the defendant undoubtedly had been aware of
the plaintiff's brand, since it is one of the world's leading mobile phone manufacturers. The defendant had previously also registered the domain name "dellgirls.com", which was not exactly to his advantage. The panel considered that the defendant's conduct indicated bad faith, and that he used the domain name as 4 b (iv) describes, why the domain name was canceled.

9 Own reflections and concluding remarks

The criteria in the UDRP's Article 4 a, seems at first glance, strict and difficult to prove.
The fact is however that those who feel that they have better right to a domain name and
starts a process, in most cases, emerged victorious from the battle. Out of the UDRP applications completed for a decision of WIPO, a clear majority were decided to the
candidate's advantage. One reason for this, is that the applicant who really have a right, are in the majority among the applicants. The figures can therefore logically be said to indicate a well-functioning system, protecting the trade and service mark holders. The fact that the Internet can be considered as a relatively new medium, as well as the dispute settlement system under the UDRP, should be remembered. It is clear that there has been a large amount of domain name registrations in bad faith, especially during a period in the 1990s, when the market for this procedure was still outstanding. After the implementation of the UDRP, a lot of these cases are now considered unlawful.

However, criticism has been made against the fact that the plaintiff himself may choose to which of the dispute settlement bodies he wants to submit his application. Since the plaintiff, or applicant, typically pays the cost of the UDRP process, and he is usually the proprietor, one can consider whether the dispute settlement bodies draw economic benefit from the favor of these. This is a complex issue to determine in this thesis and I would need to know much more about the issue to have a view. But when the WIPO, which determines a clear majority of all disputes, according to the information on their website, states that about 80% of cases are settled to the plaintiff's advantage, perhaps, there is ground for this criticism. And that is, in that case very serious.

Criticism has also been directed against the fact that the UDRP system was formed in a short period of just two years, without any law as basis. However, I am of the view that
the "speed" in creating the UDRP, has to be weight against the urgent need for an alternative dispute settlement for conflicts concerning domain names, in the late 90’s.
UDRP was created as a quick solution due to this urgent need, with good results.
Furthermore, it must be remembered that the UDRP only is being used for the settlements of the simplest disputes concerning unfair registrations. The decisions are
not definitive ones, but can be transferred to court for further review. On the basis of these circumstances, one can hardly compare the development of the UDRP system, with the design of ordinary laws and dispute settlement system.

Criticism against the WIPO, on the belief that the creation of UDRP was made as an acting on behalf of the U.S. government, and that the dispute settlement process was
submitted as a new private organization to protect trademark holders, however, is in my opinion, more serious and more legitimate. It is clear that UDRP process is dominated by intellectual property interests, which might result in a favoritism of the trademark holders. This is an issue that I thought much of during my reviews of the decisions. My personal opinion is that strong brands and
large companies seems to have a clear advantage. This might partly be a result of the fact that it is more easy for a great company to obtain evidence for its advantage, partly because they can pay for more applications. In some cases it is conceivable that a strong protection of trade marks may result in p. k "reverse domain name hijacking". As an example a situation where a holder of a trademark asserts a right to a domain name, through an established brand which consists of a generic word. That financially strong companies can protect their trademarks in greater degree by massive marketing and thus get better protection through the UDRP, is of course a problem if it affects innocents. I have, however, have difficulties to find any cases where this appears to be the case, why it’s possible that it’s only a hypothetical problem.

UDRP is a procedure which is mainly determined on the written material which the
parties submits. no witnesses are heard under normal circumstances. In a significant proportion of the cases, the defendant fails to participate in the proceedings, which means that disputes without any exceptional circumstances, are determined only on the basis of the claim. This affects apparently the nature of the UDRP decisions as a source of law, which one as a reader always should bear in mind. This does not necessarily mean that the results in greater extent should be incorrect legally.

Since the procedure is based on a contract, it shall not be seen as-, or compared to, a full- scale arbitration, or any other type of lawsuit. Instead one should, according to my opinion, see the UDRP procedure as a procedure for checking the domain name registrations. One should also keep in mind that the UDRP procedure only addresses conflicts on the grounds of unfair registrations of domain names. Disputes regarding complex intellectual property issues, such as who may be considered to have better
right to a trade or service mark, is always referred to the competent court.

One obvious problem, in the review of decisions under the UDRP, is that many of these are talking against each other. This easily creates uncertainty about the interpretation. This, I believe is based on that the UDRP in certain areas is unclear and vague in the wording, which increases the possibilities for different interpretations. I still believe though that the procedure, in comparison to a long and costly court process, has many
benefits. The fact that the arbitrators have different views, or ways to interpret the text of UDRP, is also hardly unique to just UDRP panels, but is of course even common among judges in the courts.

A number of ambiguities and contradictions I have mentioned in my thesis, can be blamed on the fact that the uncertainty surrounding the interpretation of a system like the UDRP, is always highest in the beginning. It remains to be seen, whether these differences in the decisions will decrease with time.

I certainly believe that the problems mentioned above, are serious, and has to be discussed openly. If the alternative to the UDRP, as it works now, is to return to how it was before the implementation of the UDRP, a lot of many victims of “cybersquatting” would chose to pay huge sums of money to the domain name holders to obtain over the domain name. This, because waiting for a court process (though would be cheaper) would take far too long. This behavior is absolutely essential to prevent, and the preventive function of these situations, I believe that the UDRP meet.


Decisions under the UDRP


World Wrestlig federation Entertainment, Inc v. Michael Bosman,
Nr D99-0001

Madonna Ciccone, p/k/a Madonna v. Dan Parisi and ”Madonna.com”,
Nr D2000-0847

Tommy Lee v. Netico, Inc.,
Nr D2005-0915

Metabolife International v. Robert Williams,
Nr D2000-0630

Digital City, Inc. V. Smalldomain,
Nr. D2000-0796

Tommy Lee v. Netico. Inc ,
Nr. D2005-0915

Imperial College v. Christophe Dessimoz,
Nr D2004-0322

Se Amsec Enterprises, L.C. V Sharon McCall,
Nr. D2001-0083

Tribeca Film Center, Inc. v. Lorenzo Brusasco-Mackenzie,
Nr D2000-1772

Allocation Network GmbH v. Steve Gregory,
Nr D2000-0016

Marketing Mix, Inc. V. Mix,
Nr D2000-0352

Rollerblade, Inc. V. CBNO och Ray Redican Jr,
Nr D2000-0427

Den Norske Laegeforeningen v. Eivind Nag,
Nr D2000-1267

Dale Bock v. Lae Limited,

Altavista Company v. S.M.A, Inc.,
Nr D2000-0927

Gateway, Inc. v. Pixelera.com, Inc.,
Nr D2000-0109

Bayerische Motoren Werke AG v. JMXTRADE.com,
Nr D2000-1693

The Toronto-Dominion Bank v. Boris Karpachev,
Nr D2000-1571

EAuto, L.L.C. v. Net Me Up,
Nr D2000-0109

J. Crew International, Inc. v. Crew.com,
Nr D2000-0054

Digitronics Inventioneering Corporation v. @Six.Net Registered,
Nr D2000-0008

The Estate of Tupac Shakur v. R. J. Barranco,
Nr D2000-0858

Edwart Van Halen v. Deborah Morgan,
Nr D2000-1313

Tribeca Film Center, Inc. v. Lorenzo Brusasco-Mackenzie,
Nr D2000-1772

Skipton Building Society v. Peter Colman,
Nr D2000-1217

Thomas Cook Holdings Limited v. Vacation Travel,
Nr D2000-1716

Revlon Consumer Products Corporation v. Yoram Yosef aka Joe Goldman,
Nr D2000-0468

Harrods Limited v. Robert Boyd,
Nr D2000-0060

Microsoft Corporation v. Amit Mehrota,
Nr 2000-0053

Dixon Group Plc v. Mr. Abu Abdullaah,
Nr D2000-1406

Nokia Corporation v. Nokiagirls.com a.k.a IBCC,
Nr D2000-0102

ProSieben Media AG v. CPIC Net Syed Hussain,
Nr D2000-1517)

Royal Crown Company, Inc, v. New York Boadcast Services, Inc.,
Nr D2000-0315


J. Paul Getty Trust v. Domain 4 Sale & Company (Nr FA-95262), Max Cavalera v. 420 Gear, Inc.
Nr FA-96315

Carpenter Jr Walter . Clement J.D,

Nr AF-0148

Taylor Corporation v. TechniCard,

Safari Casino A.G. v. Global Interactive Ltd,

Strick Corporation v. James B. Strickland, Jr,
Nr FA-94801

Shri Ram Chandra Mission v. Shri Ram Chandra Mission,

Parfums Christian Dior v. QTR Corporation,
Nr D2000-0023

Cigna Corporation v. JIT Consulting,

Global Print Exhange Pte. Ltd. V. Mr Robert Paul Solden

Webb pages

Generic top Level Domain Memorandum of Understanding. To be found at:



Maunsbach, Ulf: Internet – ansvaret för domännamnstilldelning, Juridisk Tidskrift vid
Stockholms Universitet, Årgång 10 1998-99 Nr 2, s. 317 f.

Πέμπτη, 2 Ιουλίου 2009

Προστασία προσωπικών δεδομένων κατά τη χρήση RFID chips

Σειρά δράσεων έχει αναλάβει η Επιτροπή της ΕΕ με σκοπό την παροχή προστασίας προσωπικών δεδομένων κατά τη χρήση RFID chips, με πλέον πρόσφατη την Ανακοίνωση: Communication to the European Parliament, the Council, the EESC and the committee of the Regions: Internet of Things - An action plan for Europe (June 18 2009).

Σύμφωνα με την Επιτροπή,πρέπει να αναγνωρίζονται ορισμένα δικαιώματα στους καταναλωτές. Συγκεκριμένα, πρέπει να γνωρίζουν ποια στοιχεία στα καταστήματα είναι εξοπλισμένα με RFID τσιπ. Μετά την αγορά αυτών των στοιχείων θα πρέπει τα τσιπ να απενεργοποιούνται αυτόματα, μέσα στο κατάστημα, εκτός αν ζητήσει ρητά ο καταναλωτής να παραμείνουν σε λειτουργία.
Οι επιχειρήσεις και οι αρχές που χρησιμοποιούν τσιπ RFID, πρέπει να παρέχουν στους καταναλωτές με απλό και σαφή πληροφόρηση, έτσι ώστε να γνωρίζουν πότε, ποια προσωπικά δεδομένα (π.χ. όνομα, διεύθυνση, ημερομηνία γέννησης) και για ποιο σκοπό υπόκεινται σε επεξεργασία. Οι ενώσεις και οργανώσεις επιχειρηματιών θα πρέπει να ενημερώνουν τους καταναλωτές για την παρουσία των τσιπ στα προϊόντα, χρησιμοποιώντας κοινές επισημάνσεις. Και τέλος, οι επιχειρήσεις και οι αρχές πρέπει, πριν από την εφαρμογή των RFID τσιπ, να διενεργούν αξιολογήσεις αντικτύπου της ιδιωτικής ζωής.

Τετάρτη, 1 Ιουλίου 2009

Καταχώρηση δεδομένων κίνησης στο Ην. Βασίλειο

Το Υπουργείο Εσωτερικών του Ην. Βασιλείου δημοσίευσε τον Απρίλιο 2009 Έκθεση, σύμφωνα με την οποία δεν πρόκειται να δημιουργήσει κεντρική βάση δεδομένων για την αποθήκευση των δεδομένων κίνησης κατ' εφαρμογή της οδηγίας 2006/24.

Αντί για αυτό τα δεδομένα θα αποθηκεύονται αποκεντρωμένα από τους υπόχρεους για τη διατήρηση παρόχους επικοινωνίας από όπου ενδεχομένως, θα αποκτούν πρόσβαση σε αυτά οι αστυνομικές αρχές. Αν και η δημιουργία κεντρικής βάσης δεδομένων θα ήταν αποτελεσματικότερη μέθοδος, δεν ακολουθείται για την προστασία των πολιτών, διότι αποτελεί ισχυρή επέμβαση στα προσωπικά δεδομένα τους.

Επιπλέον, η βρετανική κυβέρνηση σχεδιάζει να υποχρεώσει τους παρόχους να διατηρούν συνδετικά δεδομένα επικοινωνίας από το εξωτερικό και να συνδυάζουν με τα εθνικά δεδομένα επικοινωνίας. Η κυβέρνηση αναγνωρίζει ότι η αποθήκευση και διατήρηση πρόσθετων δεδομένων επιβαρύνει τους παρόχους και για αυτό θέτει το θέμα σε διαβούλευση για να βρεθούν τρόποι να μειωθούν τα έξοδα για την εφαρμογή των μέτρων αυτών.

Το σχετικόα έγγραφο δημοσιεύεται στην παρακάτω τοποθεσία:


Παρουσίαση Έκθεσης Πεπραγμένων Έτους 2008 Αρχής Προστασίας Δεδομένων

Παρουσιάσθηκε σήμερα, στις 1-7-2009 η Ετήσια Έκθεση Πεπραγμένων Έτους 2008 της Αρχής Προστασίας Δεδομένων.

Ενδιαφέρον παρουσιάζουν καταρχήν τα στατιστικά στοιχεία που παρουσιάζονται. Αναφέρεται ότι το 2008, η Αρχή διεκπεραίωσε 1838 υποθέσεις, στις οποίες συγκαταλέγονται προσφυγές ή καταγγελίες, ερωτήματα, γνωστοποιήσεις και αιτήσεις για άδεια τήρησης αρχείου ευαίσθητων δεδομένων ή διαβίβασης σε χώρες εκτός Ε.Ε. Ειδικότερα, η Αρχή εξέτασε 263 προσφυγές ή καταγγελίες και 596 ερωτήματα υπευθύνων επεξεργασίας ή πολιτών σχετικά με τη νομιμότητα συγκεκριμένης επεξεργασίας ή τον τρόπο εφαρμογής της σχετικής νομοθεσίας. Ερεύνησε 892 γνωστοποιήσεις αρχείων και επεξεργασιών, από τις οποίες οι 477 αφορούσαν στην εγκατάσταση και λειτουργία κλειστών κυκλωμάτων τηλεόρασης. Χορήγησε ή ανανέωσε 87 άδειες τήρησης αρχείων ευαίσθητων δεδομένων και διαβίβασης δεδομένων σε χώρες εκτός ΕΕ και ασχολήθηκε με 44 υποθέσεις πρόσβασης και αντίρρησης σχετικά με το Πληροφοριακό Σύστημα Σενγκεν, ενώ πραγματοποίησε 5 διοικητικούς ελέγχους αρχείων και επεξεργασιών στην Εθνική Τράπεζα της Ελλάδας, την Ελληνική Αστυνομία και την εταιρεία «CALINO Α.Ε.».

Σε 24 από τις αποφάσεις της Αρχής επιβάλλονται κυρώσεις σε υπευθύνους επεξεργασίας. Σε 18 περιπτώσεις η Αρχή επέβαλε πρόστιμο το ύψος του οποίου κυμάνθηκε από 3.000 έως 150.000 Ευρώ. Συνολικά, η Αρχή επέβαλε πρόστιμα ύψους 673.000 Ευρώ. Σε 8 περιπτώσεις επιβλήθηκε η κύρωση της προειδοποίησης και σε 4 περιπτώσεις η Αρχή διέταξε την ολική ή μερική καταστροφή αρχείων δεδομένων. Η Αρχή επέβαλε τις κυρώσεις για παραβίαση κυρίως των διατάξεων που αναφέρονται στις προϋποθέσεις επεξεργασίας, τη γνωστοποίηση και την υποχρέωση λήψης άδειας επεξεργασίας ευαίσθητων δεδομένων ή διαβίβασης δεδομένων σε χώρες εκτός ΕΕ, την ενημέρωση και το δικαίωμα πρόσβασης και αντίρρησης των υποκειμένων και την ασφάλεια των δεδομένων, αλλά και των διατάξεων της Οδηγίας 1122-2000 της Αρχής για τα κλειστά κυκλώματα τηλεόρασης.

Η Έκθεση αναφέρει περαιτέρω τις κεντρικές ενότητες θεμάτων με τα οποία ασχολήθηκε, όπως είναι η πρόσβαση σε δημόσια έγγραφα, τα κλειστά κυκλώματα τηλεόρασης, ανεπιθύμητη αλληλογραφία, χρηματοπιστωτικός τομέας, εργασιακός τομέας, σύστημα πληροφοριών Σένγκεν, στοιχεία βιομετρίας.

Κατ' αντιγραφή παραθέτουμε τα συμπεράσματα της Έκθεσης:

Οι διεθνείς τάσεις και οι διαπιστώσεις με βάση τα στοιχεία της Ετήσιας Έκθεσης 2008 οδηγούν σε μια σειρά συμπερασμάτων και προτεινόμενων δράσεων για την αποτελεσματικότερη προστασία των προσωπικών δεδομένων.

1. Σε ευρωπαϊκό επίπεδο απαιτείται μελέτη για τυχόν τροποποιήσεις του θεσμικού πλαισίου ώστε αυτό να ανταποκρίνεται στις ανάγκες του 21ου αιώνα, με δεδομένο ότι από το στατικό μοντέλο επεξεργασίας περνούμε σταδιακώς στο μοντέλο της διασυνοριακής, διάχυτης, σε ορισμένες περιπτώσεις άδηλης, καθώς και πολυεπίπεδης επεξεργασίας. Ως παράδειγμα αναφέρω τα νέα ψηφιακά εργαλεία (μηχανές αναζήτησης, RFIDs, βιομετρία, υπηρεσίες γεωχωρικού εντοπισμού κ.α.), τις τεχνολογίες διάχυτου υπολογισμού, τα ιστολόγια και τις υπηρεσίες κοινωνικής δικτύωσης (όπως το Facebook), οι οποίες δεν αποτελούν απλώς υπηρεσίες διασκέδασης αλλά χρησιμοποιούνται για την ανάπτυξη νέων επιχειρηματικών μοντέλων και μοντέλων συμμετοχικής δημοκρατίας. Επίσης, το καθεστώς της παγκοσμιοποιημένης οικονομίας αναδεικνύει καινοφανή επιχειρηματικά μοντέλα που με τη σειρά τους οδηγούν σε νέες μορφές επεξεργασίας προσωπικών δεδομένων. Υπό αυτές τις συνθήκες ορισμένες έννοιες, όπως του υπευθύνου επεξεργασίας, των προσωπικών δεδομένων κλπ. χρήζουν αναθεώρησης. Τέλος, η νέα Συνθήκη της Λισαβώνας απαιτεί επανεξέταση των προϋποθέσεων νόμιμης επεξεργασίας ώστε με την κατάργηση των τριών πυλώνων της Ε.Ε. το επίπεδο της προστασίας των προσωπικών δεδομένων να ισχύσει και στον ευρύτερο τομέα της εθνικής και δημόσιας ασφάλειας. Ωστόσο μέχρι την τροποποίηση του ευρωπαϊκού θεσμικού πλαισίου απαιτείται η εξάντληση των ορίων για εύλογη και ομοιόμορφη –σε ευρωπαϊκό επίπεδο- εφαρμογή του ισχύοντος δικαίου έτσι ώστε να αντιμετωπισθούν αποτελεσματικά οι νέες προκλήσεις. Στο πλαίσιο αυτό η Αρχή αφενός συμβάλλει στη διαμόρφωση των ευρωπαϊκών θέσεων αφετέρου ακολουθεί τις απόψεις που διαμορφώνει το συλλογικό όργανο της Ομάδας Εργασίας του Άρθρου 29.

2. Οι τεχνολογικές λύσεις που επιλέγονται τόσο από τον ιδιωτικό όσο και από το δημόσιο τομέα θα πρέπει να υποστηρίζουν την προστασία των προσωπικών δεδομένων. Ο ιδιωτικός τομέας θα πρέπει να αντιληφθεί ότι η προστασία των προσωπικών δεδομένων δεν αποτελεί εμπόδιο στις συναλλαγές αλλά πτυχή της αειφόρου ανάπτυξης, μέτρο κοινωνικής ευθύνης και ανταγωνιστικό πλεονέκτημα. Ο δημόσιος τομέας θα πρέπει να προάγει την επιλογή τεχνολογικών λύσεων που κατά το δυνατό συνδυάζουν την προστασία των προσωπικών δεδομένων με τις ανάγκες της δημόσιας διοίκησης σε πληροφορία ώστε να εκτελεί τις αρμοδιότητές της. Τέτοιες τεχνολογικές λύσεις υπάρχουν και είναι εφικτές με μεγαλύτερο μεν οικονομικό κόστος αλλά με σεβασμό στα ατομικά δικαιώματα.

3. Ειδικότερα, όσον αφορά στα μέτρα για τη δημόσια ασφάλεια θα ήθελα επιπλέον να επισημάνω την ανάγκη σεβασμού από την Πολιτεία των γενικών αρχών του δικαίου, ότι δηλαδή ένα μέτρο που περιορίζει τα ατομικά δικαιώματα πρέπει να υπακούει στην αρχή της αναλογικότητας, δηλαδή να είναι πρόσφορο και πραγματικά αναγκαίο, όχι απλώς χρήσιμο, για την επίτευξη της δημόσιας ασφάλειας και βεβαίως να θεσπίζεται με νόμο. Αυτές οι γενικές αρχές αποτυπώνονται στις αποφάσεις του ΕΔΔΑ, και ο σεβασμός τους αποτελεί πλέον καταγεγραμμένο στόχο της ελληνικής δημόσιας διοίκησης στο πρόγραμμα για τη «Διοικητική Μεταρρύθμιση».

4. Όπως ελέχθη η διαχείριση από τη Δημόσια Διοίκηση των αιτημάτων πρόσβασης σε δημόσια έγγραφα δημιουργεί συγκρούσεις και σημαντική ενασχόληση στην Αρχή αλλά και σε άλλες ανεξάρτητες αρχές. Η δημόσια διοίκηση διστάζει ή και δυστροπεί να εφαρμόσει ευθέως το νόμο. Είναι όμως αληθές ότι η παράλληλη ισχύς διαφορετικών ρυθμίσεων (Κώδικας Διοικ. Διαδικασίας, Οργανισμός Δικαστηρίων, για την εισαγγελική παραγγελία, ν.2472/97 και επί μέρους νομοθετήματα) δημιουργεί δυσχέρειες στην ομοιόμορφη ερμηνεία και εφαρμογή της νομοθεσίας. Δεν αρκεί, όπως προβλέπεται, η διοικητική κωδικοποίηση των ισχυουσών διατάξεων, αλλά απαιτείται νέα εναρμονισμένη νομοθετική ρύθμιση.

5. Η υπερδεκαετής εφαρμογή του ιδρυτικού νόμου της Αρχής έχει καταδείξει την ανάγκη τροποποιήσεων με στόχο την αποτελεσματικότερη λειτουργία της. Επιβάλλεται, μεταξύ άλλων, να μελετηθούν μεταρρυθμίσεις στη σύνθεση και στις αρμοδιότητες του συλλογικού οργάνου των μελών και του προσωπικού της Γραμματείας της Αρχής, να αναθεωρηθούν ουσιαστικές διατάξεις για την στάθμιση συγκρουόμενων εννόμων αγαθών, να απλουστευθούν διαδικασίες που δημιουργούν γραφειοκρατική επιβάρυνση, να προσδιορισθούν τα κριτήρια προτεραιοτήτων κατά την έρευνα υποθέσεων, να αναθεωρηθεί το πλαίσιο των εξουσιοδοτήσεων για την έκδοση κανονιστικών πράξεων και να μεταβληθεί το βαθμολογικό και μισθολογικό καθεστώς των ελεγκτών.
Προς τούτο πρέπει να συσταθεί ομάδα εργασίας ή νομοπαρασκευαστική επιτροπή με στελέχη της Αρχής και εξωτερικούς εμπειρογνώμονες που θα καταρτίσει το πρώτο προσχέδιο νόμου. Η απασχόληση των ολιγάριθμων ελεγκτών με την τρέχουσα εργασία δεν έχει επιτρέψει την έναρξη της σχετικής διαδικασίας.

6. Ανεξάρτητα από την τροποποίηση του ιδρυτικού νόμου, πρέπει να γίνει δεκτή η υποβληθείσα πρόταση για το διπλασιασμό των οργανικών θέσεων σε μία τριετία. Με την παρούσα οργανική σύνθεση του προσωπικού η Αρχή αδυνατεί να ανταποκριθεί στην αποστολή της. Παράλληλα πρέπει να επεκταθεί το καθεστώς πλήρους και αποκλειστικής απασχόλησης, που ισχύει για τον Πρόεδρο , σε τέσσερα ακόμη μέλη της Αρχής.

7. Όπως αναφέρεται και στην προηγούμενη ετήσια έκθεση, η Αρχή οφείλει να αναπτύξει περισσότερο την προληπτική δράση της. Απαιτείται η έκδοση νέων οδηγιών και αναθεώρηση των παλαιών, διενέργεια περισσότερων διοικητικών ελέγχων, εκπόνηση ειδικών μελετών και κωδίκων δεοντολογίας στις νέες τεχνολογίες σε συνεργασία με τους αρμόδιους φορείς κάθε τομέα. Προς το παρόν η προληπτική δραστηριότητα είναι περιορισμένη λόγω ελλείψεως του αναγκαίου ανθρώπινου δυναμικού. Η παραμέληση του προληπτικού και ρυθμιστικού ρόλου της Αρχής έχει ως αποτέλεσμα τον εγκλωβισμό της στην εξέταση ατομικών παραπόνων και την αδυναμία της να είναι αποτελεσματική σε συλλογικό επίπεδο.