The General Data Protection Regulation, commonly referred to as the GDPR, was adopted by the European Union (EU) on April 14, 2016, and went into effect on May 25, 2018. The GDPR is a legal and regulatory framework that is intended to provide enhanced protections for personal data. The GDPR applies to EU member states and to entities outside the EU that offer goods or services to individuals living in the EU and/or monitor the behavior of such individuals within the EU. The penalties for noncompliance with the GDPR’s regime can be as much as 4 percent of an entity’s total worldwide annual sales or €20 million, whichever is greater.
In the year since it has gone into effect, the GDPR has had unintended but nonetheless significant implications for trademark enforcement. It is important for intellectual property lawyers to familiarize themselves with the changes in the trademark enforcement process resulting from the application of the GDPR and to focus on new strategic considerations for trademark enforcement.