German Court Says GDPR Outweighs ICANN June 07, 2018, | Posted by erin

Free Quote

Call Now

Newsletter Sign Up

Sign Up

Company Cookbook

View Now

Right as companies were rushing to make sure they would be compliant with GDPR, a challenge to the tight restrictions provided in the EU regulation hit German courts, and then was quickly--within a week--shut down by those courts, which have insisted that the EU regulation takes precedence over ICANN requirements. This important case codifies the importance of the new regulation, and accordingly emphasizes the importance of continued compliance with the regulation moving forward.

In a frankly daring bid to challenge the new regulation, ICANN launched a lawsuit demanding that EPAG, a registrar based in Bonn, Germany, stop registering second-level domain names without collecting name, postal address, email address, voice phone number, and other data. The courts in Germany this week struck down that request for an injunction, stating outright that such a requirement would violate GDPR. The ruling conceded that while EPAG’s contract with ICANN--which owns directory service WhoIs--requires the collection of that information, the GDPR restrictions take precedence, and cannot be avoided; contract provisions that require breaking laws automatically become null and void.

As to how this impacts email marketing, this case establishes legal precedent for the importance of GDPR as a regulation, and in essence gives the regulation more metaphorical teeth; companies that try and insist that they need information that would be barred to them under the restrictions in GDPR will find it very difficult to get sympathy from the court. This is also going to necessarily force evolution in the way that companies do business with third-party vendors, including email marketing agencies, in the area of data collection: what can be collected, how that information can be handled, and who has access to it. The lawsuit’s rejection in court means that European countries are likely to continue to defend the regulation--even if that means that companies based internationally, or outside of EU jurisdiction and therefore not directly responsible to the regulation, have to change the way they do business.

Email marketing will continue to feel the impact of this particular regulation--and courts’ interest in protecting it and codifying it as a legal force in international business--and this case is the first of likely several that will come up in the following months to attempt to define the limits and exceptions of the regulation as it applies in different areas of digital marketing and internet development in general.

Here at Site Impact we’re going to continue following the way that courts and other venues interact with the new law, because as we’ve mentioned before, GDPR represents a massive change and shift in the way that not only governments but individuals view data collection and privacy management. We are passionate about making sure that all of our clients are as in compliance as we can help them to be--starting with our own efforts at maintaining compliance. Contact us today to find out how we can help you make sure that you won’t run afoul of this important regulation, as it gains its full power not just in the EU but globally.