News Archives - dreyfus

Does the legal framework established by the LCEN still effectively address contemporary digital challenges, or does it reveal the limits of a system designed for a bygone Internet?

Written by Nathalie Dreyfus12/02/2026

Introduction

Adopted in 2004, the French “Loi pour la confiance dans l’économie numérique” (LCEN) laid the foundations for the regulation of the Internet in France. Nearly seven years later, the implementing decree of Article 6 II, published in 2011 (Decree No. 2011-219 of February 25, 2011), clarified the obligations relating to the retention of identification data imposed on technical intermediaries.

More than fifteen years after the entry into force of this decree, and in a profoundly transformed digital environment, the practical effects of this framework now call for renewed assessment.

The issue is no longer the long-awaited adoption of an implementing text, but rather its current relevance. In an era characterized by the massification of data, the consolidation of major digital platforms, and the expansion of European regulation, does the LCEN framework still provide an effective response to contemporary digital challenges, or does it expose the limits of a system conceived for an Internet that no longer exists?

The evolution of article 6 II of the LCEN in a transformed digital environment

The legal framework of Article 6 II of the LCEN establishes one of the pillars of French Internet law. Asserted as early as 2004, in a technological context predating the development of large platforms, this obligation was designed for an Internet with largely linear and centralized uses. However, it has been implemented in a constantly evolving digital environment, characterized by the diversification of services, the emergence of global intermediaries, and the exponential growth of data volumes processed.

By requiring access providers and hosting service providers to retain data enabling the identification of content authors, the legislator established a key counterpart to the limited liability regime applicable to technical intermediaries. This regime is based on a conditional exemption from liability, grounded in the absence of prior knowledge of the content and the obligation to act promptly upon notification, excluding any general obligation to monitor. The retention of data thus serves as the procedural counterpart to this neutrality, allowing for the subsequent identification of those responsible for infringements without transforming intermediaries into oversight actors.

This obligation is a prerequisite for the ex post identification of authors of unlawful content, without imposing any form of generalized monitoring.

However, from the outset, this framework was structurally incomplete. The legislator expressly deferred to an implementing decree the task of defining the categories of data to be retained and the applicable modalities, in order to ensure proportionality and legal certainty. The prolonged absence of this decree generated lasting legal uncertainty.

In practice, operators relied on fragmented case law and heterogeneous recommendations, resulting in uneven retention practices, sometimes excessive, sometimes insufficient. The decree was therefore expected to serve as an instrument of normative clarification and alignment with European requirements, particularly in the field of personal data protection.

An assessment of the implementing decree in light of changes in the digital ecosystem

The implementing decree of Article 6 II of the LCEN was adopted in a context radically different from that prevailing in 2004. At the time, the legislator primarily sought to regulate the first generation of hosting and access providers, within a relatively stable technical environment dominated by identifiable operators.

Twenty years later, the digital ecosystem has undergone profound transformation. Platforms have proliferated, uses have become more complex, and data volumes have reached unprecedented levels.

Against this backdrop, the detailed list of identification data categories imposed by the decree appears, with hindsight, both necessary and structurally outdated. While it initially provided much-needed formal clarification, it soon encountered the limits of a retention model designed for the early 2000s Internet.

Transposed to a 2026 environment marked by service fragmentation, automated exchanges, and the widespread use of distributed architectures, this approach has proven only partially suitable. Retention periods and modalities have been repeatedly challenged, particularly in light of contemporary principles of proportionality and data minimization.

Far from settling the debate, the decree has thus contributed over time to the emergence of structural litigation concerning the compatibility between identification requirements, personal data protection, and technical realities.

Operational impacts on digital stakeholders

Following its entry into force, the decree resulted in significant operational requirements for hosting providers, publishers and platforms including a legal obligation to retain and secure identification data. This obligation, which conditions the limited liability regime provided by the LCEN, has required operators to implement substantial technical and organizational measures. These measures particularly focus on the traceability of connections, the integrity of retained data, and its security, in accordance with Article 32 of the GDPR.

With hindsight, these obligations have formed part of a broader movement toward the standardization of compliance functions within digital actors. They have progressively been integrated into comprehensive frameworks combining requirements arising from the LCEN, the GDPR, and, more recently, European regulations governing digital services.

By 2026, this accumulation of regulatory obligations represents one of the sector’s principal operational challenges, in terms of both costs and internal legal governance particularly regarding the allocation of responsibilities, management of litigation risk, and traceability of compliance decisions.

From the perspective of intellectual property rights holders, the decree has strengthened the procedural tools allowing, under judicial oversight, the identification of perpetrators of online infringements.. The clarification regarding the categories of data retained, such as IP addresses, connection timestamps, and subscription data held by the host or registrar has improved, in several disputes, the effectiveness of actions for infringement and unfair competition.

Nevertheless, litigation experience since 2011 demonstrates that this mechanism remains largely dependent on the effective cooperation of intermediaries and judicial interpretation of their obligations. The decree has therefore not created an automatic right to identification, but rather a procedural framework whose scope varies according to circumstances.

Anticipated legal and litigation risks

The main legal risks associated with the decree implementing the LCEN relate to the delicate balance between the legitimate objective of identifying the authors of illegal content and the protection of fundamental freedoms, foremost among which are the right to privacy and the protection of personal data. In practice, these tensions have crystallized around the requirements of proportionality, which stipulate that data retention and disclosure obligations must be strictly necessary, limited in scope, and subject to effective procedural safeguards. Over time, they have given rise to extensive litigation before national and European courts, concerning both retention periods and conditions of access to data.

This is the case, for example, in this ruling dated March 25, 2021 (Cass. civ. 2e, March 25, 2021, No. 18-18.824), in which the French Cour de Cassation clarified the conditions for accessing identification data. In this case, the High Court was asked to rule on a request for disclosure of data made by a private party in a civil dispute, based on the obligations arising from Article 6 II of the LCEN. The Court ruled that the retention obligation established by the LCEN does not confer on individuals an automatic right of access to data, but is subject to a strict procedural framework, subject to judicial review. It thus reiterates that the disclosure of identification data must comply with the principles of proportionality, purpose and necessity, in accordance with the requirements of both domestic and European law. This decision illustrates the Cour de Cassation’s desire to maintain a balance between the effectiveness of the fight against illegal content and the protection of personal data. In practice, it limits the possibilities for direct identification by rights holders and strengthens the role of the judge as the guarantor of this balance.

Conclusion

Long awaited, the implementing decree of Article 6 II of the LCEN has undeniably contributed to structuring obligations relating to the retention of identification data in France. With more than fifteen years of application, however, it appears that it has constituted neither a definitive solution nor an instrument fully adapted to digital transformations.

While it has strengthened the traceability of online activities, it has also intensified tensions with data protection law and multiplied areas of litigation, particularly in relation to proportionality, liability, and data governance.

In an environment increasingly shaped by European regulation and global platform dynamics, this framework reveals the limits of an essentially national approach. It calls upon digital stakeholders to adopt an integrated legal strategy combining compliance, risk management, and anticipation of regulatory developments.

Dreyfus & Associés assists its clients in managing complex intellectual property cases, offering personalized advice and comprehensive operational support for the complete protection of intellectual property.

Dreyfus & Associés works in partnership with a global network of attorneys specializing in Intellectual Property.

Nathalie Dreyfus with the support of the entire Dreyfus team

Q&A

1. Are all platforms subject to the obligations of Article 6 II of the LCEN?

No. The applicable regime depends on the qualification of the actor: hosting provider, publisher, access provider, or hybrid operator. In practice, many services combine multiple functions, making classification more complex. Each service must be assessed individually, taking into account its actual role in content publication and control.

2. Are LCEN retention obligations compatible with the GDPR?

In principle, yes, subject to strict conditions. Retention must be based on a legal ground, be necessary and proportionate, and comply with the principles of minimization and storage limitation. The main risk lies in excessive precautionary retention, which may expose operators to GDPR litigation and proportionality challenges.

3. Under what conditions may a judge order the disclosure of identification data?

In practice, courts require targeted requests justified by a legitimate purpose (e.g., identifying the author of unlawful conduct) and subject them to strict necessity and proportionality review.

4. Do LCEN obligations apply to actors established outside France?

Potentially, depending on connecting factors such as targeting of the French public, activities directed toward France, or the presence of infrastructure or establishments. Enforcement may be more complex, reinforcing the relevance of European mechanisms such as the DSA and cross-border cooperation tools.

5. Do artificial intelligence and automation affect identification obligations?

They primarily affect scale and speed, through automated moderation, abnormal behavior detection, and event correlation. However, they do not reduce legal obligations. On the contrary, they require enhanced governance, including minimum explainability, human oversight, and decision traceability.

This publication is intended to provide general guidance and highlight certain issues. It is not intended to address specific situations and does not constitute legal advice.

Written by Nathalie Dreyfus11/02/2026

Introduction

In 2026, filing a trademark is no longer merely about “reserving a name.” The filing has become a fully-fledged legal and strategic act, directly engaging the applicant’s responsibility and determining the future strength of the portfolio. This evolution results from a now-structuring triptych : the continuous increase in trademark filings, the tightening of office practices (INPI, EUIPO, and foreign offices), and the rise of opportunistic behaviour.

A poorly anticipated strategy exposes applicants to refusals at the examination stage, multiple opposition proceedings, and subsequent invalidity or revocation actions. Above all, registration only confers a presumption of ownership. A trademark may be registered without opposition due to the absence of monitoring, and later challenged once the project is already established, thereby jeopardising substantial marketing investments.

In 2026, the objective is therefore clear : to file more effectively and manage rights proactively. This requires securing registration, structuring the portfolio, anticipating evidence, and organising enforcement within a sustainable framework.

Distinctiveness, descriptiveness, and bad faith : securing the validity of the filing

The tightening of practices relating to distinctiveness and descriptiveness has become a fundamental parameter. Offices and courts now require more strictly that a sign fulfil its essential function of indicating commercial origin. This severity is directly linked to the progressive saturation of registers, with filings having tripled over the past twenty years.

Signs closely related to professional jargon, evoking product characteristics, or bearing strong sector-specific connotations are now subject to heightened scrutiny. Assessment is carried out exclusively as of the filing date, based on the perception of the relevant public, without any binding precedent drawn from earlier registrations.

This requirement fully extends to descriptive signs. In this respect, the cancellation by the EUIPO of OpenAI’s “GPT,” “GPT-3,” “GPT-4,” and “GPT-5” trademarks provides a particularly significant illustration. The Office held that the term “GPT,” meaning “Generative Pre-Trained Transformer,” refers to a language model architecture based on machine learning commonly used in artificial intelligence. Due to its widespread use to describe a technology rather than a commercial origin, the term was deemed generic and devoid of distinctive character.

At the same time, bad faith has become a central ground in trademark litigation. Authorities examine, in particular, knowledge of prior rights, lack of intent to use, refiling strategies, and the appropriation of abandoned trademarks. Attempts to revive “zombie” trademarks are assessed in light of the economic context and the effective reputation at the filing date.

Securing the validity of a filing therefore requires thorough preliminary analysis, addressing both the inherent distinctiveness of the sign and the risk of challenges based on bad faith.

Use and proof of use : anticipating enforcement from the outset

Consistency between the specification and actual or foreseeable use has become a major vulnerability in 2026. From the filing stage, the owner must anticipate the creation of a structured evidentiary file.

This file should include tangible materials : commercial documents, packaging, labels, invoices, catalogues, marketing content, affidavits, studies, and quantitative data. Their probative value is enhanced when they clearly indicate the trademark, date, relevant products, and territory.

Such anticipation is strategic. In certain jurisdictions, use directly conditions the validity or maintenance of rights. Moreover, once a trademark is more than five years old, adversaries may request proof of use in various procedural contexts.

The concept of sub-categories reinforces this requirement. Where a specification covers a broad category, use may need to be demonstrated for each relevant autonomous sub-segment. Exploitation of a single product does not necessarily preserve rights for the entire scope.

Evidentiary anticipation thus becomes a core pillar of portfolio governance.

Specifications and foreign office practices : focus on the United States and Canada

In the United States and Canada, drafting the specification represents a major procedural issue. Compliance with administrative standards directly affects costs, timelines, and objection risks.

Since 2025, the USPTO has imposed a structural choice : reliance on pre-approved terms from the Trademark ID Manual or use of customised wording. The former facilitates processing and reduces fees, while the latter entails stricter examination and increased risk of provisional refusals.

Canada applies a comparable approach, with heightened scrutiny of goods and services within an increasingly automated examination framework.

In this context, a specification drafted solely in accordance with European standards may prove inadequate. Integrating North American constraints from the outset often avoids fragmented and costly internationalisation.

Clearance searches and territorial strategy

Clearance searches have become an indispensable preventive investment. Filing without a serious search, or based on informal checks, exposes applicants to disproportionate risks.

In a saturated environment, thorough searches help identify potential obstacles, adapt the sign, strengthen distinctiveness, or adjust the specification before significant financial commitments are made.

Territorial strategy must be developed concurrently. Limiting protection to the country of headquarters is no longer sufficient. Production countries, distribution markets, and structurally high-risk regions must be considered.

Cumulative protection and portfolio structuring

Protection based solely on a word trademark is not always optimal. Depending on the sector, cumulative rights significantly enhance overall defensibility.

Trademarks protect distinctive signs. Designs protect appearance. Figurative or semi-figurative trademarks secure visual elements. Each title has its own criteria and provides complementary enforcement tools.

In creative industries, particularly fashion and cosmetics, this combination enables more effective responses to duplication and parasitic practices.

The European design law reform, gradually applicable from 2026, further reinforces the value of an integrated and anticipatory approach.

Rationalisation and optimisation : audit and article 4bis of the Madrid Protocol

In 2026, portfolio management requires strategic oversight. Audits enable assessment of alignment between actual activities and registered rights, identification of vulnerabilities, and elimination of unnecessary costs.

Duplication situations, particularly resulting from Brexit, illustrate the importance of this approach. Without audits, redundant rights continue generating expenses without added value.

Article 4bis of the Madrid Protocol offers an additional rationalisation tool. Under strict conditions, it allows an international registration to replace national rights while preserving priority.

Use assimilation strengthens continuity. However, dependency periods and varying office practices require cautious and well-documented implementation.

Conclusion

In 2026, trademark strategy rests on a demanding balance between legal security, risk anticipation, and cost control. Filing represents a structuring investment requiring rigour, territorial coherence, drafting precision, and evidentiary organisation.

Protection does not end with registration. It requires active management, regular audits, and continuous monitoring policies to preserve the long-term distinctiveness and economic value of signs.

Dreyfus & Associés supports its clients in managing complex intellectual property matters by providing tailored advice and comprehensive operational support for the full protection of intellectual property rights.

Dreyfus & Associés works in partnership with a global network of specialised intellectual property lawyers.

Nathalie Dreyfus, with the support of the entire Dreyfus team.

Q&A

1. What checks should be carried out before investing in a “short” sign to limit cascading oppositions ?

Beyond identity searches, phonetic and visual proximity, registry density in relevant classes, and the descriptive load of the sign must be analysed to assess real multi-front risk.

2. How can a specification be calibrated when offerings evolve rapidly ?

It is preferable to reason in terms of foreseeable commercial uses and sub-categories, covering core activities and realistic extensions while avoiding generic formulations likely to trigger objections or bad faith claims.

3. What warning signs indicate a risk of invalidity for bad faith before filing ?

Disproportionate specifications, lack of a credible exploitation project, a history of defensive filings without use, or conflict contexts (former partners, employees, distributors) are major red flags.

4. When should trademark monitoring be implemented, and with what minimum scope ?

From filing, ideally at launch, as lack of monitoring may allow oppositions to lapse. A baseline covering trademarks, company names, and domain names in key territories limits unexpected challenges.

5. When is a figurative or position trademark more wise than a word trademark alone ?

When the verbal element is weak or overcrowded, protection of a distinctive visual configuration or position may provide a stronger enforcement angle.

This publication aims to provide general guidance to the public and highlight certain issues. It is not intended to apply to specific situations or constitute legal advice.

Written by Nathalie Dreyfus11/02/2026

Introduction

An intellectual property due diligence is conducted prior to major corporate transactions, such as acquisitions, mergers, fundraising operations, or asset disposals. Its purpose is to assess the legal and financial status of a company’s intellectual property assets before any strategic decision is made, thereby serving a fundamentally transactional function.

Too often perceived as a mere documentary audit, intellectual property due diligence in fact directly determines the valuation of intangible assets, the stability of transferred rights, and the control of future legal and financial risks.

Why is intellectual property due diligence a strategic asset?

Intellectual property represents a key component in the valuation of innovative companies, particularly in technology-driven and creative industries. An intellectual property due diligence goes far beyond the mere verification of registered rights. It secures investments by assessing the impact of legal risks on the contemplated transaction.

This process includes the review of claimed rights (trademarks, patents, licenses, and related assets), verification of their enforceability, and the identification of vulnerabilities that may affect asset valuation or transaction terms.

From a litigation risk perspective, IP due diligence also evaluates the potential impact of ongoing or foreseeable disputes, including counterfeiting actions, opposition proceedings, and collective actions, on the purchase price, the stability of transferred rights, and the management of warranties and indemnities. For instance, unresolved disputes may justify price reductions or the implementation of compensation mechanisms.

By anticipating financial exposure, due diligence enables the parties to adjust their negotiation strategy, minimize risks, and secure the transaction. It further facilitates the implementation of appropriate safeguards, such as indemnification clauses, limitation of liability provisions, and price adjustment mechanisms.

How to structure an effective intellectual property due diligence process?

An effective intellectual property due diligence relies on a clearly defined scope to ensure strategic relevance. Prior to starting the review, it is essential to determine the transactional context, taking into account the parties’ objectives, the relevant jurisdictions, and the strategic technologies or trademarks involved.

Competitive dynamics and regulatory constraints must also be assessed, as they may affect the management and enforceability of IP rights. This preliminary framework allows the analysis to focus on the most critical assets for the transaction.

The success of the process further depends on the quality and reliability of the collected information. A structured data repository is essential to centralize key documentation, including registration certificates, assignment and license agreements, confidentiality provisions, and invention disclosure records.

Access to such documentation enables a comprehensive understanding of ownership, exploitation modalities, and associated legal risks.

Which assets and risks should be prioritized?

The review of trademarks and domain names generally forms the cornerstone of the analysis. It involves verifying actual ownership, registration validity, territorial scope, exposure to opposition proceedings, and ongoing disputes. A strategically important trademark that has not been renewed may expose the acquirer to an immediate loss of rights.

Patent and innovation audits require both technical and legal expertise. They involve reviewing chains of title, employee inventions, joint ownership arrangements, cross-licensing agreements, and freedom-to-operate assessments. A patent that is formally valid but easily circumvented may suffer a significant loss of value.

With regard to copyrights, software, and databases, it is essential to review development agreements, assignments, open-source licenses, and compliance with data protection regulations, including GDPR requirements. Regulatory non-compliance may constitute a major transactional obstacle.

A comprehensive due diligence must also include an analysis of past, ongoing, and potential disputes, including court proceedings, cease-and-desist letters, administrative oppositions, arbitration proceedings, and settlement agreements. All latent risks must be carefully identified, quantified, and documented in order to assess their potential impact on the transaction.

How to leverage the results from a legal and financial perspective?

To ensure effective legal and financial use of due diligence findings, a structured and operational report must be prepared. This report should not be limited to an inventory of rights and risks, but must include risk prioritization, criticality assessments, practical recommendations, and impact scenarios.

Each issue should be presented in a manner that enables decision-makers to take informed and timely action.

The conclusions of the due diligence must then be incorporated into the negotiation process. They serve as the basis for drafting representations and warranties, indemnification clauses, conditions precedent, price adjustment mechanisms, and post-closing commitments.

Finally, due diligence should lead to the implementation of a remediation plan, including title regularization, contractual restructuring, supplementary filings, targeted enforcement actions, and strengthened internal compliance policies. In this way, intellectual property due diligence becomes a strategic tool for correcting, securing, and optimizing intangible assets within a transactional framework.

Conclusion

Mastering intellectual property due diligence has become an essential strategic competence for any company involved in a major corporate transaction.

A rigorous, cross-disciplinary, and well-documented approach not only reduces legal risks, but also enhances asset valuation, strengthens negotiation positions, and secures investments.

Dreyfus & Associés works in partnership with a global network of attorneys specializing in Intellectual Property.

Nathalie Dreyfus with the support of the entire Dreyfus team

FAQ

1. Is intellectual property due diligence legally mandatory?
No. Intellectual property due diligence is not legally mandatory. However, it constitutes a fundamental duty of care for any acquirer or investor seeking to limit liability and secure their investment.

2. Can an incomplete due diligence engage directors’ liability?
Yes. Where demonstrable harm is established, insufficient due diligence may be characterized as a breach of directors’ duties or a failure in corporate governance.

3. Can unregistered intellectual property rights be transferred?
Yes, subject to precise and duly formalized contractual arrangements. Nevertheless, the absence of registration significantly weakens enforceability against third parties.

4. Should a due diligence include social media assets?
Yes. Official accounts, usernames, content, and online communities now constitute strategic assets in their own right and must be duly assessed.

5. Should trademark coexistence agreements be reviewed?
Absolutely. Such agreements may restrict future exploitation and materially affect post-acquisition commercial strategy.

The purpose of this publication is to provide general guidance to the public and to highlight certain issues. It is not intended to apply to particular situations or to constitute legal advice.

Written by Nathalie Dreyfus10/02/2026

Introduction

When considering filing a figurative trademark (logo, image, or graphical sign without words), a fundamental question arises: Are they automatically valid? The answer, under French and European trademark law, is negative. The validity of a figurative trademark depends on specific legal criteria related to its ability to identify the commercial origin of a product or service, as demonstrated in the French Intellectual Property Code, European Union law, recent case law such as the decision in Mercedes-Benz Group AG v. EUIPO (Case T 400/24) of March 19, 2025, and the practices of trademark offices (INPI, EUIPO, etc.).

What is a figurative trademark?

A figurative trademark consists exclusively of graphical elements, designs, logos, symbols, colors, without any independent verbal element (text). It aims to visually protect a sign that distinguishes the products or services of one company from those of its competitors.

Alongside the figurative trademark, we distinguish:

• The verbal trademark: composed solely of words or letters.
• The semi-figurative trademark: a combination of text and visual elements.

This distinction is important because while the validity requirements are generally common under substantive law, they are applied differently depending on the type of sign being filed.

Legal conditions for the validity of a figurative trademark

For a figurative trademark to be considered valid and registered, it must meet several cumulative conditions.

Distinctiveness

Distinctiveness is the primary requirement; the trademark must allow consumers to identify the commercial origin of a product or service. It should not be descriptive, generic, or purely functional.
An arbitrary or stylized logo, unrelated to the products/services, generally presents strong distinctiveness. However, a graphic representing the product itself or an expected feature of the product is rarely considered distinctive.

Legality and public order

As shown in Article L711-3 of the French Intellectual Property Code, the trademark must not be contrary to public order or morals. It must also be lawful and not infringe on existing rights (e.g., personality rights, state arms, international agreements).

Availability

A figurative trademark cannot be registered if identical or similar prior trademarks already exist in the same product or service classes. Thorough searches for prior rights are essential before filing.

Jurisdictional illustrations of refusals or acceptances: the Mercedes-Benz Group AG v. EUIPO Case (Case T 400/24) of March 19, 2025

Facts

In this case, Mercedes-Benz sought to register as an EU trademark (EUTM no. 018805110) representing an off-road vehicle driving up a slope, for products in Class 12 (vehicles, spare parts, tires) and Class 18.

However, the EUIPO partially refused the application due to a lack of distinctiveness for products in Class 12. The Board of Appeal upheld this refusal on the grounds that the sign represented a typical image of an off-road vehicle in a situation and did not contain any distinctive elements to indicate commercial origin to consumers.

EUIPO Tribunal decision

In its decision of March 19, 2025 (Case T 400/24), the EUIPO Tribunal rejected Mercedes-Benz’s appeal, confirming that the sign lacked distinctiveness under the EU Trademark Regulation 2017/1001.
In its reasoning, the Tribunal recalled case law stating that a sign closely inspired by usual representations of the product itself can only be considered distinctive if it deviates significantly from the visual norms of the sector. The drawing in question was not sufficiently different from the usual representations of an off-road vehicle for the relevant public to associate it with a particular commercial origin.

The simplicity and generic nature of the image reinforced the absence of distinctiveness, even though the target public pays attention to the concerned products.

Scope of the decision

This decision illustrates the high level of distinctiveness required for figurative trademarks representing the product or its expected performance.

A drawing that merely represents the product in a conventional or generic manner, without sufficiently unique or unusual elements, is likely to be deemed devoid of distinctiveness and thus ineligible for registration as a trademark.

Strategies to Maximize the Validity of Your Figurative Trademark

Here are some best practices based on practical experience and case law:

• Design an original visual sign: A drawing or logo that deviates from usual product/service representations makes registration easier.

• Combine distinctiveness and creativity: Unusual stylization, distinctive graphic elements, or a unique composition enhance distinctiveness.

• Conduct a prior search: Before filing, an exhaustive search of existing trademarks (both verbal and visual) reduces the risks of opposition or refusal.

• Consider multiple filings: Filing both a verbal trademark and a semi-figurative trademark can strengthen protection, especially for trademarks that rely on both a logo and a name.

Conclusion

Not all figurative trademarks are automatically valid. Their legal validity primarily depends on their distinctiveness, compliance with public order, and availability relative to prior rights. A generic or overly descriptive logo will often be refused registration, while an original and distinctive design will result in solid protection.

To ensure successful registration and safeguard your rights, it is essential to create a strong visual sign and conduct the necessary checks before filing.

Dreyfus & Associés works in partnership with a global network of attorneys specializing in Intellectual Property.

Nathalie Dreyfus with the support of the entire Dreyfus team

Q&A

1. Is a simple logo always valid as a figurative trademark?
No, it must also be distinctive and non-descriptive to be registrable.

2. Can a figurative trademark be refused for reasons other than lack of distinctiveness?
Yes, it can be refused if it contravenes public order, is already used by another party, or does not meet the conditions of representability or legality required by law.

3. Can I modify a figurative logo already filed?
Any significant change generally requires a new filing.

4. Is a drawing very similar to an existing one valid?
No, if it creates similarity with a prior trademark, registration may be refused or the act annulled.

5. Can a color alone constitute a figurative trademark?
Yes, but the color must be specifically claimed and presented with international codes (e.g., Pantone).

This publication is intended to provide general guidance to the public and highlight certain issues. It is not intended to apply to specific situations or constitute legal advice.

Written by Nathalie Dreyfus09/02/2026

In an economic landscape where corporate value is increasingly derived from intangible assets, intellectual property (IP) litigation is becoming significantly more complex. The increasing judicialization of business, coupled with the technical intricacies of emerging digital challenges (Web3, AI, Data), imposes a requirement for absolute rigor upon legal practitioners. For international lawyers, General Counsels, and decision-makers, relying on standard technical support is no longer sufficient; it has become imperative to collaborate with professionals whose competence is recognized and validated by the highest jurisdictions.

It is in this context that the dual status of Court-Appointed Expert to the Cour de cassation (French Supreme Court – Specialization: Trademarks) and Expert to the Paris Court of Appeal (Specialization: Trademarks, Designs & Models) assumes its full strategic dimension. Beyond the honorific title, it represents a probative methodology and an anticipatory vision of judicial risk that are placed at the service of corporate strategy. This qualification offers reinforced legal certainty, which is essential for preserving the professional liability of legal counsel and ensuring the enforceability of rights holders’ assets.

The status of court-appointed expert: a guarantee of technical excellence and ethics

Inclusion on the lists of judicial experts is not a mere administrative formality. It is the culmination of a drastic selection process, validating indisputable technical competence and absolute moral probity.

Being a Court-Appointed Expert to the Cour de cassation constitutes the highest level of recognition for a legal technician in France. This implies that the highest court in the French judicial order recognizes the expert as an authority in their specialization. Similarly, accreditation by the Paris Court of Appeal, the central jurisdiction handling the vast majority of IP litigation in France, attests to a proven practice in complex cases.

For the lawyer or the final client, collaborating with a Court-Appointed Expert offers three major guarantees, indispensable to the solidity of a file:

Independence: The expert is bound to total objectivity, a pledge of credibility when establishing reports or audits.
Technical Competence: Mastery of the most specific aspects of the matter (distinctiveness, likelihood of confusion, revocation, materiality of infringement).
Ethics: Strict adherence to the guiding principles of the trial, notably the adversarial principle (due process), which permeates their entire practice, even in advisory roles.

You may verify these official registrations via the justice directories:

The added value of the judicial expert in the lifecycle of IP rights

A common misconception is that the Court-Appointed Expert only intervenes once litigation has arisen. On the contrary, it is precisely upstream, in the daily management of portfolios, that the judicial expert’s mindset provides superior legal certainty. Each act is performed with the perspective of its future enforceability before a tribunal.

Audit and availability searches: the judge’s eye before the trial

A standard availability search lists potential obstacles. A search conducted with “the eye of the Court-Appointed Expert” qualifies the risk with the perspective of the magistrate. The expert, accustomed to enlightening tribunals, understands how trial judges appreciate in concreto the similarity of signs or goods and services.

When analyzing your trademark availability searches, we do not merely apply theoretical criteria. We evaluate the probability that a judge would retain a likelihood of confusion, integrating the most recent jurisprudential trends. This allows for the elimination of false positives (theoretical risks that are judicially weak) and the identification of genuine litigation risks, thus protecting the company against future nullity actions.

Filings and procedures: procedural rigor at the service of protection

The solidity of an industrial property title is determined at the moment of its filing. A poorly drafted specification or imprecise classification constitutes a breach into which the opposing party will step during a nullity or revocation action.

The practice of pathological litigation teaches us a contrario how to draft robust wordings. We anticipate arguments of non-use or lack of distinctiveness. This preventive approach is at the heart of our trademark law practice, where each class is weighed to withstand the “fire” of judicial proceedings, guaranteeing maximum enforceability of the title. This is essentially legal engineering designed to preclude future vulnerability.

Management and valuation: credibility in audits (M&A)

In the context of Mergers & Acquisitions (M&A) or fundraising, the valuation of IP assets is critical. The intervention of an Expert appointed to the Cour de cassation to audit a portfolio provides a major “trust signal” to investors and auditors.

The financial valuation of trademarks requires rigorous methodology (relief from royalty method, excess earnings method, etc.) which the judicial expert masters perfectly for regular presentation before the courts. This rigor secures the valuation and strategy and minimizes the risks of liability warranties, thereby protecting the professional liability of the business lawyers managing the transaction.

Surveillance and defense: qualifying infringement with precision

Online brand enforcement often generates significant “noise.” Distinguishing between a minor infringement and a substantiated counterfeiting case requiring immediate action is crucial for cost control and defense strategy.

The Court-Appointed Expert possesses the necessary acuity to detect the constitutive elements of infringement (identical reproduction, imitation, risk of association) and to compile a body of probative evidence. This precise qualification allows for advising on the most adapted gradual response, from the cease-and-desist letter to the seizure (saisie-contrefaçon), avoiding reckless threats that could lead to liability for disparagement.

The synergy between lawyers and IP attorneys in complex litigation

The success of intellectual property litigation often rests on the alliance between the procedural strategy of the lawyer and the technical analysis of the Trademark Attorney (CPI). When a specialized lawyer collaborates with a CPI holding the status of Court-Appointed Expert, they significantly reinforce the probative value of their file.

This technical collaboration materializes at several levels:

Expert Consultation (Party-Appointed Expertise): Even before the introduction of proceedings, we can draft an independent technical consultation. Although produced at the request of a party, the signature of an Expert appointed to the Cour de cassation confers major technical weight upon the document. This report serves to objectify technical facts and provides the lawyer with robust arguments for their pleadings, which can be pivotal in IP litigation advice.
Assistance during Saisie-Contrefaçon (Seizure): The preparation of the motion and assistance to the Bailiff during operations require surgical precision to avoid the nullity of the official report. Judicial expertise ensures scrupulous respect for the limits of the court order and the accurate description of material facts.
Validity Analysis and Counterclaims: In a defense strategy, we assist the lawyer in identifying technical flaws in the opposing party’s patent or trademark (prior art, lack of novelty, descriptiveness) to construct a solid counterclaim for nullity.

This synergy allows for the delivery of a “turnkey” file to the judge, where law and technique articulate perfectly, maximizing the chances of success.

FAQ: The judicial expertise in practice

What is the difference between a Party-Appointed Expert and a Court-Appointed Expert?
The Court-Appointed expert is designated by the judge to enlighten the tribunal on a technical question with total impartiality. The Party-Appointed expert is retained by one of the parties. However, when the party expert also holds accreditation from the Cour de cassation or Court of Appeal, their private consultation benefits from superior moral and technical authority. They remain bound by their ethics and duty of rigor, which confers greater probative force to their analysis than a simple technical note.

How does judicial expertise secure a trademark financial valuation in an M&A context?
The financial valuation of intangible assets is often contested by tax authorities or during shareholder disputes. The judicial expert applies standardized methodologies recognized by the courts. Their valuation report is argued, documented, and justified point by point. In the event of an audit or post-acquisition litigation, this report constitutes a master piece of evidence to justify the transfer price, thus protecting executives and their legal counsel.

Can we retain a Court-Appointed Expert for a private consultation before litigation starts?
Yes, and it is highly recommended. Retaining a Court-Appointed Expert for a pre-litigation consultation allows for an objective assessment of the chances of success of an action (analysis of the materiality of infringement, validity of the title). This enables the lawyer and client to define the best strategy: settle, attack, or withdraw. It is an indispensable risk management tool to avoid long, costly, and uncertain proceedings.

What is the role of the expert during a saisie-contrefaçon?
During a seizure, the Bailiff describes what they see, but they do not always possess the technical competence to identify specific elements of infringement, particularly in complex fields (software, designs). The expert assisting the Bailiff guides them to ensure that the seized evidence corresponds exactly to the judge’s order, thus avoiding out-of-scope seizures that could lead to the nullity of the report.

Why trust Dreyfus Law Firm

Dreyfus Law Firm is not merely a firm of Trademark Attorneys; it is a reference in Intellectual Property and Digital Law.

Founded by Nathalie Dreyfus, Expert to the Cour de cassation and Expert to the Paris Court of Appeal, the firm combines the agility of a dedicated team with the power of a global network. Our transversal approach allows us to accompany lawyers and legal departments across the entire value chain: from filing strategy to aggressive defense of rights on the Internet (Domain names, UDRP, Phishing) and in the physical world.

Choosing Dreyfus means choosing the security of technical expertise recognized by the highest French jurisdictions to protect your most valuable assets and secure your litigation strategies.

Are you a lawyer or General Counsel looking to secure the technical aspect of a complex file?

Dreyfus & Associés is a partner of a global network of lawyers specializing in Intellectual Property.

Written by Nathalie Dreyfus05/02/2026

Introduction

The protection of plant varieties is a major strategic issue for breeders, seed companies, research institutes and investors. Within the European Union, the plant variety right (PVR) provides a harmonised, demanding and highly technical legal framework. Certain mistakes—often made prior to filing—may result in the definitive loss of rights.

It was Regulation (EC) No. 2100/94 of 27 July 1994, known as the Basic Regulation, which established at EU level a specific system for the protection of plant varieties, referred to as the Community Plant Variety Protection system (CPVP).
This system provides for the grant of a single intellectual property title: the Community Plant Variety Right (Community PVR), issued by the Community Plant Variety Office (CPVO), the sole authority competent at EU level for implementing this protection system.

Unlike national plant variety rights, which are granted by national offices and are strictly limited in territorial scope to the State concerned, the Community plant variety right allows, through a single filing, the securing of exclusive rights covering the entire European market.

The purpose of this article is to provide a comprehensive, structured and chronological checklist designed to anticipate risks and to effectively secure an application for plant variety protection within the European Union.

Ensuring, at an early stage, that the variety is eligible for protection

Before taking any steps, it is essential to verify that the variety in question actually meets the conditions for protection under EU law. Above all, the variety must result from a characterised breeding activity, excluding any mere discovery.

Beyond this initial assessment, attention must focus on compliance with the fundamental criteria for protection: novelty, distinctness, uniformity and stability.
• Novelty requires that the variety has not been commercialised, with the breeder’s consent, beyond the authorised time limits prior to filing. Even limited or indirect marketing may be sufficient to destroy novelty.
• Distinctness means that the variety must be clearly distinguishable from any other known variety at the filing date, by at least one relevant and observable characteristic.
• Uniformity requires that the plants constituting the variety show sufficient consistency in the expression of their characteristics, taking into account the mode of reproduction.
• Stability, finally, means that the essential characteristics of the variety remain unchanged after repeated propagation or at the end of each cycle of reproduction.

These criteria are assessed globally as part of the technical examination conducted by the CPVO. The absence of any one of them is sufficient to justify rejection of the application.

In practice, novelty is very often the main point of concern. Any marketing activity, even on a limited scale, occurring prior to filing may lead to an irreversible loss of rights. Field trials, exchanges of plant material or inadequately controlled technical communications are frequently at the origin of subsequent difficulties.

Securing ownership of the plant variety right from the outset

Ownership of rights is a central issue in the plant variety protection procedure. It is essential to identify precisely the breeder in the legal sense, whether a natural person or a legal entity.

Where the variety results from collective work involving employees, industrial partners or research institutes, an in-depth analysis of the contractual relationships is required. Employment contracts, collaboration agreements or research conventions may contain decisive clauses regarding ownership of results. In the absence of prior clarification, the applicant exposes itself to subsequent claims likely to seriously weaken the protection.

Formal requirements for filing

The preparation of the filing dossier should not be treated as a mere administrative formality. It requires the collection of precise and consistent technical information relating to the variety, its origin and its breeding method.

The filing dossier notably includes:
• the full identity of the breeder and, where applicable, its representative,
• the exact botanical designation of the variety,
• the proposed variety denomination, compliant with European rules,
• a detailed technical questionnaire specific to the species concerned.

Particular care must be taken with the variety denomination. This is subject to specific rules, distinct from trademark law, and must allow clear, stable and non-misleading identification of the variety. A poorly chosen denomination may give rise to objections, delay the procedure or result in refusal.

Applications before the CPVO may be filed in several official EU languages; however, English remains the preferred working language.
Representation by a specialised advisor helps to avoid formal irregularities likely to delay the procedure.

Filing the application and conduct of the procedure before the CPVO

Once the application has been filed and the fees paid, a formal examination is carried out before the technical examination phase is opened. This phase involves the designation of a competent examination office for the species concerned, responsible for carrying out the distinctness, uniformity and stability tests.

The choice of this office may have a significant impact on the duration of the procedure and on subsequent technical exchanges. In addition, the timely submission of plant material in accordance with the required conditions is a critical step. Any failure in this respect may result in rejection of the application or a substantial extension of time limits.

The DUS Examination: a lengthy and decisive phase

The DUS examination lies at the heart of the plant variety protection procedure. It is based on in-depth comparative tests, generally spread over several growing cycles.
In practice, this examination is entrusted to an authorised examination office competent for the species concerned, in accordance with Article 55 of the Regulation.

The examination generally involves:
• the supply of compliant plant material,
• trials conducted over one or more growing cycles,
• strict adherence to a timetable, which varies depending on the species and the filing period.

The duration of the examination depends in particular on the growing season applicable to the variety. In practice, the full procedure most often extends over two to three years, or even longer for certain perennial species.

At this stage, objections may be raised if the variety appears insufficiently distinct from existing varieties or if difficulties are identified in terms of uniformity or stability.

This phase requires rigorous technical preparation and anticipation of the examination office’s expectations. An incorrect assessment of the criteria or insufficient documentation may lead to failure, sometimes after several years of proceedings.

Applicants outside the European Union: key regulatory points of attention

Where the applicant is established outside the European Union, additional regulatory constraints must be taken into account at an early stage of the project. The transfer of plant material into the EU may be subject to strict phytosanitary rules, specific customs formalities and, depending on the country of origin and the species concerned, prior authorisations.

Furthermore, certain States apply particular restrictions on the export of biological resources or specific tax regimes likely to affect the circulation of plant material or the structuring of financial flows.
Failure to anticipate these aspects may result in delays, unforeseen costs or even prevent continuation of the procedure. A prior analysis of the applicable regulatory, customs and tax constraints is therefore essential.

Anticipating common errors and international coordination

Among the most frequent errors are:
• premature disclosure of the variety; strict traceability of the first uses of the variety is therefore essential,
• a non-compliant or conflicting denomination, making it necessary to conduct a thorough availability search prior to filing, not only in respect of existing variety denominations but also relevant prior rights,
• poor coordination between national, European and international filings.

The filing of a community plant variety right is only one component of an international protection strategy. It must be coordinated with systems in place in third countries that are members of the International Union for the Protection of New Varieties of Plants (UPOV), which, although based on common principles, present significant national specificities.

Poorly managed timing between initial commercialisation, Community filing and filings in third countries (United States, Latin America, Asia, Africa) may lead to irreversible loss of protection in strategic territories.

Conclusion

Filing a plant variety right in the European Union requires a rigorous approach, combining law, agronomic expertise and economic strategy. A comprehensive legal and administrative checklist is the most effective tool to secure the breeder’s rights and optimise the long-term valorisation of the variety.

Dreyfus & Associés is in partnership with a global network of lawyers specialising in Intellectual Property.

Nathalie Dreyfus with the assistance of the entire Dreyfus team

Q&A

1.What is a Community plant variety right (CPVR)?
A Community plant variety right is a unitary intellectual property title granted by the Community Plant Variety Office (CPVO). It confers on its holder an exclusive right to exploit a new, distinct, uniform and stable plant variety throughout the entire territory of the European Union.

2.What is the difference between a national plant variety right and a Community plant variety right?
A national plant variety right has effect only within the territory of the State that granted it. By contrast, a Community plant variety right provides uniform protection in all EU Member States through a single filing, making it the preferred option for breeders targeting the European market as a whole.

3.What do the DUS tests carried out as part of the procedure involve?
DUS tests are designed to verify that the variety is distinct, uniform and stable. They are conducted by authorised examination offices and focus on specific technical characteristics. These tests may extend over several growing cycles and represent the longest and most technical stage of the CPVR procedure.

4.When should an application for plant variety protection be filed?
Ideally, before any commercialisation or public disclosure likely to affect the novelty of the variety.

5.Can a variety be protected both by a plant variety right and a trademark?
Yes, but these protections serve different purposes. The variety denomination is subject to specific rules and must not be confused with a commercial trademark.

6.How long does the plant variety protection procedure take?
The duration varies depending on the species, but the DUS examination generally extends over several years.

7.What happens in the event of an error regarding ownership of rights?
An ownership error may lead to claims, disputes or, in some cases, invalidation of the plant variety right.

8.Can an applicant outside the EU apply for a European plant variety right?
Yes, but the applicant must anticipate the phytosanitary, customs and regulatory rules applicable to the export of plant material into the European Union.

This publication is intended to provide general guidance to the public and to highlight certain issues. It is not intended to apply to specific situations nor to constitute legal advice.

Written by Nathalie Dreyfus05/02/2026

Introduction

As the next round of new generic top-level domain (gTLD) applications approaches in 2026, the Registry Service Provider (RSP) Evaluation Program introduced by ICANN is redefining the technical and legal foundations of the domain name ecosystem.

This program marks a structural shift in how registry operators are assessed, certified, and integrated into the global DNS infrastructure. For trademark owners, intellectual property professionals, registries, understanding this framework is now a strategic imperative.

Understanding the registry service provider evaluation program

A new model for technical qualification

The RSP Evaluation Program introduces a decoupled assessment model, separating technical validation from individual gTLD applications.

Under the former framework, each applicant had to demonstrate independently its operational capabilities. This approach generated:

Redundant technical audits
Increased compliance costs
Extended review timelines
Inconsistent quality benchmarks

The RSP model replaces this with a centralized pre-qualification mechanism, whereby providers are evaluated once and recognized across multiple applications.

Core services covered by the RSP framework

Certified RSPs must demonstrate robust capacity in:

Domain Name System (DNS) operations
DNSSEC key management and cryptographic security
Registry data publication and RDAP compliance
Registry system continuity and disaster recovery
Escrow and data integrity mechanisms

These functions are no longer treated as ancillary. They now constitute the technical backbone of gTLD governance.

Evaluation phases and operational framework

Pre-evaluation phase (2024–2025)

The initial pre-evaluation phase enabled early applicants to undergo technical assessment ahead of the main round.

Its objectives included:

Establishing a pool of vetted operators
Enhancing transparency for applicants
Facilitating early contractual negotiations

Successful candidates are listed publicly, creating a reference market for future applicants.

Concurrent evaluation phase (From 2026)

A second evaluation window will operate alongside the 2026 gTLD application round.

This phase targets:

New entrants
Late technical providers
Applicants developing in-house registry systems

Testing infrastructure: OT&E and RST v2.0

ICANN’s Operational Test and Evaluation (OT&E) and Registry System Testing (RST) v2.0 environments are mandatory validation platforms established to verify that a registry operator or RSP provider is genuinely capable of managing a top-level domain in a reliable, secure, and continuous manner.

They assess:

Load resilience
Incident response capacity
Data recovery procedures
System interoperability

This reinforces operational reliability at the root of DNS governance.

Legal and technical implications for stakeholders

Technical reliability as a legal safeguard

From an IP enforcement perspective, registry stability directly conditions the effectiveness of:

Uniform Domain-Name Dispute-Resolution Policy (UDRP)
Uniform Rapid Suspension (URS)
Trademark Clearinghouse mechanisms (TMCH)
Sunrise and Claims services

Without a qualified RSP, these instruments lose practical effectiveness.

Impact on enforcement and dispute resolution

Procedures administered in coordination with institutions such as the WIPO depend on accurate registry data and operational continuity.

A certified RSP ensures:

Reliable registrant identification
Traceable abuse reporting
Preservation of evidentiary records

These elements are decisive in litigation and administrative proceedings.

Strategic opportunities for trademark owners and rights holders

Cost rationalization and budget predictability

The pre-certification model significantly reduces:

Technical audit expenses
Legal contingency reserves
Emergency remediation costs

Applicants can reallocate resources toward:

Trademark architecture
Defensive registration programs
Digital compliance policies

Enhancing .trademark governance models

For corporate applicants pursuing .trademark strategies, RSP certification enables:

Centralized trademark ecosystems
Controlled distribution channels
Unified cybersecurity governance
Integrated compliance frameworks

Practical recommendations for 2026 applicants

We recommend that applicants integrate RSP considerations into early strategic planning.

Key action points

Identify pre-evaluated RSPs at least 18 months in advance
Integrate RSP timelines into trademark filing strategies
Conduct legal audits of registry agreements
Align DNS governance with trademark protection policies
Establish internal oversight committees

Internal and external resource integration

Applicants should coordinate:

Legal teams
IT governance units
Cybersecurity departments
External IP counsel
Registry operators

This transversal approach reduces operational fragmentation.

Conclusion

The Registry Service Provider Evaluation Program represents a structural evolution in DNS governance. It transforms technical qualification into a strategic legal instrument and places infrastructure reliability at the center of trademark protection.

For domain name stakeholders, this program is no longer optional. It is a prerequisite for sustainable digital positioning.

The Registry Service Provider Evaluation Program must now be understood as a cornerstone of modern domain name strategy.

Dreyfus & Associés works in partnership with a global network of attorneys specializing in Intellectual Property.

Nathalie Dreyfus with the support of the entire Dreyfus team

FAQ

1. Does RSP certification guarantee application approval?
No. It only validates technical capacity. Legal, financial, and policy reviews remain applicable.

2. How long does RSP evaluation usually take?
Between 6 and 12 months, depending on system complexity and remediation requirements.

3. Should trademark owners prioritize pre-evaluated providers?
Yes. Early engagement reduces regulatory and operational uncertainty.

4. What are the main legal risks of using a non-certified provider?
Application rejection, enforcement failures, compliance breaches, and reputational damage.

5. When should applicants begin RSP negotiations?
Ideally 24 months before the application window.

This publication is intended for general public guidance and to highlight issues. It is not intended to apply to specific circumstances or to constitute legal advice.

Written by Nathalie Dreyfus04/02/2026

Introduction

Over the past few years, the double proxy has established itself as one of the most formidable technical mechanisms used by professional cybersquatters. Behind an apparent technical sophistication hides a very concrete legal reality: an organized opacity, intended to slow down the identification of those responsible, to neutralize in practice the actions of withdrawal and to amplify infringements of trademarks, domain names and corporate reputation.

In a context of growing organized crime, the double proxy is no longer a simple tool for anonymization. It now allows the deployment of industrial phishing, employment fraud, digital counterfeiting or identity theft campaigns, designed to resist traditional legal reaction mechanisms.

Understanding the double proxy: a cascade opacity mechanism

The double proxy is based on the successive interposition of several distinct technical intermediaries between the end user and the server effectively controlled by the attacker. In practice, the disputed domain name points to a first proxy, often operated by a CDN or reverse proxy provider, which then redirects to a second intermediary before reaching the final infrastructure.

These actors generally present themselves as mere technical providers and claim, in practice, the benefit of the hosting providers’ liability regime, subject to the legal qualification of their actual functions.. The objective is clear: to sever both the legal and technical link between the unlawful content and its true operator. Each layer acts as an additional screen, making the identification of the true hostng provider and the data controller particularly complex.

Fragmentation of responsibilities and enforcement actions

Unlike a simple proxy, the double proxy is based on a voluntary segmentation of technical and legal roles, which fragments the chain of responsibility and complicates any swift and coordinated action.

In practice, the chain of intermediation follows a well-established pattern. The registrar identifies a technical point of contact and refers to a CDN provider, whose official mission is to optimize the availability and performance of content. This provider then redirects to an intermediate hosting service, which is not necessarily the actual site operator. Finally, this host relies on a hidden origin server, sometimes located outside the European Union.

Each actor then presents himself as a passive intermediary and shifts responsibility to the next link in the chain. This cascading architecture exploits the grey areas of technical intermediaries’ liability law: without formally neutralizing notice-and-takedown mechanisms, it largely deprives them of effectiveness by diluting the actual knowledge of unlawful content and the capacity for immediate action.

Why the double proxy has become the cybersquatter’s ultimate weapon

The first effect of the double proxy is a systemic neutralization, in practice, of takedown procedures. Each service provider invokes their status as an intermediary, requires local court orders or redirects the complainant to another actor in the chain. A withdrawal request, although well-founded, then turns into a fragmented procedural journey, incompatible with the urgency of ongoing fraud.

The second effect is an accelerator of large-scale fraudulent campaigns. The dual proxy allows for near-instant infrastructure recycling: when a website is suspended, content is replicated elsewhere, the domain name redirected, and the proxy chain reconfigured in minutes.

Finally, this architecture leads to a dilution of legal responsibilities. Each intermediary invokes its local compliance, or lack of actual knowledge, complicating the demonstration of bad faith, which is central to cybersquatting and domain name disputes.

Impact on rights holders

The double proxy weakens the effectiveness of trademark rights and extrajudicial mechanisms. UDRP-type procedures or blocking actions carried out with registrars lose effectiveness when fraudulent content remains accessible despite the suspension or blocking of the disputed domain name.

Each additional day during which a fraudulent website remains online generates immediate economic and reputational damage, marked by a loss of customer trust and an increased risk of personal data being misappropriated.

From an evidentiary standpoint, the double proxy greatly complicates evidence gathering. The rotation of IP addresses, limited log retention and the deliberate instability of intermediation chains make the identification of the real operator particularly challenging.

What solutions are available against double proxying?

Faced with the double proxy, the effectiveness of the response relies on a multi-level legal approach. This combines coordinated notifications with the registrars, CDN providers and hosting providers, legally qualified formal notices and, where justified , targeted extrajudicial or judicial actions. The objective is to identify, within the technical chain, the actors with a concrete capacity for intervention and to avoid the dilution of responsibilities.

Anticipation through technical evidence is decisive. The precise documentation of proxy chains, time-stamped captures of redirects, dynamic DNS analysis and rapid conservation of technical elements make it possible to establish the actual role of each intermediary and to contest usefully the classification as a purely passive intermediary.

In this respect, recent case law confirms the relevance of this approach. In a judgment of October 2^nd, 2025 (RG n° 24/10705) relating to a streaming fraud case, the Paris Judicial Court admitted that an infrastructure provider could be held liable as an indirect host provider, when the latter is duly notified of the illegal content and this qualification remains proportionate to its technical functions and its capacity to act.

Conclusion

The double proxy is today one of the most sophisticated and destabilizing tools of modern cybersquatting. Its impact goes well beyond technical considerations: it undermines the effectiveness of rights, the speed of remedies and user protection.

within response to this weapon, only a global strategy, combining legal expertise, technical mastery and anticipatory evidence gathering, can restore a balanced enforcement framework.

Dreyfus & Associés works in partnership with a global network of attorneys specializing in Intellectual Property.

Nathalie Dreyfus with the support of the entire Dreyfus team

Q&A

1. Is the use of double proxying illegal?

No. The use of a proxy, including multiple, is legally neutral in itself. It is not the technology that is unlawful, but its use. On the other hand, when double proxy is used to conceal manifestly unlawful activities, it constitutes a strong indicator of bad faith in the overall legal analysis.

2. Can an intermediary be forced to keep their logs?

In principle, not without judicial intervention. Data retention obligations are strictly regulated. On the other hand, rapid precautionary measures may be requested in order to avoid the automatic deletion of essential technical data.

3. Does the use of non-EU servers prevent any legal action?

No, but it complicates enforcement. It often requires combined actions (administrative, judicial) and more frequent reliance on international assistance or actors located upstream in the technical chain.

4. Are automated detection tools effective against double proxy?

They are useful but insufficient alone. They must be combined with legal and technical analysis, capable to interpret redirections, infrastructure structures and weak signals.

5. Is a website protected by a CDN necessarily suspicious?

No. CDNs are widely used for legitimate purposes. It is the combined use of several layers of proxy, associated with unlawful content, that may become problematic.

6. Are the hosting providers always able to act quickly?

Not necessarily. Some intermediaries have only partial control over the infrastructure and must themselves turn to other providers before they can intervene.

The purpose of this publication is to provide general guidance to the public and to highlight certain issues. It is not intended to apply to particular situations or to constitute legal advice.

Written by Nathalie Dreyfus04/02/2026

Introduction

The Data Protection Act (Loi Informatique et Libertés), of January 6, 1978, has since then evolved to meet the new challenges posed by digital technologies and the management of personal data.

The successive reforms, particularly with the implementation of the General Data Protection Regulation (GDPR), the EU Directive 2016/680’s transposal, and recent amendments, have allowed the law to adapt to contemporary issues.

This article explores the major changes to this legislation and analyzes their impact on personal data protection in France.

The origin and evolution of the data protection Act

The Data Protection Act was initially adopted in 1978 to protect citizens’ privacy in the context of personal data management. This law established the Commission Nationale Informatique & Libertés (CNIL), French independent administrative authority, to ensure that data processing practices comply with the law’s fundamental principles. The original law aimed to regulate the collection and processing of personal data by both public and private sectors and has been amended twice:

• In 2004, with the introduction of new provisions to strengthen data protection, notably through the transposal of the European Directive 95/46/EC, which implemented adjustments to the law.

• In 2016, with the adoption of the General Data Protection Regulation (GDPR) in May, which came into effect in 2018, marking a significant evolution in both French and European legislation.

Major changes brought by the GDPR

The GDPR had a significant impact on the Data Protection Act by strengthening personal data protection and harmonizing rules at the European level. While it is not directly a modification of French law, its application forced national legislation to integrate its core principles.

The GDPR has enabled to guarantee :
• The right to clear and accessible information when collecting data.
• The right to access, rectify, and erase (right to be forgotten).
• Data portability from one service to another.

The GDPR also expanded the CNIL’s powers in terms of enforcement, allowing fines up to 4% of a company’s global turnover for non-compliance. The CNIL now plays a more proactive role in monitoring corporate compliance.

Relationship between national law and the GDPR

The Data Protection Act continues to play a complementary role to the GDPR on issues where the European regulation allows for national discretion.

For example:
• The processing of health data, offense-related data, or journalistic data.
• Criminal law files, governed by specific rules derived from the European directive introduced alongside the GDPR.

These provisions allow the legal framework to adapt to areas where security and protection concerns are particularly high.

The evolution of the Data Protection Act remains dynamic, with regular amendments, notably decrees published since 2018, specifying the operational modalities of the new rules.

New obligations for businesses

The Data Protection Act, as amended by the GDPR, now imposes additional obligations on businesses regarding the management of personal data:

• Appointment of a Data Protection Officer (DPO):
Certain businesses must appoint a DPO to ensure that data processing practices comply with the legislation.

• Explicit and Documented Consent:

Businesses must obtain explicit consent from users before collecting their data, and this consent must be documented and easily accessible.

• Privacy Impact Assessment (PIA):

Businesses must conduct PIAs when data processing presents a high risk to individuals’ rights and freedoms, especially in the case of automated processing.

Challenges of data protection in the digital Age

1) The rise of Big Data and AI

The massive processing of data (Big Data) and the growing use of artificial intelligence (AI) in personal data processing pose new challenges. Businesses must now justify the necessity of collecting data and can no longer rely on a lax approach.

2) The risks of data breaches

Despite efforts to strengthen security, data breaches remain frequent. Companies must not only take preventive measures but also be prepared to notify competent authorities and affected individuals in case of a data breach.

3) International Data Transfers
The transfer of data outside the European Union is strictly regulated. Businesses must implement appropriate mechanisms, such as standard contractual clauses or comply with adequacy regulations (e.g., the Privacy Shield for transfers to the United States), to ensure the security of personal data.

Conclusion

The Data Protection Act, as amended by the GDPR, represents a strengthened legal framework for personal data protection, particularly in the context of rapid technological advancements. Businesses must comply with these new rules, not only to avoid penalties but also to ensure the trust of their users.

Dreyfus & Associés works in partnership with a global network of specialized intellectual property lawyers.

Nathalie Dreyfus with the support of the entire Dreyfus team.

Q&A

1.How does the GDPR affect companies that process sensitive data?
Companies that process sensitive data must implement enhanced security measures and obtain explicit consent from the individuals concerned. They must also conduct a Data Protection Impact Assessment (DPIA) to assess the risks associated with these processing activities.

2.Which companies must appoint a DPO?
Companies that process personal data on a large scale or sensitive data must appoint a Data Protection Officer (DPO). It is also mandatory for public organizations and those involved in regular monitoring of individuals.

3.What are the risks for companies in case of non-compliance?
In case of non-compliance, companies risk financial penalties of up to 4% of their global turnover or €20 million, depending on the severity of the violation. They may also face legal action and damage to their reputation.

4.How can companies ensure the security of personal data?
Companies must implement technical and organizational security measures, such as data encryption, strict access controls, and continuous training for employees on security best practices.

5.What is a Data Protection Impact Assessment (DPIA)?
A Data Protection Impact Assessment (DPIA) allows companies to analyze the risks to data protection before launching processing activities that may affect individuals’ privacy. It is mandatory for high-risk processing, particularly in cases of large-scale surveillance.

6.Is user consent always necessary for the processing of their data?
Explicit consent is required when data is processed based on this consent. However, in certain cases (e.g., for contract execution or legal obligations), other legal bases, such as legitimate interest, can be used without the need for prior consent.

This publication is intended for general public guidance and to highlight issues. It is not intended to apply to specific circumstances or to constitute legal advice.

Written by Nathalie Dreyfus03/02/2026

Introduction

ICANN (Internet Corporation for Assigned Names and Numbers) established the system of national top-level domains, known as ccTLDs (country code Top-Level Domains), the management of which is entrusted to each country. Specific rules govern the registration and use of these extensions, depending on local legal and regulatory requirements.

Choosing an appropriate ccTLD makes it possible to clearly indicate to search engines and users the intended target audience, thereby strengthening the relevance of content at a national or regional level. As such, the ccTLD constitutes an essential legal, technical, and strategic lever for any company developing an online activity, whether domestic or international.

Definition: what is a ccTLD?

A ccTLD (Country Code Top-Level Domain) is a domain name extension composed of two letters, assigned to a State or territory on the basis of the international ISO 3166-1 standard.

Each ccTLD corresponds to a clearly identified geographical area, for example .fr for France, .de for Germany, .it for Italy, .es for Spain, or .cn for China.

In addition, certain territories have been assigned specific codes under the ISO standard, in particular overseas territories, in order to reflect their particular geographical situation. Accordingly, alongside the French .fr extension, there are also .gf (French Guiana), .mq (Martinique), .re (Réunion), .nc (New Caledonia), .yt (Mayotte), and .gp (Guadeloupe).

Certain exceptions also exist. The United Kingdom, for instance, does not use the standard ISO code .gb, but rather the ccTLD .uk. Likewise, although the European Union is not a State, the ccTLD .eu is widely used by institutions and organisations in order to strengthen their visibility and identification at the European level.

The role of governance authorities

From an institutional perspective, the allocation of all ccTLDs is coordinated by ICANN. However, the management and registration of national domain names are carried out by the respective national registries, commonly referred to as NICs (Network Information Centers).

In France, for example, the .fr extension is administered by AFNIC (Association française pour le nommage Internet en coopération), which sets specific rules relating to eligibility, dispute resolution mechanisms, and the protection of prior rights.

Accordingly, a ccTLD is not merely a technical extension. It is the expression of national digital sovereignty, governed by specific rules that are often firmly rooted in local law.

What are the conditions for registering a ccTLD?

Each ccTLD is subject to its own registration rules, which are often stricter than those applicable to generic top-level domains (gTLDs) such as .com, .net, or .org. Certain extensions require a local presence, a national registration, or the appointment of a legal representative within the relevant territory.

By way of example, the registration of a .fr domain name is limited to holders established within the European Union, as well as in Iceland, Liechtenstein, Norway, or Switzerland.

Registration conditions vary depending on the policy adopted by the relevant registry. For more information about the eligibility rules for the .fr extension, please refer to our previously published article.

Similarly, the Canadian ccTLD .ca is strictly reserved for companies and individuals having their registered office or residence in Canada.

As a result, ccTLDs are not subject to a uniform regime.

What are the advantages of ccTLDs for businesses?

A lever of credibility and local trust

A ccTLD sends a strong signal of geographical proximity to users. It enhances trust, improves the clarity of the offer, and reinforces commercial credibility, particularly in markets where local presence is decisive. For many consumers, a national extension is naturally associated with a company established locally and subject to the applicable national law.

A strategic advantage for search engine optimisation

From an SEO perspective, a ccTLD clearly indicates the geographical target to search engines. It improves rankings for local searches and enables the implementation of a more precise international SEO strategy than reliance on a generic domain name alone.

A tool for protecting trademarks and digital assets

ccTLDs play a key role in the fight against cybersquatting, phishing, and other fraudulent uses. The defensive registration of strategic country-code extensions helps reduce the risk of trademark infringement, traffic diversion, and online impersonation, while facilitating recovery actions based on local law.

Conclusion

The ccTLD (Country Code Top-Level Domain) has become a structuring tool at the heart of corporate digital strategies. Far beyond a simple geographical extension, it serves as a vector of credibility, a lever for local visibility, and an essential legal instrument for protecting trademarks and online intangible assets.

The firm Dreyfus & Associés works in partnership with a global network of intellectual property lawyers.

Nathalie Dreyfus with the support of the entire Dreyfus firm team

Q&A

Does registering a domain name under a ccTLD automatically protect a trademark?
No, but it is an effective tool for preventing and combating online infringements.

Are all ccTLD extensions subject to the same registration requirements?
No. There is no uniform regime applicable to ccTLDs. Registration requirements vary depending on the policy of the relevant registry. Some extensions are open without specific conditions, while others require a local presence, national incorporation, or the appointment of a local representative.

Can a ccTLD be used as an indicator of territorial targeting in a dispute?
Yes. Courts and IP offices frequently take the national extension into account when assessing the intended audience, particularly in cases involving trademark infringement or unfair competition.

Can a ccTLD domain name be deleted if the eligibility requirements are no longer met?
Yes. Many registries provide for the suspension or deletion of a domain name if the holder no longer satisfies the required criteria, in particular where local presence is lost.

Are dispute resolution procedures identical for all ccTLDs?
No. Each ccTLD applies its own mechanisms, which may be based on the UDRP, local alternative dispute resolution procedures, or national courts.