Ahoy Mateys! Judge scuppers suit against Pirate Joe's

On Oct 2, 2013, a Washington District Court judge dismissed a trademark infringement lawsuit against Vancouver businessman, Michael Hallatt. Powerful U.S. discount grocer Trader Joe’s had filed the suit, irked by Hallatt’s business of reselling its products in his cheekily-named Vancouver shop, Pirate Joe’s. Trader Joe’s has no Canadian locations, so Hallatt made frequent buying trips to its U.S. outlets. There he paid retail prices, then declared the goods at the border, marked them up and sold them in his store.

In its complaint, Trader Joe’s made numerous allegations under the Lanham Act (the U.S. federal trademark legislation), including trademark infringement, false endorsement, unfair competition, trademark dilution and false advertising. It also alleged deceptive business practices and trademark dilution under state law. Trader Joe’s contended that Pirate Joe’s intentionally copied the appearance of its stores and used its product images in order to confuse customers and pass as an authorized Trader Joe’s retailer. This, it argued, would damage the Trader Joe’s brand and dilute the source-designating ability of its trademarks, as well as deter Canadian customers from traveling to the United States to purchase its products.

Hallatt countered the lawsuit with a motion to dismiss it on jurisdictional grounds. The court granted the motion. It held that, although the Lanham Act can apply to activities in a foreign jurisdiction, extraterritorial application was not supported in this case. Significantly, all alleged infringing activity occurred in Canada. As well, there was no proof of harm to Trader Joe’s – neither economic harm (since Hallatt paid retail prices), nor harm to goodwill.

Since the court’s decision was based on jurisdictional questions, the trademark issues were not resolved. However, as permitted in the court’s Oct 2 order, Trader Joe’s has now submitted an amended claim to support federal diversity jurisdiction over its state law claims. Diversity jurisdiction allows a U.S. federal court to hear cases involving citizens of different states or foreign citizenship, provided the value of the matter exceeds $75,000. As well, Trader Joe’s has filed a motion asking the court to reconsider its dismissal of the Lanham Act claims. So while Trader Joe’s may have lost the first battle, the “pirate wars” may not yet be over.

Nothing up in the air about privacy: foreign airline must comply with Canadian law

David Elder -

When in Rome, do as the Romans do.  Similarly, when doing business in Canada, do as Canadian privacy law requires.

That is the lesson learned by a foreign-based airline following a finding by the Office of the Privacy Commissioner (OPC) of Canada that the carrier had violated Canadian privacy law, even though the company operates in compliance with European privacy requirements.  The decision further confirms the fact that foreign businesses that operate or provide services in Canada will be subject to all requirements of Canadian privacy law, regardless of the scope of the privacy regimes in their home countries.

In a Report of Findings recently posted by the OPC, Netherlands-based KLM Royal Dutch Airlines (KLM) was found to have breached several provisions of the Personal Information Protection and Electronic Documents Act (PIPEDA), including failing to respond in a timely way to a request by a customer for access to records containing personal information; failing to implement practices to ensure that the requirements of the Act; and failure to make available to the public its policies respecting the management of personal information.

In a preliminary report of findings, the OPC had recommended that KLM develop a clear and simple access to information request procedure and ensure that the privacy policy posted on the Canadian version of its website comply with PIPEDA.

KLM took the position that the Dutch Data Protection Authority supervises KLM in the security of personal data under the Dutch Personal Data Protection Act, including requirements respecting transparency and the manner in which access to information requests must be processed.  The airline further noted that Dutch law does not require further transparency of policies and practices, and only allows individuals to view their personal information, not to access it.  KLM questioned the OPC’s jurisdiction over KLM.

Relying on the Federal Court’s decision in Lawson v. Accusearch Inc., which had earlier found that the OPC had jurisdiction to investigate complaints respecting the collection by foreign organizations of personal information about Canadian residents, the OPC confirmed that it had jurisdiction in the complaint against KLM because there was a real and substantial connection to Canada.  In this regard, the OPC noted that:

  • The complainant seeking access to his personal information was a Canadian resident
  • KLM offers services in Canada, and has employees at several Canadian airports
  • KLM operates a Canadian version of its website, which actively targets Canadians, and through which Canadians may reserve flights
  • KLM operates scheduled non-stop flights to and from Canadian cities (and in fact, the complainant originally booked a KLM flight departing from Toronto);
  • KLM needs to collect personal information from Canadian passengers to offer air travel to those passengers.

In the circumstances, and in view of judgement in the Accusearch case, the finding of Canadian jurisdiction over the handling of the personal information in question may not be particularly surprising: it was collected from Canadians, in Canada, with respect to a service provided - at least in part - in Canada. 

However, many businesses may be surprised that compliance with a European data protection law will not guarantee compliance with Canadian law – despite the fact that the European Data Protection Directive (on which member state privacy laws are based) and PIPEDA were derived from the same set of essential privacy principles, and even though European data protection laws tend to be viewed in some jurisdictions as being particularly stringent.

Although Canadian privacy laws are in broad accord with many international data protection regimes, there are often subtle differences between these foreign laws and Canadian privacy requirements.  Accordingly, foreign organization doing business in Canada should not assume that practices and policies that comply with the law of their home country will necessarily suffice when collecting, using and disclosing information in Canada.

UK ruling - internet jurisdiction based on server location?

Recently, a court in the UK (Football Dataco Ltd et al. v. Sportradar GmbH) found that the location of a server determined the appropriate jurisdiction to regulate internet content. This is not entirely consistent with the Canadian approach.

Sportradar tried to argue that the court did not have jurisdiction to hear the claim that Football Dataco’s copyright and database rights had been infringed by Sportradar’s alleged reproduction of Football Dataco’s live scores and statistics. The content from Sportradar was stored on webservers in Germany and Austria, but was made available to users in the UK by Sportradar’s online betting sites. To determine what law should apply, the court focused on where the act of “making available” occurred. The court held that such an act occurs where the transmission takes place, and more specifically, where the server is located. Since Sportradar’s servers were located outside of the UK, the court found that it could not assert jurisdiction over certain of the claims.

When it comes to online jurisdiction, according to the Supreme Court, the Canadian approach is to use the “real and substantial connection” test, which requires that a significant portion of the offence has taken place in Canada. However, server location is not entirely irrelevant. The Supreme Court identified server location, along with the location of the content provider, the intermediaries and the end users as potential connecting factors, although it did state that the weight to be given to any of these factors will vary with the circumstances and nature of the dispute.

To date, Canadian courts have been reluctant to give much, if any, weight to server location, recognizing the nature of servers as being mobile and effectively irrelevant to a jurisdiction’s regulation of internet content.

For instance, in Citron v. Zundel, the Canadian Human Rights Tribunal asserted jurisdiction because the content provider and a significant portion of the target audience for his anti-Semitic website were located in Canada, despite the fact that the server for his website was in California. Similarly, in World Stock Exchange, the Alberta Securities Commission (ASC) asserted jurisdiction based on facts that the World Stock Exchange was established, run and promoted in Alberta, and it was deemed insignificant that the World Stock Exchange itself was hosted in Antigua. Further, the ASC acknowledged the risk of emphasizing the location of the technology, storage or host facility as leading to a “flag-of-convenience approach”  allowing a party to simply move its server to various states to avoid restrictive regulations or liability. More recently, in eBay Canada Ltd. v. Canada (Minister of National Revenue) the court acknowledged that online information cannot be seen to “reside” only in one place since it is readily available to the users located in a variety of places. According to the court, this makes it "irrelevant where the electronically-stored information is located."

In contrast then to the UK court’s recent decision, the Canadian jurisprudence requires a connection that is real and substantial, rather than what some might argue is artificial and insignificant.