一家获得1.6亿美元风险投资支持的公司刚刚取消了我一个小型开源软件项目在欧盟的商标。
我经营一个名为Deepkit(商标017875717)的开源项目,已经开发了很多年。虽然它的用户数量与一些大型开源软件相比并不算多,仅有几千个用户,但对我来说,这个名字是值得保护的,因此我在几年前在欧盟和美国注册了商标。我希望通过这种方式保护自己,能够安静地生活。
然而,一家名为Deepki(商标1751952)的公司获得了1.6亿美元的融资,随后向欧盟知识产权局(EUIPO)申请取消我的商标,因为他们现在需要这个商标。他们赢了,现在我的商标被撤销了。
令人沮丧的是,欧盟实际上允许开源项目(甚至是免费的项目)拥有商标,但你必须证明在欧盟的商品/服务上有“真实使用”。这似乎迫使你收集用户的敏感数据,否则你根本无法证明自己在欧盟有实际用户。我通常尽量收集尽可能少的信息(因为我并不关心我的用户来自哪里)。我曾在主页上使用过谷歌分析(而不是文档),但大多数时候它无法正常工作,而且我的大部分用户似乎都屏蔽了它。
这是我提交给EUIPO的材料,以及他们拒绝的原因:
- 我网站的谷歌分析数据,涵盖2018年至2023年的国家细分。每年每个国家的欧盟访问者从几百到约1800人。他们表示这“太少”,无法算作我第9类软件的真实商业利用。此外,他们还表示无法确定这些访问实际上是针对哪些商品。
- npmjs + GitHub统计数据——数十万次下载和数千颗星。被拒绝的原因是没有位置信息,因此他们无法确认使用是否发生在欧盟。在某些情况下,他们表示时间框架甚至不够清晰。
- 他们基本上一直重复说,他们无法将任何使用情况与我注册的特定商品/服务明确关联。
结论:
> 结论:由上述内容可知,EUTM所有者未能证明对争议商标在其注册的任何商品和服务上的真实使用。因此,撤销申请完全成功,争议的欧盟商标必须全部撤销。根据EUTMR第62(1)条,撤销将自撤销申请之日起生效,即自2024年3月18日起生效。
> 成本:根据EUTMR第109(1)条,撤销程序中败诉方必须承担对方产生的费用和成本。
他们甚至承认没有严格的使用最低要求,免费软件也可以算作使用,但在他们看来,我的欧盟流量太低,且与商标商品的关联不明确。
我在美国也注册了这个名字的商标。该公司在2022年试图在美国注册(商标#79379273),但因过于相似而被阻止(由USPTO做出的决定)。但几个月前,他们不知怎么地在美国也注册成功了(商标#7789522),我现在也不确定他们是如何做到的。
现在我在想:
- 在欧盟寻求第二意见和上诉是否值得?毕竟这个项目非常小。
- 我应该对抗美国的注册吗?
- 还是我应该完全放弃对我的开源项目的商标保护?我已经因此损失了很多钱。
- 对于开源项目来说,是否有实际的、尊重隐私的方式来证明在欧盟的使用,而不产生收入?
- 如果证明在欧盟的使用如此脆弱,持有商标是否还有意义?如果商标可以在花费几千美元请律师后就这样被删除,那可能是技能问题,但仍然让人感到沮丧。
失去我多年来一直努力构建的名字,尤其是对方背后有1.6亿美元的公司,这让我感到很糟糕,特别是这只是我在业余时间做的一个副项目,而在他们眼中我不过是个无名小卒。如果没有其他意义,也许我的案例可以成为其他开源维护者的警示故事。
查看原文
I run a small open-source project Deepkit (Trademark 017875717) I've been building for many years. It's not huge, just a few thousand users compared to the big OSS names, but to me it was worth protecting, so I trademarked the name in the EU and US a few years back. I had hoped to be protected from other corporations this way and live peacefully.<p>A $160M-funded company named Deepki (Trademark 1751952) came along and filed for cancellation at EUIPO since they needed the trademark now after getting lots of funding. They won. Now my trademark is gone.<p>The frustrating part? The EU actually does allow open-source (even free projects) to have trademarks, but you have to prove "genuine use" in the EU for the goods/services your trademark covers. Which seems to force you in collecting user sensitive data otherwise you are entirely unable to prove that you have actual users in the EU. I generally try to collect as little information as possible (also because I don't care where my users are coming from). I had google analytics running for some time on the main page (not documentation), but most of the time it didn't work and it seems most of my users block it anyway.<p>Here's what I gave the EUIPO and why they said no:<p>- Google Analytics for my site with a full country breakdown from 2018–2023. A few hundred to ~1,800 EU visitors per year per country. They said that’s "too small" to count as real commercial exploitation for my Class 9 software. Also, they said they couldn’t tell which goods those visits were actually for.<p>- npmjs + GitHub stats - hundreds of thousands of downloads and thousands of stars. Rejected because there's no location data, so they couldn't confirm if the usage was in the EU. In some cases, they said the timeframes weren't even clear.<p>- They basically kept repeating that they couldn't clearly link any of the usage to the specific goods/services my trademark was registered for.<p>The conclusion:<p>>Conclusion: It follows from the above that the EUTM proprietor has not proven genuine use of the contested mark for any of the goods and services for which it is registered. As a result, the application for revocation is wholly successful and the contested European Union trade mark must be revoked in its entirety. According to Article 62(1) EUTMR, the revocation will take effect from the date of the application for revocation, that is, as of 18/03/2024.<p>>COSTS: According to Article 109(1) EUTMR, the losing party in cancellation proceedings must bear fees and costs incurred by the other party.<p>They even admitted there's no strict minimum for usage, and free software can count, but in their eyes my EU traffic was too low and not clearly tied to the trademarked goods.<p>I also have the US trademark for the name. This same company tried to register in the US around 2022 (Trademark #79379273) and got blocked because it was too similar (decision made by USPTO). But a few months ago they somehow got it registered there too (Trademark #7789522), not sure how they did that now.<p>Now I'm sitting here wondering:<p>- Is it even worth getting a second opinion and appealing in the EU? I mean the project is very small.<p>- Should I fight the US registration?<p>- Or should I just walk away from trademarks altogether for my open-source projects. I lost so much money because of this already.<p>- And for OSS projects in general, is there even a practical, privacy-friendly way to prove EU usage without generating revenue?<p>- Is it even worth holding the trademark if proving EU usage is this brittle for OSS? If the trademark can be deleted just like that even after spending a few thousands dollars on lawyers. Probably a skill issue, but still, damn.<p>It sucks to lose the name I've been building for years to a corporation with $160M behind them, especially when this is just a side project I do in my spare time, and to them I'm a nobody. If nothing else, maybe my case can be a cautionary tale for other OSS maintainers.