Last Friday was a meeting of the Trademark Public Advisory Committee, and USPTO trademark management gave a presentation. You can see the slide deck here. Slide 15 is particularly interesting for those of us who have been worried about owner email addresses.
It will be recalled that on February 6, 2020 the Acting Commissioner for Trademarks released Examination Guide 1-20 which for the first time stated that trademark applications, even those represented by attorneys, would be required to reveal to the USPTO their personal email addresses. Not only that, the USPTO was going to publish that personal email address to the world, thus available for data mining by scammers and spearphishers.
A couple of days later, one hundred and ninety-nine trademark practitioners wrote to the Acting Commissioner expressing grave concerns about this. The bad thing that was imminent was that on Saturday, February 15, 2020 the Trademark Office was going to change TEAS in a way that would require provision of the applicant’s personal email address even in cases where the applicant had retained counsel. You can see the letter here.
At 4:32 PM on Friday, February 14 (the day before the planned rollout of the new software), the Acting Commissioner blinked. The software got revised and the Examination Guide got revised, and it was no longer going to be required that the applicant would have to reveal his or her personal email address. Instead, it was only required that the email address be one “chosen by” the applicant. The Acting Commissioner eventually responded to the one hundred and ninety-nine trademark practitioners as you can see here. The only corrective action taken by the Trademark Office, unfortunately, was to mask the email address in the “status” tab of TSDR. But the email address continued to be open for data mining in the “documents” tab of TSDR. the applicant email address also continued to be available to data mining in other public-facing databases and public APIs (application programming interfaces).
Now we see this slide 25 (quoted above) which the Trademark Office presented to the TPAC last Friday. In this slide the Trademark Office tells the TPAC that it:
plan[s] to mask the owner email address field in TEAS and TEASi documents viewable in TSDR. This includes submissions viewable in the documents tab, all application programming interfaces (APIs), and PDF downloads.
The specific reference to APIs seems to be in direct response to the letter from the 199 practitioners. I am not aware that anybody else, including any professional association that contacted the Trademark Office about this, mentioned APIs as being of concern. As far as I am aware only the 199 practitioners raised this particular concern of the Trademark Office securing the APIs.
It is a bit disappointing that the Trademark Office did not go to the trouble to communicate any of this to the 199 practitioners. In particular given that so far as I am aware nobody other than the 199 practitioners raised the issue of securing the APIs, it is disappointing that when the Trademark Office decided to secure the APIs, it did not to to the trouble to communicate this to the 199 practitioners. We had to learn about it by accident, while reviewing the slides that the Trademark Office presented to the TPAC Committee last week.
But if the USPTO does actually fulfill this commitment about thoroughly masking the email address, it will reduce the harm caused by this collection of applicant email addresses. I can’t shake the worry, however, that the Trademark Office might slip up and permit dataminers to gain access to the applicant email addresses despite efforts to prevent it.