Privacy means many different things to different people. And when looked at from a global perspective, with different countries having vastly divergent cultures and histories, its definition is understandably diffuse.
This situation is exacerbated these days when it comes to collecting data from foreign countries for discovery purposes. In our Internet Age, with emails and other information constantly whistling across the welkin, a company may have its data residing on servers in multiple countries or even continents. While the immediate accessibility is a benefit, the potential problems companies face when it comes time to collect or produce that data for the sake of a lawsuit or discovery can be serious—especially for U.S. businesses. The most severe fines can cost a company up to €4.5 million, not to mention reputational damage or a finding of adverse inference (see “Stiff sanctions”).
Despite the significant complications, there are a few ways to go about getting data out of Europe. One is under Article 23 of the Hague Convention, through which parties can have letters rogatory sent to a local court that, in turn, will issue a request to disclose the data.