International e-discovery: Privacy and data protection across the globe

A guide to data protection laws in 5 regions

Modern business practices, driven by an increasing number of multinational companies, are colliding with the complexity of litigation, investigations, regulation, arbitration and compliance in the digital age. More and more, companies with global operations—and the lawyers that represent them—are finding themselves enmeshed in legal matters around the world. Developing an ironclad international legal skill set begins by building a greater understanding of e-discovery, privacy and data protection laws across the globe.

United States

A central theme in American discovery is that the search for truth in litigation outweighs individual privacy concerns, with the exception of personally identifiable information. The 2006 amendments to the Federal Rules of Civil Procedure are the heart of e-discovery, namely Federal Rules 26 and 34, which define electronically stored information (ESI) as a discoverable source of information.

Guided by few appellate decisions, U.S. district court and magistrate judges are the architects behind an expansive body of e-discovery case law. Proportionality (barring unduly burdensome ESI production and preservation) and cooperation (mandating party-to-party ESI discourse early) are defining facets of American e-discovery. In 2012, courts have expressed unrivaled legal technological proficiency by tackling several complex e-discovery issues: taxation of e-discovery costs, the role of proportionality in preservation and marrying smart technology with document processing and review.

England and Wales

The e-discovery evolution impacts both sides of the Atlantic. In the U.K., Civil Procedure Rule 31 governs disclosure. Its counterpart, Practice Direction 31B, is the primary source for coping with issues such as the preservation of ESI, defining a “reasonable search” and assessing the level of party communication required before the case management conference.

The U.K. takes a fundamentally different approach to spoliation sanctions than the U.S. English law bars the destruction of relevant ESI (as the 2012 case West African Gas Pipeline Co. Ltd. v. Willbros Global Holdings Inc. made clear), but litigants are less concerned over the threat of sanctions than counsel in the U.S., where various levels of culpability (as low as negligence in some jurisdictions) are tied to American hierarchies of differing sanctions. 

The European Union

The EU Data Protection Directive 95/46/EC mandates signatory countries to implement laws restricting the processing of “personal data”—information “relating to an identified or identifiable” person. Moreover, the directive bars the transfer of personal data to non-EU states unless the country provides for “adequate protection” of personal data and marks a significant detour from the American approach to data protection.

Geared toward creating a “stronger and more coherent data protection framework,” the European Commission unveiled a new Draft Directive and Regulation on Data Protection on Jan. 25. Set to take effect in 2014, the new data protection regime bolsters the rights of data subjects, imposes heightened obligations on organizations and strengthens enforcement measures. This rubric, combined with many civil law systems, provides for minimal discovery of ESI in EU litigation.

Canada

Throughout the Canadian provinces, the 2008 Sedona Conference publication “The Sedona Canada Principles” has provided an impetus for developing e-discovery rulemaking. For example, the Ontario Rules of Civil Procedure make an explicit call for cooperation and a meet-and-confer conference when discussing discoverability of electronic data. Further, they require counsel to consult with “The Sedona Canada Principles.”

However, following the footprints of the EU, Canada has taken a rigorous approach to data protection regulation at the legislative level. Private sector data use is controlled by the Personal Information Protection and Electronic Documents Act, a federal privacy law designed to “support and promote electronic commerce by protecting personal information that is collected, used or disclosed.”

Asia (APAC)

E-discovery law in the Asia-Pacific region (APAC) is evolving at the speed of light. Some countries, including Singapore, have passed e-discovery guidelines; however, many countries, such as South Korea and Japan, are still considering implementing e-discovery laws. In the APAC region, e-discovery largely impacts international companies with U.S.-based litigation and antitrust concerns. Local counsel and local service providers can provide immense value when attempting to successfully collect data in the region, while navigating the vast legal system differences.

It’s only a matter of time before a case on your docket, in your firm or on your desk involves multinational discovery. Given the constant and fast-moving pace of change in this area of the law and technology, litigation teams should continuously watch for countries around the world to evolve their existing discovery rules against the demands of litigation.

Contributing Author

author image

Wayne Wong

Wayne Wong is a managing consultant in the Kroll Ontrack ESI Consulting group. In this role, Wong ensures litigation preparedness for clients through the creation...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.