Considering the fact that many Internet users have been dumping information about themselves onto the Web since the late 1990s, the recent stir about the way our private information is submitted, transmitted and stored has been a long time coming. The concern the average citizen had about this ongoing issue likely peaked when ex-NSA contractor Edward Snowden shined a light on the extent to which we’re under surveillance. And though the fallout from the Snowden leaks will no doubt impact the public psyche for decades to come, this event has also prompted the legal departments of large corporations to reevaluate their policies and procedures regarding private information.
For those organizations, the challenges related to private information don't end with the threat of government surveillance. There are trade secrets to protect, transmission protocols like the Health Insurance Portability and Accountability Act (HIPAA) to comply with, customer information to safeguard and no shortage of serious threats from both inside and outside breach vectors. But perhaps the most befuddling challenges that face these organizations are the complications that arise when they must conduct legal processes in multiple areas with disparate privacy laws.
As a result of that interpretive responsibility, handling standard legal procedures from discovery to investigation can be tricky. Even routine information like salary reports, employee reviews and monitored conversations can be difficult to remove from nations with EU-like privacy standards.