Managing data across jurisdictions can be complicated. In addition to complying with local laws on transferring personal information abroad, finding an efficient and effective way to review foreign data is often tricky.
Fortunately, technology like predictive coding can help overcome these challenges. This webinar will discuss how.
Challenges in Collecting Foreign Data
As the business world has become increasingly global, the need to address discovery challenges in a cross-border context has emerged increasingly. Even disputes that appear entirely domestic, such as a New York lawsuit against New York parties brought in New York state court, can trigger discovery obligations that require the search and collection of foreign data.
The complexities of cross-border discovery can overwhelm litigants and their outside counsel. Identifying the issues that may impact a particular matter is critical, as is establishing a clear plan for meeting those challenges early on.
One of the most significant challenges in collecting foreign data is overcoming limitations imposed by foreign data privacy laws and other restrictions on exporting personal information. Fortunately, strategies and workflows exist to minimize these obstacles. These include utilizing technology such as predictive coding and working with local counsel to develop a non-English language search, which is more effective than using literal translations of keywords.
Other options for overcoming these barriers include using a secure, central European repository to store, process, and cull data before transferring it to the United States. CDS has such a facility in London, which is ISO 27001 certified and compliant with the requirements of EU law.
Challenges in Processing Foreign Data
As technology evolves, the world of electronic information grows and becomes increasingly multinational. The result is a complex global web of regulations and statutes governing electronically stored information. It makes it more challenging than ever for multinational corporations to develop policies that comply with the requirements of all jurisdictions in which they operate.
In a legal dispute requiring eDiscovery, navigating these foreign laws can significantly complicate the process. The need to navigate these issues often arises when a party has documents containing personal data from a non-US jurisdiction. Such personal data may be protected by privacy laws, banking secrecy statutes, or other “blocking” statutes.
Despite the legal challenge, counsel should consider a foreign data processing strategy early in the litigation. Using cutting-edge technology such as regular expression scripting software, counsel can identify which foreign language documents contain personal data and then set those aside for separate privacy review, redaction, or approval from a data subject or the relevant authorities. The remaining foreign documents can be processed and reviewed in the United States to adhere to personal data discovery protocols.
Challenges in Reviewing Foreign Data
The intersection of US discovery requirements and global data privacy laws remains a significant issue in cross-border eDiscovery. As mentioned above, many European countries have privacy and related regulatory regimes that restrict the collection or transfer of data outside of those jurisdictions. Those regulations often conflict with US discovery rules, which demand that companies produce ESI relevant to a matter.
In addition, significant privilege issues arise when conducting discovery in foreign jurisdictions. Privilege law in other countries does not necessarily mirror that of the United States, leading to unwarranted withholding of documents incorrectly believed to be privileged.
A common strategy for companies facing these challenges is to process (and potentially review) the data in-country, limiting the amount of information leaving the originating jurisdiction. While this approach has its merits, it can be costly and time-consuming.
In addition, it can take a lot of work to keep up with the frequent changes in privacy regulations and other legislation in various jurisdictions. For these reasons, a company must have an effective international eDiscovery management solution that includes best-practice technical and organizational measures and innovative technologies. These tools can limit the risk of a compliance breach while meeting all its discovery obligations.
Challenges in Producing Foreign Data
Lastly, many international matters are impacted by local data protection laws that can significantly impact how the ESI can be accessed and produced. While US courts typically require discovery to proceed notwithstanding GDPR, local data privacy laws, and other foreign regulations, it is essential to understand how these requirements might impact a matter’s scope and the legal process.
The good news is that case teams can handle these complexities with help. An experienced eDiscovery partner with a global footprint and information governance/legal experts on staff can assist in developing workflows that defensibly and efficiently address these issues in every matter, regardless of location or jurisdiction.
In addition to working with a trusted global partner, developing a plan for handling foreign language data early in the process is essential. It will help to reduce costs, mitigate risk, and ensure that matters are completed on time. Creating a plan can also include establishing protocols for collecting, processing, reviewing, and producing documents. Planning can help avoid delays caused by coordinating multiple vendors, language barriers, and time zone differences. By consolidating multilingual e-discovery processing with one provider, firms can improve efficiency and minimize delays in the litigation process. In addition, a centralized approach can eliminate the need for costly translation services.