SlideShare une entreprise Scribd logo

Will the GDPR Kibosh EU-US Discovery?

Logikcull.com
Logikcull.com

If you're a legal or security professional, the looming General Data Protection Regulation, or GDPR, is likely causing your blood pressure to rise. Expected to impose strict limitations on organizations that do business in the European Union, or otherwise collect the data of European citizens, the regulation is said to raise the stakes for privacy compliance as well as for transcontinental discovery. Organizations that don't meet its standards by May 2018 will be the subject of potentially business-rattling sanctions.

Droit
1  sur  45
Télécharger pour lire hors ligne
Will the GDPR Kibosh EU-US Discovery? November 7, 2017
Agenda Background: Societe Nationale and our history of giving deference to foreign legal interests, and then ignoring them How GDPR Article 48 may make US-EU eDiscovery much more difficult “So, what do I do now?” Practical advice for dealing with the uncertainty
Presenters Ken Rashbaum Partner | Barton LLP Michael Simon Attorney and Consultant | Seventh Samurai
1. How GDPR Article 48 may make US-EU eDiscovery much more difficult
Preface: International Legal Relations 101 • Discovery comes from Common Law (UK) system • Even then “Discovery in the federal court system is far broader than in most (maybe all) foreign countries” Heraeus v. Biomet, 633 F.3d 591 (7th Cir. 2011) • EU = typically no discovery or only through specific requests to judge • Also the whole rest of the World too . . . we just don’t have time today Image courtesy of California Globetrotter blog
Preface: International Data Protection 101 • EU: current = EC 95/46 Data Protection Directive • EU soon = General Data Protection Regulation (May 25, 2018) • Many others (Russia, China, Qatar and Japan, more) - recently enacted or strengthened their rules • But again, we just have time for EU
Preface: GDPR 101 • A uniform regulation (unlike DPD) • Jaw-droppingly huge potential fines • Broad definitions of “Personal data” • New data subject rights, including right to be forgotten • Data breach notification rules • Expansion of responsibility for processing - important for eDiscovery vendors who are often just Processors
GDPR Article 48 Transfers or disclosures not authorised by Union law “Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may only be recognised or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State, without prejudice to other grounds for transfer pursuant to this Chapter.”
Unknown: Is the Privacy Shield a qualifying “International Agreement?” Transfers or disclosures not authorised by Union law “Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may only be recognised or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State, without prejudice to other grounds for transfer pursuant to this Chapter.”
Recital 115 (non-binding, but still important) Rules in third countries contrary to the Regulation Some third countries adopt laws, regulations and other legal acts which purport to directly regulate the processing activities of natural and legal persons under the jurisdiction of the Member States. This may include judgments of courts or tribunals or decisions of administrative authorities in third countries requiring a controller or processor to transfer or disclose personal data, and which are not based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State. The extraterritorial application of those laws, regulations and other legal acts may be in breach of international law and may impede the attainment of the protection of natural persons ensured in the Union by this Regulation. Transfers should only be allowed where the conditions of this Regulation for a transfer to third countries are met. This may be the case, inter alia, where disclosure is necessary for an important ground of public interest recognised in Union or Member State law to which the controller is subject.
Discovery = Breach of GDPR? Rules in third countries contrary to the Regulation Some third countries adopt laws, regulations and other legal acts which purport to directly regulate the processing activities of natural and legal persons under the jurisdiction of the Member States. This may include judgments of courts or tribunals or decisions of administrative authorities in third countries requiring a controller or processor to transfer or disclose personal data, and which are not based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State. The extraterritorial application of those laws, regulations and other legal acts may be in breach of international law and may impede the attainment of the protection of natural persons ensured in the Union by this Regulation. Transfers should only be allowed where the conditions of this Regulation for a transfer to third countries are met. This may be the case, inter alia, where disclosure is necessary for an important ground of public interest recognised in Union or Member State law to which the controller is subject.
“No aspect of the extension of the American legal system beyond the territorial frontier of the United States has given rise to so much friction as the requests for documents in investigation and litigation in the United States.” RESTATEMENT (THIRD) OF FOREIGN RELATIONS LAW OF THE UNITED STATES § 442, Reporters’ Notes ¶ 1 (1987). Blocking statutes Image courtesy of the ABA Journal of the Section of More than 15 blocking statutes France Germany Even the UK (and they created the common law system!)
Article 29 Working Party “Working Document 1/2009 on pre-trial discovery for cross border civil litigation” Art. 29 WP = EU advisory body (name to be changed with GDPR) Legal Holds = Processing: “Although in the US the storage of personal data for litigation hold is not considered to be processing, under Directive 95/46 any retention, preservation, or archiving of data for such purposes would amount to processing.”
Article 29 Working Party “Working Document 1/2009 on pre-trial discovery for cross border civil litigation” Legal Holds = potential violations of EU Data Protection laws “Controllers in the European Union have no legal ground to store personal data at random for an unlimited period of time because of the possibility of litigation in the United States . . ..”
Just a paper tiger? For decades, no fines or harm done under blocking statutes
In Re: Advocate Christopher X, French Supreme Court, 2008 • Complied with US court deposition request in Strauss v. Credit Lyonnais, S.A., 2000 U.S. Dist. Lexis 38378 (E.D.N.Y. May 25, 2007). • French attorney fined €10,000 for violating blocking statute 16
2. Background: Societe Nationale and our history of giving deference to foreign legal interests, and then ignoring them
Societe Nationale Industrielle Aerospatiale v. US Dist Ct. SD IA, 482 US 522 (1987) “The World’s safest and most economical STOL plane” . . . . . . . crashed in Iowa Injured US fliers sought discovery from French manufacturers
Respondents move to block, claim Hague Convention is exclusive means US Supreme Court on blocking statutes: “do not deprive an American court of the power to order a party subject to its jurisdiction to produce evidence even though the act of production may violate that statute.” On Hague convention: “not a pre-emptive replacement” or “first resort” but an optional procedure used when appropriate 19
5 factor comity test Restatement (Third) of Foreign Relations Law § 442(c) (1987) 1. The importance to the … litigation of the documents or other information requested; 2. The degree of the specificity of the request; 3. Whether the information originated in the United States; 4. The availability of alternative means of securing the information; and 5. The extent to which noncompliance with the request would undermine interests of the United States, or compliance with the request would undermine interests of the state where the information is located.
“ . . . comity became a frivolous argument . . .” “For three decades . . . U.S. courts applied a balancing test to weigh the interests of foreign countries against U.S. interests, and ruled almost unanimously in favor of U.S. interests . . .” Diego Zambrano, A Comity of Errors: The Rise, Fall, and Return of International Comity in Transnational Discovery, 34 Berkeley J. Int’l Law. 157 (2016).
US v. Microsoft likely to make this worse Stored Communications Act warrant (18 U.S.C. § 2703) Microsoft produced emails on US Cloud storage, but not in Ireland Drew massive anger from EU – especially Ireland Second Circuit vacated contempt order US DoJ got Supreme Court to accept Cert.
3. “So, what do I do now?” Practical advice for dealing with the uncertainty
Options A. Privacy Shield B. MLAT C. Binding Corporate Rules D. Standard Contract Clauses E. Hague Convention F. Letters Rogatory G. Party agreement
Agreement between EU and certain US agencies Available to companies under FTC and Department of Transportation jurisdiction (Not Telecoms or FinServ/banks) Replaces prior Safe Harbor – invalidated by Court of Justice of the European Union (CJEU) on suit by privacy activist Max Schrems A. Privacy Shield
EU Privacy activists have filed lawsuits - CJEU takes up Schrems’ new case from Irish High Court (with Irish DPA support) Annual review found many problems, but “adequate” so far WP29 will soon issue opinion – have historically had negative view Cracked Shield?
1. Notice 2. Choice 3. Onward transfer 4. Security data 5. Integrity 6. Access  7. Enforcement  7 Key principles (inherited from Safe Harbor)
1. Notice 2. Choice 3. Onward transfer 4. Security data 5. Integrity 6. Access  7. Enforcement  7 Key principles (inherited from Safe Harbor)
3. ACCOUNTABILITY FOR ONWARD TRANSFER “To transfer personal information to a third party acting as a controller, organizations must comply with the Notice and Choice Principles.   Organizations must also enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation.  The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate.”
eDiscovery violates this provision “To transfer personal information to a third party acting as a controller, organizations must comply with the Notice and Choice Principles.   Organizations must also enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation.  The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate.”
eDiscovery really violates this provision “To transfer personal information to a third party acting as a controller, organizations must comply with the Notice and Choice Principles.   Organizations must also enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation.  The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate.”
So far, nobody has gotten burned . . . Yet Use at your own peril?
B. MLAT For requesting and obtaining evidence for criminal investigations and prosecutions Can be through Letters Rogatory or central authority – depending upon the specific treaty Need local expert help on this
US MLATS (EU member states in red) Antigua and Barb. Argentina Australia Austria Bahamas Barbados Belize Bermuda Brazil Bulgaria Canada China Cyprus Czech Rep. Denmark Dominica Egypt Estonia France Germany Greece Grenada Hong Kong Hungary India Ireland Israel Japan Latvia Liechtenstein Lithuania Luxembourg Malaysia Philippines Poland Romania Russia Saint Lucia South Africa St. Kitts and Nevis St. Vin. and Gren. Sweden Switzerland Trinidad and Tobago Ukraine United Kingdom Venezuela
C. Binding Corporate Rules
 Articles 46(2)(b) and 47 How do you get the other side to sign? (even assuming that they are a corporation)
D. Standard Contract Clauses
 Articles 46(2)(c) and 93(2) How do you get the other side to sign? Use as evidence creates an Onward Transfer problem Schrems is attacking these as well – CJEU also taken up this issue through Irish High Court
E. Hague Convention on the Taking of Evidence Abroad in Civil or Commercial Matters Goal of many signers was to limit scope of US discovery abroad Actively sponsored and signed by the US in 1972 Most, but not all of the EU has signed Full list here
Big problem = Art. 23 reservations “a contracting state may at the time of signature, ratification or accession declare that it will not execute letters of request issued for the purposes of obtaining pre-trial discovery of documents.” France, Germany, Spain, UK and the Netherlands plus others in EU all use this to block US discovery Check the official list 38
Essentially a way of asking politely* 39 It’s complicated: see ABA/NYSBA guidelines and forms here Draft Letter of Request (a/k/a “Letters Rogatory”**) Send to Central Authorities (there is a list, can use a service) Central Authorities send to local authorities Local authorities are supposed to compel custodian to comply Estimated to take 2-4 months (yes, really) * So, why hasn’t Canada signed up? ** Yes, this is confusing: Letters Rogatory predate the Convention and are usable with non- signers
40 To get good results Likely need to help the judge Make it easy to comply Not be a stereotypical loud-mouth, pushy American Be reasonable Be specific – narrow the request as much as possible Get help if you need it – especially local help! But best to start with agreement, and if not agreement get a court order
F. Letters Rogatory For countries that didn’t sign the Hague Convention And for those with HC Art. 23 reservations Again – is asking nicely Many hoops to jump through – same advice (do it right, get help, be nice, be specific!) No compulsory aspect Which, means that you need to expect it to take 6-12 months (yes, really!)
Work it out between the parties Get a court order if possible Be creative 42 G. Party Agreement
Questions and Answers Questions can be submitted using the “Questions” box in your GoToWebinar control panel ?
Ken Rashbaum krashbaum@barton.com 212-885-8836 BartonEsq.com Michael Simon michael.simon@seventhsamurai.com 508-429-0923 Twitter: @roninmike
More Resources: See a demo of Logikcull, the powerfully simple, highly secure eDiscovery and data management software. For technology and eDiscovery news and tips, interviews with judges and practitioners, and more, sign up for Logikcull’s blog, Closing the Loop. Text of the GDPR (English) Barton GDPR Compliance Group site

Recommandé

Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast
Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast
Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast
AltheimPrivacy
 
Cross-Border E-discovery: Navigating Rules and Regulations Across Multiple J...
Cross-Border E-discovery: Navigating Rules and Regulations Across Multiple J...Cross-Border E-discovery: Navigating Rules and Regulations Across Multiple J...
Cross-Border E-discovery: Navigating Rules and Regulations Across Multiple J...
rashbaum
 
Private International Legal Research An Introduction.
Private International Legal Research An Introduction.Private International Legal Research An Introduction.
Private International Legal Research An Introduction.
legalwebsite
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?
TAG Alliances
 
International Law - Can the ICJ protect and promote human rights
International Law - Can the ICJ protect and promote human rightsInternational Law - Can the ICJ protect and promote human rights
International Law - Can the ICJ protect and promote human rights
Harris Zainul
 
5 Ways Corporations Can Avoid International Liability
5 Ways Corporations Can Avoid International Liability5 Ways Corporations Can Avoid International Liability
5 Ways Corporations Can Avoid International Liability
Scueto77
 
International Legal Research
International Legal ResearchInternational Legal Research
International Legal Research
guest3565f40
 
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
AltheimPrivacy
 

Recommandé

Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast
Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast
Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast
AltheimPrivacy
 
Cross-Border E-discovery: Navigating Rules and Regulations Across Multiple J...
Cross-Border E-discovery: Navigating Rules and Regulations Across Multiple J...Cross-Border E-discovery: Navigating Rules and Regulations Across Multiple J...
Cross-Border E-discovery: Navigating Rules and Regulations Across Multiple J...
rashbaum
 
Private International Legal Research An Introduction.
Private International Legal Research An Introduction.Private International Legal Research An Introduction.
Private International Legal Research An Introduction.
legalwebsite
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?
TAG Alliances
 
International Law - Can the ICJ protect and promote human rights
International Law - Can the ICJ protect and promote human rightsInternational Law - Can the ICJ protect and promote human rights
International Law - Can the ICJ protect and promote human rights
Harris Zainul
 
5 Ways Corporations Can Avoid International Liability
5 Ways Corporations Can Avoid International Liability5 Ways Corporations Can Avoid International Liability
5 Ways Corporations Can Avoid International Liability
Scueto77
 
International Legal Research
International Legal ResearchInternational Legal Research
International Legal Research
guest3565f40
 
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
AltheimPrivacy
 
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
AltheimPrivacy
 
Workshop on Strengthening Legal Research and Writing Skills in the Area of In...
Workshop on Strengthening Legal Research and Writing Skills in the Area of In...Workshop on Strengthening Legal Research and Writing Skills in the Area of In...
Workshop on Strengthening Legal Research and Writing Skills in the Area of In...
Ghislaine Resplandy
 
uploadable
uploadableuploadable
uploadable
Alexandre Parrott-Mautner
 
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Freshfields
 
LAW3PIL- Public International Law
LAW3PIL- Public International LawLAW3PIL- Public International Law
LAW3PIL- Public International Law
La Trobe University Library- College of ASSC
 
Constitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUConstitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EU
David Erdos
 
Finding materials from International Courts and tribunals
Finding materials from International Courts and tribunalsFinding materials from International Courts and tribunals
Finding materials from International Courts and tribunals
Bodleian Law Library
 
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
David Erdos
 
Human rights law resources
Human rights law resources Human rights law resources
Human rights law resources
Bodleian Law Library
 
The Private International Law Dimension of the UN Principles on Business and ...
The Private International Law Dimension of the UN Principles on Business and ...The Private International Law Dimension of the UN Principles on Business and ...
The Private International Law Dimension of the UN Principles on Business and ...
Veerle Van Den Eeckhout
 
091809 Gov Team Due Process 50m
091809 Gov Team Due Process 50m091809 Gov Team Due Process 50m
091809 Gov Team Due Process 50m
Monta Vista High School
 
The ICJ
The ICJThe ICJ
The ICJ
mrjust88
 
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Amministratore Bluefactor
 
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Amministratore Bluefactor
 
Divorced in the United Kingdom
Divorced in the United KingdomDivorced in the United Kingdom
Divorced in the United Kingdom
Erum Khatoon
 
The Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscoveryThe Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscovery
J. David Morris
 
American Discovery In Foreign Courts (by L.O\'Naghten 2009)
American Discovery In Foreign Courts (by L.O\'Naghten 2009)American Discovery In Foreign Courts (by L.O\'Naghten 2009)
American Discovery In Foreign Courts (by L.O\'Naghten 2009)
onaghtenl
 
New Media Internet Expression and European Data Protection
New Media Internet Expression and European Data ProtectionNew Media Internet Expression and European Data Protection
New Media Internet Expression and European Data Protection
David Erdos
 
Conflict of laws & international contracts
Conflict of laws & international contractsConflict of laws & international contracts
Conflict of laws & international contracts
Akash Patel
 
Ch.01 private and public international law
Ch.01 private and public international lawCh.01 private and public international law
Ch.01 private and public international law
Asmatullah Kakar
 
Using GDPR to Transform Customer Experience
Using GDPR to Transform Customer ExperienceUsing GDPR to Transform Customer Experience
Using GDPR to Transform Customer Experience
MongoDB
 
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for DummiesDevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDays Riga
 

Contenu connexe

Tendances

Constitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUConstitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EU
David Erdos
 
Finding materials from International Courts and tribunals
Finding materials from International Courts and tribunalsFinding materials from International Courts and tribunals
Finding materials from International Courts and tribunals
Bodleian Law Library
 
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
David Erdos
 
The Private International Law Dimension of the UN Principles on Business and ...
The Private International Law Dimension of the UN Principles on Business and ...The Private International Law Dimension of the UN Principles on Business and ...
The Private International Law Dimension of the UN Principles on Business and ...
Veerle Van Den Eeckhout
 
Divorced in the United Kingdom
Divorced in the United KingdomDivorced in the United Kingdom
Divorced in the United Kingdom
Erum Khatoon
 
The Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscoveryThe Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscovery
J. David Morris
 
American Discovery In Foreign Courts (by L.O\'Naghten 2009)
American Discovery In Foreign Courts (by L.O\'Naghten 2009)American Discovery In Foreign Courts (by L.O\'Naghten 2009)
American Discovery In Foreign Courts (by L.O\'Naghten 2009)
onaghtenl
 
New Media Internet Expression and European Data Protection
New Media Internet Expression and European Data ProtectionNew Media Internet Expression and European Data Protection
New Media Internet Expression and European Data Protection
David Erdos
 
Ch.01 private and public international law
Ch.01 private and public international lawCh.01 private and public international law
Ch.01 private and public international law
Asmatullah Kakar
 

Tendances (20)

The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
 
Workshop on Strengthening Legal Research and Writing Skills in the Area of In...
Workshop on Strengthening Legal Research and Writing Skills in the Area of In...Workshop on Strengthening Legal Research and Writing Skills in the Area of In...
Workshop on Strengthening Legal Research and Writing Skills in the Area of In...
 
uploadable
uploadableuploadable
uploadable
 
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
 
LAW3PIL- Public International Law
LAW3PIL- Public International LawLAW3PIL- Public International Law
LAW3PIL- Public International Law
 
Constitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUConstitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EU
 
Finding materials from International Courts and tribunals
Finding materials from International Courts and tribunalsFinding materials from International Courts and tribunals
Finding materials from International Courts and tribunals
 
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
 
Human rights law resources
Human rights law resources Human rights law resources
Human rights law resources
 
The Private International Law Dimension of the UN Principles on Business and ...
The Private International Law Dimension of the UN Principles on Business and ...The Private International Law Dimension of the UN Principles on Business and ...
The Private International Law Dimension of the UN Principles on Business and ...
 
091809 Gov Team Due Process 50m
091809 Gov Team Due Process 50m091809 Gov Team Due Process 50m
091809 Gov Team Due Process 50m
 
The ICJ
The ICJThe ICJ
The ICJ
 
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
 
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
 
Divorced in the United Kingdom
Divorced in the United KingdomDivorced in the United Kingdom
Divorced in the United Kingdom
 
The Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscoveryThe Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscovery
 
American Discovery In Foreign Courts (by L.O\'Naghten 2009)
American Discovery In Foreign Courts (by L.O\'Naghten 2009)American Discovery In Foreign Courts (by L.O\'Naghten 2009)
American Discovery In Foreign Courts (by L.O\'Naghten 2009)
 
New Media Internet Expression and European Data Protection
New Media Internet Expression and European Data ProtectionNew Media Internet Expression and European Data Protection
New Media Internet Expression and European Data Protection
 
Conflict of laws & international contracts
Conflict of laws & international contractsConflict of laws & international contracts
Conflict of laws & international contracts
 
Ch.01 private and public international law
Ch.01 private and public international lawCh.01 private and public international law
Ch.01 private and public international law
 

En vedette

DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for DummiesDevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDays Riga
 
GDPR en Cloud security
GDPR en Cloud securityGDPR en Cloud security
GDPR en Cloud security
Delta-N
 
GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...
Ardoq
 
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
TrustArc
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
IDERA Software
 

En vedette (14)

Using GDPR to Transform Customer Experience
Using GDPR to Transform Customer ExperienceUsing GDPR to Transform Customer Experience
Using GDPR to Transform Customer Experience
 
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for DummiesDevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
 
GDPR en Cloud security
GDPR en Cloud securityGDPR en Cloud security
GDPR en Cloud security
 
2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final
 
Splunk: How Machine Data Supports GDPR Compliance
Splunk: How Machine Data Supports GDPR ComplianceSplunk: How Machine Data Supports GDPR Compliance
Splunk: How Machine Data Supports GDPR Compliance
 
GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...
 
Doing Business in Europe? GDPR: What you need to know and do
Doing Business in Europe? GDPR: What you need to know and doDoing Business in Europe? GDPR: What you need to know and do
Doing Business in Europe? GDPR: What you need to know and do
 
How is GDPR relevant for US companies
How is GDPR relevant for US companies How is GDPR relevant for US companies
How is GDPR relevant for US companies
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
GDPR i offentlige anskaffelser
GDPR i offentlige anskaffelserGDPR i offentlige anskaffelser
GDPR i offentlige anskaffelser
 
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify Guide
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
 

Similaire à Will the GDPR Kibosh EU-US Discovery?

The UK and EU Personal Data Regime After Brexit: Another Switzerland?
The UK and EU Personal Data Regime After Brexit: Another Switzerland?The UK and EU Personal Data Regime After Brexit: Another Switzerland?
The UK and EU Personal Data Regime After Brexit: Another Switzerland?
David Erdos
 
State Immunity - Human Rights Violation
State Immunity - Human Rights ViolationState Immunity - Human Rights Violation
State Immunity - Human Rights Violation
surrenderyourthrone
 
Conflict of laws in IPR
Conflict of laws in IPRConflict of laws in IPR
Conflict of laws in IPR
Ria Tandon
 
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastDRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
Michael Owen
 
The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...
Patton Boggs LLP
 
Access to competition file as a precondition of access to justice
Access to competition file as a precondition of access to justiceAccess to competition file as a precondition of access to justice
Access to competition file as a precondition of access to justice
Emanuela Matei
 
EU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information FlowEU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information Flow
David Erdos
 
Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...
David Erdos
 

Similaire à Will the GDPR Kibosh EU-US Discovery? (20)

Gvca internet jurisdiction_ssrn
Gvca internet jurisdiction_ssrnGvca internet jurisdiction_ssrn
Gvca internet jurisdiction_ssrn
 
LegalTech Cross Border Disputes
LegalTech Cross Border DisputesLegalTech Cross Border Disputes
LegalTech Cross Border Disputes
 
Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowden
 
Bridging U.S. Cross-Border Ediscovery Obligations and EU Data Protection Obli...
Bridging U.S. Cross-Border Ediscovery Obligations and EU Data Protection Obli...Bridging U.S. Cross-Border Ediscovery Obligations and EU Data Protection Obli...
Bridging U.S. Cross-Border Ediscovery Obligations and EU Data Protection Obli...
 
The UK and EU Personal Data Regime After Brexit: Another Switzerland?
The UK and EU Personal Data Regime After Brexit: Another Switzerland?The UK and EU Personal Data Regime After Brexit: Another Switzerland?
The UK and EU Personal Data Regime After Brexit: Another Switzerland?
 
State Immunity - Human Rights Violation
State Immunity - Human Rights ViolationState Immunity - Human Rights Violation
State Immunity - Human Rights Violation
 
Client Attorney Privilege
Client Attorney PrivilegeClient Attorney Privilege
Client Attorney Privilege
 
Conflict of laws in IPR
Conflict of laws in IPRConflict of laws in IPR
Conflict of laws in IPR
 
No Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyNo Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data Privacy
 
FINAL REPORT
FINAL REPORTFINAL REPORT
FINAL REPORT
 
EULA Agreements: Do They Fit All Latin American Countries?
EULA Agreements: Do They Fit All Latin American Countries?EULA Agreements: Do They Fit All Latin American Countries?
EULA Agreements: Do They Fit All Latin American Countries?
 
COURSE WORK-HUMAN RIGHTS.docx
COURSE WORK-HUMAN RIGHTS.docxCOURSE WORK-HUMAN RIGHTS.docx
COURSE WORK-HUMAN RIGHTS.docx
 
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastDRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
 
Evertio Schrems II
Evertio Schrems IIEvertio Schrems II
Evertio Schrems II
 
The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...
 
An Encyclopedia of Wiretaps
An Encyclopedia of WiretapsAn Encyclopedia of Wiretaps
An Encyclopedia of Wiretaps
 
Access to competition file as a precondition of access to justice
Access to competition file as a precondition of access to justiceAccess to competition file as a precondition of access to justice
Access to competition file as a precondition of access to justice
 
Bulletin - US-EU Data Privacy Safe Harbor Program Invalidated
Bulletin - US-EU Data Privacy Safe Harbor Program InvalidatedBulletin - US-EU Data Privacy Safe Harbor Program Invalidated
Bulletin - US-EU Data Privacy Safe Harbor Program Invalidated
 
EU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information FlowEU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information Flow
 
Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...
 

Plus de Logikcull.com

Plus de Logikcull.com (20)

Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
 
The Price of Defeat: Navigating the High-Stakes 'Loser Pays" Rule
The Price of Defeat: Navigating the High-Stakes 'Loser Pays" RuleThe Price of Defeat: Navigating the High-Stakes 'Loser Pays" Rule
The Price of Defeat: Navigating the High-Stakes 'Loser Pays" Rule
 
2017 eDiscovery Case Law Update
2017 eDiscovery Case Law Update2017 eDiscovery Case Law Update
2017 eDiscovery Case Law Update
 
Protecting Data in the Age of Cybercrime and Data Breach
Protecting Data in the Age of Cybercrime and Data BreachProtecting Data in the Age of Cybercrime and Data Breach
Protecting Data in the Age of Cybercrime and Data Breach
 
Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull Webinar: Preventing the #1 Litigation Risk Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull Webinar: Preventing the #1 Litigation Risk
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama Papers
 
Logikcull webcast 'Discovery Malpractice Is At Your Doorstep'
Logikcull webcast 'Discovery Malpractice Is At Your Doorstep'Logikcull webcast 'Discovery Malpractice Is At Your Doorstep'
Logikcull webcast 'Discovery Malpractice Is At Your Doorstep'
 
Bust These 4 Myths on Your Next Document Review
Bust These 4 Myths on Your Next Document ReviewBust These 4 Myths on Your Next Document Review
Bust These 4 Myths on Your Next Document Review
 
Social media and the future of e-discovery
Social media and the future of e-discoverySocial media and the future of e-discovery
Social media and the future of e-discovery
 
Aceds edrm social media law 4-14-15
Aceds edrm social media law 4-14-15 Aceds edrm social media law 4-14-15
Aceds edrm social media law 4-14-15
 
ACEDS-EDRM 4-15-15 Webcast
ACEDS-EDRM 4-15-15 WebcastACEDS-EDRM 4-15-15 Webcast
ACEDS-EDRM 4-15-15 Webcast
 
ACEDS-Streamline Litigation March 2015 Webcast
ACEDS-Streamline Litigation March 2015 WebcastACEDS-Streamline Litigation March 2015 Webcast
ACEDS-Streamline Litigation March 2015 Webcast
 
ACEDS 5 Simple Steps Webcast with Steve Levy
ACEDS 5 Simple Steps Webcast with Steve Levy ACEDS 5 Simple Steps Webcast with Steve Levy
ACEDS 5 Simple Steps Webcast with Steve Levy
 
Understanding the Value of Database Discovery - Beyond Unstructured Data
Understanding the Value of Database Discovery - Beyond Unstructured DataUnderstanding the Value of Database Discovery - Beyond Unstructured Data
Understanding the Value of Database Discovery - Beyond Unstructured Data
 
ACEDS March 2015 Members Only Webcast - Why What We Do Is Important
ACEDS March 2015 Members Only Webcast - Why What We Do Is ImportantACEDS March 2015 Members Only Webcast - Why What We Do Is Important
ACEDS March 2015 Members Only Webcast - Why What We Do Is Important
 
ACEDS-Driven March 2015 BYOD Webcast
ACEDS-Driven March 2015 BYOD WebcastACEDS-Driven March 2015 BYOD Webcast
ACEDS-Driven March 2015 BYOD Webcast
 
ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast
 
Custodian Interviews - How to Leverage a Valuable Opportunity
Custodian Interviews - How to Leverage a Valuable Opportunity Custodian Interviews - How to Leverage a Valuable Opportunity
Custodian Interviews - How to Leverage a Valuable Opportunity
 
ACEDS Information Governance Webcast 3-11-15
ACEDS Information Governance Webcast 3-11-15 ACEDS Information Governance Webcast 3-11-15
ACEDS Information Governance Webcast 3-11-15
 
TRU-ACEDS 3-4-15 Webcast Slides
TRU-ACEDS 3-4-15 Webcast SlidesTRU-ACEDS 3-4-15 Webcast Slides
TRU-ACEDS 3-4-15 Webcast Slides
 

Dernier

3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
seri bangash
 
INVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptxINVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptx
nyabatejosphat1
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 

Dernier (20)

Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptxPresentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
 
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
 
3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptx
 
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
 
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptxKEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
 
THE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labourTHE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labour
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
 
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptxAnalysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statute
 
Chp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptChp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .ppt
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo for
 
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
 
INVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptxINVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptx
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 

Will the GDPR Kibosh EU-US Discovery?

  • 1. Will the GDPR Kibosh EU-US Discovery? November 7, 2017
  • 2. Agenda Background: Societe Nationale and our history of giving deference to foreign legal interests, and then ignoring them How GDPR Article 48 may make US-EU eDiscovery much more difficult “So, what do I do now?” Practical advice for dealing with the uncertainty
  • 3. Presenters Ken Rashbaum Partner | Barton LLP Michael Simon Attorney and Consultant | Seventh Samurai
  • 4. 1. How GDPR Article 48 may make US-EU eDiscovery much more difficult
  • 5. Preface: International Legal Relations 101 • Discovery comes from Common Law (UK) system • Even then “Discovery in the federal court system is far broader than in most (maybe all) foreign countries” Heraeus v. Biomet, 633 F.3d 591 (7th Cir. 2011) • EU = typically no discovery or only through specific requests to judge • Also the whole rest of the World too . . . we just don’t have time today Image courtesy of California Globetrotter blog
  • 6. Preface: International Data Protection 101 • EU: current = EC 95/46 Data Protection Directive • EU soon = General Data Protection Regulation (May 25, 2018) • Many others (Russia, China, Qatar and Japan, more) - recently enacted or strengthened their rules • But again, we just have time for EU
  • 7. Preface: GDPR 101 • A uniform regulation (unlike DPD) • Jaw-droppingly huge potential fines • Broad definitions of “Personal data” • New data subject rights, including right to be forgotten • Data breach notification rules • Expansion of responsibility for processing - important for eDiscovery vendors who are often just Processors
  • 8. GDPR Article 48 Transfers or disclosures not authorised by Union law “Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may only be recognised or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State, without prejudice to other grounds for transfer pursuant to this Chapter.”
  • 9. Unknown: Is the Privacy Shield a qualifying “International Agreement?” Transfers or disclosures not authorised by Union law “Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may only be recognised or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State, without prejudice to other grounds for transfer pursuant to this Chapter.”
  • 10. Recital 115 (non-binding, but still important) Rules in third countries contrary to the Regulation Some third countries adopt laws, regulations and other legal acts which purport to directly regulate the processing activities of natural and legal persons under the jurisdiction of the Member States. This may include judgments of courts or tribunals or decisions of administrative authorities in third countries requiring a controller or processor to transfer or disclose personal data, and which are not based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State. The extraterritorial application of those laws, regulations and other legal acts may be in breach of international law and may impede the attainment of the protection of natural persons ensured in the Union by this Regulation. Transfers should only be allowed where the conditions of this Regulation for a transfer to third countries are met. This may be the case, inter alia, where disclosure is necessary for an important ground of public interest recognised in Union or Member State law to which the controller is subject.
  • 11. Discovery = Breach of GDPR? Rules in third countries contrary to the Regulation Some third countries adopt laws, regulations and other legal acts which purport to directly regulate the processing activities of natural and legal persons under the jurisdiction of the Member States. This may include judgments of courts or tribunals or decisions of administrative authorities in third countries requiring a controller or processor to transfer or disclose personal data, and which are not based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State. The extraterritorial application of those laws, regulations and other legal acts may be in breach of international law and may impede the attainment of the protection of natural persons ensured in the Union by this Regulation. Transfers should only be allowed where the conditions of this Regulation for a transfer to third countries are met. This may be the case, inter alia, where disclosure is necessary for an important ground of public interest recognised in Union or Member State law to which the controller is subject.
  • 12. “No aspect of the extension of the American legal system beyond the territorial frontier of the United States has given rise to so much friction as the requests for documents in investigation and litigation in the United States.” RESTATEMENT (THIRD) OF FOREIGN RELATIONS LAW OF THE UNITED STATES § 442, Reporters’ Notes ¶ 1 (1987). Blocking statutes Image courtesy of the ABA Journal of the Section of More than 15 blocking statutes France Germany Even the UK (and they created the common law system!)
  • 13. Article 29 Working Party “Working Document 1/2009 on pre-trial discovery for cross border civil litigation” Art. 29 WP = EU advisory body (name to be changed with GDPR) Legal Holds = Processing: “Although in the US the storage of personal data for litigation hold is not considered to be processing, under Directive 95/46 any retention, preservation, or archiving of data for such purposes would amount to processing.”
  • 14. Article 29 Working Party “Working Document 1/2009 on pre-trial discovery for cross border civil litigation” Legal Holds = potential violations of EU Data Protection laws “Controllers in the European Union have no legal ground to store personal data at random for an unlimited period of time because of the possibility of litigation in the United States . . ..”
  • 15. Just a paper tiger? For decades, no fines or harm done under blocking statutes
  • 16. In Re: Advocate Christopher X, French Supreme Court, 2008 • Complied with US court deposition request in Strauss v. Credit Lyonnais, S.A., 2000 U.S. Dist. Lexis 38378 (E.D.N.Y. May 25, 2007). • French attorney fined €10,000 for violating blocking statute 16
  • 17. 2. Background: Societe Nationale and our history of giving deference to foreign legal interests, and then ignoring them
  • 18. Societe Nationale Industrielle Aerospatiale v. US Dist Ct. SD IA, 482 US 522 (1987) “The World’s safest and most economical STOL plane” . . . . . . . crashed in Iowa Injured US fliers sought discovery from French manufacturers
  • 19. Respondents move to block, claim Hague Convention is exclusive means US Supreme Court on blocking statutes: “do not deprive an American court of the power to order a party subject to its jurisdiction to produce evidence even though the act of production may violate that statute.” On Hague convention: “not a pre-emptive replacement” or “first resort” but an optional procedure used when appropriate 19
  • 20. 5 factor comity test Restatement (Third) of Foreign Relations Law § 442(c) (1987) 1. The importance to the … litigation of the documents or other information requested; 2. The degree of the specificity of the request; 3. Whether the information originated in the United States; 4. The availability of alternative means of securing the information; and 5. The extent to which noncompliance with the request would undermine interests of the United States, or compliance with the request would undermine interests of the state where the information is located.
  • 21. “ . . . comity became a frivolous argument . . .” “For three decades . . . U.S. courts applied a balancing test to weigh the interests of foreign countries against U.S. interests, and ruled almost unanimously in favor of U.S. interests . . .” Diego Zambrano, A Comity of Errors: The Rise, Fall, and Return of International Comity in Transnational Discovery, 34 Berkeley J. Int’l Law. 157 (2016).
  • 22. US v. Microsoft likely to make this worse Stored Communications Act warrant (18 U.S.C. § 2703) Microsoft produced emails on US Cloud storage, but not in Ireland Drew massive anger from EU – especially Ireland Second Circuit vacated contempt order US DoJ got Supreme Court to accept Cert.
  • 23. 3. “So, what do I do now?” Practical advice for dealing with the uncertainty
  • 24. Options A. Privacy Shield B. MLAT C. Binding Corporate Rules D. Standard Contract Clauses E. Hague Convention F. Letters Rogatory G. Party agreement
  • 25. Agreement between EU and certain US agencies Available to companies under FTC and Department of Transportation jurisdiction (Not Telecoms or FinServ/banks) Replaces prior Safe Harbor – invalidated by Court of Justice of the European Union (CJEU) on suit by privacy activist Max Schrems A. Privacy Shield
  • 26. EU Privacy activists have filed lawsuits - CJEU takes up Schrems’ new case from Irish High Court (with Irish DPA support) Annual review found many problems, but “adequate” so far WP29 will soon issue opinion – have historically had negative view Cracked Shield?
  • 27. 1. Notice 2. Choice 3. Onward transfer 4. Security data 5. Integrity 6. Access  7. Enforcement  7 Key principles (inherited from Safe Harbor)
  • 28. 1. Notice 2. Choice 3. Onward transfer 4. Security data 5. Integrity 6. Access  7. Enforcement  7 Key principles (inherited from Safe Harbor)
  • 29. 3. ACCOUNTABILITY FOR ONWARD TRANSFER “To transfer personal information to a third party acting as a controller, organizations must comply with the Notice and Choice Principles.   Organizations must also enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation.  The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate.”
  • 30. eDiscovery violates this provision “To transfer personal information to a third party acting as a controller, organizations must comply with the Notice and Choice Principles.   Organizations must also enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation.  The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate.”
  • 31. eDiscovery really violates this provision “To transfer personal information to a third party acting as a controller, organizations must comply with the Notice and Choice Principles.   Organizations must also enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation.  The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate.”
  • 32. So far, nobody has gotten burned . . . Yet Use at your own peril?
  • 33. B. MLAT For requesting and obtaining evidence for criminal investigations and prosecutions Can be through Letters Rogatory or central authority – depending upon the specific treaty Need local expert help on this
  • 34. US MLATS (EU member states in red) Antigua and Barb. Argentina Australia Austria Bahamas Barbados Belize Bermuda Brazil Bulgaria Canada China Cyprus Czech Rep. Denmark Dominica Egypt Estonia France Germany Greece Grenada Hong Kong Hungary India Ireland Israel Japan Latvia Liechtenstein Lithuania Luxembourg Malaysia Philippines Poland Romania Russia Saint Lucia South Africa St. Kitts and Nevis St. Vin. and Gren. Sweden Switzerland Trinidad and Tobago Ukraine United Kingdom Venezuela
  • 35. C. Binding Corporate Rules
 Articles 46(2)(b) and 47 How do you get the other side to sign? (even assuming that they are a corporation)
  • 36. D. Standard Contract Clauses
 Articles 46(2)(c) and 93(2) How do you get the other side to sign? Use as evidence creates an Onward Transfer problem Schrems is attacking these as well – CJEU also taken up this issue through Irish High Court
  • 37. E. Hague Convention on the Taking of Evidence Abroad in Civil or Commercial Matters Goal of many signers was to limit scope of US discovery abroad Actively sponsored and signed by the US in 1972 Most, but not all of the EU has signed Full list here
  • 38. Big problem = Art. 23 reservations “a contracting state may at the time of signature, ratification or accession declare that it will not execute letters of request issued for the purposes of obtaining pre-trial discovery of documents.” France, Germany, Spain, UK and the Netherlands plus others in EU all use this to block US discovery Check the official list 38
  • 39. Essentially a way of asking politely* 39 It’s complicated: see ABA/NYSBA guidelines and forms here Draft Letter of Request (a/k/a “Letters Rogatory”**) Send to Central Authorities (there is a list, can use a service) Central Authorities send to local authorities Local authorities are supposed to compel custodian to comply Estimated to take 2-4 months (yes, really) * So, why hasn’t Canada signed up? ** Yes, this is confusing: Letters Rogatory predate the Convention and are usable with non- signers
  • 40. 40 To get good results Likely need to help the judge Make it easy to comply Not be a stereotypical loud-mouth, pushy American Be reasonable Be specific – narrow the request as much as possible Get help if you need it – especially local help! But best to start with agreement, and if not agreement get a court order
  • 41. F. Letters Rogatory For countries that didn’t sign the Hague Convention And for those with HC Art. 23 reservations Again – is asking nicely Many hoops to jump through – same advice (do it right, get help, be nice, be specific!) No compulsory aspect Which, means that you need to expect it to take 6-12 months (yes, really!)
  • 42. Work it out between the parties Get a court order if possible Be creative 42 G. Party Agreement
  • 43. Questions and Answers Questions can be submitted using the “Questions” box in your GoToWebinar control panel ?
  • 45. More Resources: See a demo of Logikcull, the powerfully simple, highly secure eDiscovery and data management software. For technology and eDiscovery news and tips, interviews with judges and practitioners, and more, sign up for Logikcull’s blog, Closing the Loop. Text of the GDPR (English) Barton GDPR Compliance Group site