Data Privacy, Cross-Border E-Discovery, and the Hybrid Solution

Chris Kruse

You could call the United States the epicenter of litigation. It’s an unfortunate, but inescapable, reality that our markets and business cultures drive a preponderance of international business litigation, so much so that we’re the world leader by a mile. The challenge for European and Asian corporations lies in the fact that many have U.S. headquarters or do business with companies here, which is when e-discovery becomes complex due to their national, local, or other pertinent data-privacy laws.

There are dramatic variations in data-privacy laws and requirements across countries, domains, and jurisdictions. For example, in Germany the requirements for collecting employee e-mail and electronic documents within one company may be completely different than those for the company next door, as those requirements are determined by each corporation’s works council.

In-country Collections
Many countries, works councils, and jurisdictions now require that the collection of electronically stored information (ESI) be done from within the borders of the country where that data is stored and its employees work. We have seen inside counsel in Mexican and Brazilian companies who don’t want their ESI to leave Mexico or Brazil. We often work and sit on panels—such as the upcoming Overcoming EU Data Privacy Challenges in Ediscovery at the Association for Corporate Counsel Annual Meeting in Los Angeles—with Dominic Jaar of KPMG-Canada to discuss this very topic.

An expert on Safe Harbor and cross-border e-discovery challenges, Jaar and his team help many European companies with their e-discovery by making use of Canada’s status as a virtual “data Switzerland” or a type of “discovery hub” for Safe Harbor compliance because its data-privacy laws are much closer to those of the EU than those of the U.S. The panel will also include Judge Shira Scheindlin from the U.S. District Court, S.D.N.Y., and David Goodis from the Office of the Information and Privacy Commissioner of Ontario.

Situated in the heart of a safe zone for European data, KPMG makes use of EnCase® eDiscovery to speed and simplify the collection and review of data from around the globe. EnCase eDiscovery has a unique “hybrid” architecture, which allows U.S. litigants to collect their European employees’ data remotely from Canada, cull that data in Canada, and then take advantage of the EnCase eDiscovery Review private cloud capabilities to review the case and its relevant ESI collaboratively from various points around the globe.

Collect, Cull, then Launch Private-cloud Review
In fact, any corporation can perform collections “in country” to meet data-privacy regulations with EnCase eDiscovery. Many of our customers collect inside their national boundaries and then put the small amount that must be reviewed into a private cloud. Overall, these capabilities minimize the amount of data for which they must gain employees’ consent before sending to the U.S. for processing and analysis.

How do you perform international e-discovery collection? We welcome notes on your own best practices in the Comments section below. 

Chris Kruse is the Vice President, E-Discovery at Guidance Software.

No comments :

Post a Comment