Site Navigation

Navigation - Events

Navigation - News

Navigation - Supporters

CGOC Faculty

Navigation - About CGOC

Navigation - CGOC PN

Important Topics

After the US Federal Rules related to information discovery were revised in December 2006, the scope and volume of information discovery have increased significantly - by as much as 60% according to Forrester Research. Unfortunately for global companies, the scope of this information discovery conflicts with cultural standards and legal duties in other countries. In the European Union, privacy and data protection laws prohibit processing and transport of data for purposes other than that which it was collected for, or by parties not able to meet EU standards, which makes US-driven discovery especially challenging and adds tremendous complication to basic company operations. Effective, jurisdiction-based information governance is required to understand, navigate, and rationalize the often-conflicted legal obligations over information. If you work in a global corporation, it's your imperative that you examine how your discovery practices, retention program and data protection obligations converge or conflict.

Two Key Conflicts in Discovery

October 23, 2008

In this working group, two key conflicts were explored to help legal departments reduce risk and cost.  The first conflict was the inherent differences in IT and Legal department points of view and processes which presents a tremendous challenge to preserving data efficiently and reliably.  The second conflict was the conflict of law between US discovery obligations and EU privacy laws.  With specific prohibitions against searching and transporting employee and customer data, companies have very tough choices when US litigation or discovery encompasses data beyond our shores.

Privacy Collisions with Retention and Preservation Obligations

Concerns for data privacy and protection are amplifying, driven by globally diverse values. As a result, enforcement of existing privacy standards is on the rise. Additionally, conflicts are escalating between newly enacted US litigation laws and European privacy concerns after the FRCP changes in December 2006. This paper includes an overview of the EU directives and potential conflicts with discovery practices, retention program and data protection obligations for global companies.

Data Protection and Privacy Rules

An overview of the European data protection laws and US privacy requirements and emerging standards in other regions and countries. Special focus is placed on permissible uses, transporting and processing data and the conflicts between discovery obligations and data protection rules as well as comparing of the varying, and sometimes conflicting, intentions and objectives of these laws.

EU Directive 95/46 on Privacy

European Union Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data was implemented in 1995 by the European Commission. Each country has their own data protection laws, however they all tie back to this.

EU Data Protection Laws by Country

View each European countries implementation of EU Directive 95/46 on Privacy.

Balancing Act - Retention, Discovery, Privacy

Focusing on reconciling and managing jurisdiction-driven legal requirements in a global corporation. Is it better to manage with a “one size fits all” approach to retention and data protection? Is it even possible…and what are the tradeoffs?

Binding Corporate Rules (BCRs) and Standard Clauses for Managing Data Movement Among Countries

A review of current practices for inter- and intra-company data movement and a candid discussion on the inherent difficulties and work arounds in “no win” situations.
Syndicate content