SlideShare a Scribd company logo

Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic discovery

ā€¢
ā€¢
Amministratore Bluefactor
Amministratore Bluefactor

Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic discovery

BusinessTechnology
1 of 16
Electronic Discovery GENEVA GROUP INTERNATIONAL European Conference - Lisbon, Portugal - April 19, 2013 Att. Patrizia GIANNINI Electronic Discovery (EU versus US)
Discovery is the process of: identifying preserving collecting preparing reviewingreviewing producing informationinformationinformationinformation in the context of litigation.... Electronic Discovery (E-Discovery) is the same, but includes Electronically Stored Information (ā€œESIā€)(ā€œESIā€)(ā€œESIā€)(ā€œESIā€)
Some examples of ESI - electronically stored information - are: emails word documents power point presentations excel sheetsexcel sheets social media posts voice mail and videos All official records (medical, banking, tax, property)
EEEE----discovery in the European Uniondiscovery in the European Uniondiscovery in the European Uniondiscovery in the European Union The EU has one of the strictest data protection systems in the world. In the EU data protection is A HUMAN RIGHTA HUMAN RIGHTA HUMAN RIGHTA HUMAN RIGHT and is protected by article 8 of the Charter of Fundamental Rights of The EU.Charter of Fundamental Rights of The EU.Charter of Fundamental Rights of The EU.Charter of Fundamental Rights of The EU.
The controlling law in the EU is the Data Protection Directive 95/46/ECData Protection Directive 95/46/ECData Protection Directive 95/46/ECData Protection Directive 95/46/EC All national member States have adopted this directive; some States have gone further in personal data protection. There are quite a lot of differences in implementation of the Directive: France, Germany, Spain, and Italy have stricter rules, while thehave stricter rules, while the UK has a broader interpretation. As with many EU directives, individual States differ in the application of this directive, so one must determine which national law is applicable in any given situation. On January 25, 2012, the European Commission proposed a new Data Protection Regulation, which should replace Directive 95/46/EC.
Directive 95/46/EC regulates the processing of ā€œpersonal dataā€ that is ā€œany information relating to an identified or identifiable natural person or ā€œdata subjectā€ā€ (Art. 2 (a) Dir. 95/46/EC). For example, in EUFor example, in EU an email address is ā€œpersonal dataā€. ā€œSensitive Personal Dataā€ is personal data that reveals ā€œracial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of data concerning health or sex lifeā€.
Processing such data is, in principle, prohibited, (with few exceptions - Art. 8 of Dir. 95/46/EC). There must be a legal basis to discover personal data. There are only two legitimate bases for processing personal data under 95/46/EC: 1. informed and freely given consent by the person/entity 2. legitimate interest of the data controller, balanced with the fundamental2. legitimate interest of the data controller, balanced with the fundamental rights of the person/entity. E-discovery is a ā€œlegitimate interestā€, but for sensitive personal data, consent is the only legitimate basis for e-discovery, and it must be explicit, not implied.
The US Rules of Civil Procedure control discoveryā€”and E-discoveryā€”of documents and things in a partyā€™s possession, custody or control. EEEE----discoverydiscoverydiscoverydiscoveryin the USin the USin the USin the US The US Rules of Civil Procedure control discoveryā€”and E-discoveryā€”of documents and things in a partyā€™s possession, custody or control. In general, a party may request the other party to produce (inspect, copy, test) the following items: ā€¢ any requested documents or electronically stored information, including translation thereof ā€¢ any requested tangible things to permit entry and inspection onto identified land, buildings, or other property. In principle, any non-confidential matter that is relevant, is discoverable even if it is not admissible as evidence, as long as it ā€œmay lead to the discovery of admissible evidenceā€.
EU vs US ā€“ The differences in discovery The US has the broadest civil discovery procedure in the world.The US has the broadest civil discovery procedure in the world. None of the other Common Law countries, such as the United Kingdom, Australia and Canada, have such a wide scope of discovery and in most of the Civil Code countries, such as Europe and Latin America, the concept of discovery obligations is almost unknown.
When e-Discovery is conducted outside of the US, for example in a foreign affiliate of a US company, the basic procedure is the same. However, there are many complications due to different laws that apply when data is requested from other countries. Many non-US countries have laws protecting data from being collected from/exported to another country. To a US lawyer, working with such broad discovery rules, the EU system seems tooooooooooooo closed off!!! There is a serious problem for US firms with affiliates in EU countries, when they get involved in civil litigation within the US: On one hand, US rules require retention and production of all relevant data, even data located outside of the US, or risk severe penalties by the Courts in case of ā€œspoliationā€ (failure tooutside of the US, or risk severe penalties by the Courts in case of ā€œspoliationā€ (failure to preserve data) On the other hand, EU data protection laws require strict data protection rules for ā€œpersonal dataā€ of their residents, which seriously restricts processing of this data and transfer of this data to ā€œnon-adequateā€ countries (US) outside of the EU, with risks of costly fines in case of violation. So, what can we do????
Possible solutions to this DILEMMA 1) The EU should filter and review ESI for relevance. 2) Personal data should be anonymized. 3) The parties should obtain protective orders and ā€œfilings under sealā€ from US courts to protect data from outsiders. 4) A notice should be sent to all employees/customers whose emails or other data are collected. These people have a right to know that information is being collected about him/her.to know that information is being collected about him/her. 5) Data Controllers (parties, law firms and courts) should take reasonable measures to protect personal data from unauthorized access. 6) If the collection of e-discovery is delegated to an outsider, there must be a written agreement for confidentiality and security, including how the data is used, kept and retained.
Transfer of Personal data from EU to US How it works As stated above, there must be a legal basis for transfer of personal data outside the EU, which can be done by consent from the person involved transferring the data to a ā€œSafe Harborā€-certified company in the US, transferring the data under standard contractual clauses, transferring them to companies that have binding corporate rules in place. transferring the data under standard contractual clauses, transferring them to companies that have binding corporate rules in place. The question remains, however, as to how this personal data may be legally transferred to opposing counsel and to the Court; you should request a protective order from the Court to guarantee a degree of privacy.
ConclusionConclusionConclusionConclusion US affiliate firms in the EU who have to follow e-discovery rules, and simultaneously follow EU data protections laws, are in a conflict. Under the US Rules, including the spoliation rule (failure to preserve data), US Courts have great power to apply whatever punishment they choose, including costly fines, ā€œadverse inferencesā€ (jury assumes missing ESI is adverse to the person who lost the evidence), and even dismissing the case.person who lost the evidence), and even dismissing the case. Over the past few years, case law has shown that US Judges are imposing more sanctions on parties who have ā€œspoiledā€ ESI. These rules apply to all relevant ESI issues in the US, regardless of their geographical location or local laws.
Therefore, US affiliates in the EU must have a discovery preservation procedure, since the mere expectation of a lawsuit obligates a party to preserve ESI data. US affiliate firms must also have proper management systems for ā€œinformation governance.ā€ Since storage of ESI has become so inexpensive, the tendency has been to store everything, forever.to store everything, forever. This can be disastrous since, after a lawsuit begins, nothing potentially relevant may be deleted. Therefore, a company may have to pay a high price to process enormous amounts of useless information. To save money, these affiliates should invest in ā€œinformation governance,ā€ (deciding which data will be preserved for how long). This should be tailored to the company, and the type of industry and its regulatory/ business requirements.
In the context of EU data protection rules, US affiliates risk investigation and fines/sanctions by local data protection authorities. The extent of the risk depends on the country where the ESI is located; for example, if the ESI is in Germany, the risk is much higher than if it is in the UK. Most data protection authorities are understaffed and underfinanced, andMost data protection authorities are understaffed and underfinanced, and there have been complaints about lack of compliance and/or enforcement. For example, a 2011 study in France showed that 82% of French enterprises do not obey the French Data Protection Act of 2004.
But with the recent major changes to EU data protection laws,But with the recent major changes to EU data protection laws, including strengthening the ESI subjectā€™s rights and increasingincluding strengthening the ESI subjectā€™s rights and increasing enforcement of the law, companies should make sure they haveenforcement of the law, companies should make sure they have the rightthe right ESI preservation systemsESI preservation systems.. US courts have decided that merely because a company hasUS courts have decided that merely because a company has outsourced ESI dataoutsourced ESI data, the company still must comply with the, the company still must comply with the rules for Erules for E--discovery.discovery. Companies will have to do a caseCompanies will have to do a case--byby--casecase ā€œbalancing testā€ā€œbalancing testā€ betweenbetweenCompanies will have to do a caseCompanies will have to do a case--byby--casecase ā€œbalancing testā€ā€œbalancing testā€ betweenbetween the risks of compliance with the US rules, and the risks of nonthe risks of compliance with the US rules, and the risks of non-- compliance with the EU data protection laws.compliance with the EU data protection laws. Perhaps the US courts and the EU data protection authorities shouldPerhaps the US courts and the EU data protection authorities should do this balancing test, when companies find themselves in thisdo this balancing test, when companies find themselves in this conflict ā€¦conflict ā€¦ perhaps!perhaps!

Recommended

No Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyNo Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyKate Chan
Ā 
Data Protection Guide ā€“ What are your rights as a citizen?
Data Protection Guide ā€“ What are your rights as a citizen?Data Protection Guide ā€“ What are your rights as a citizen?
Data Protection Guide ā€“ What are your rights as a citizen?Edouard Nguyen
Ā 
Factsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenFactsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenEdouard Nguyen
Ā 
Are you compliant?
Are you compliant?Are you compliant?
Are you compliant?Gabrielė Songin
Ā 
Didier Reynders letter to the EU Parliament
Didier Reynders letter to the EU ParliamentDidier Reynders letter to the EU Parliament
Didier Reynders letter to the EU ParliamentLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
Ā 
Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India SadanandGahivare
Ā 
Thomas M. Susman,Ppt
Thomas M. Susman,PptThomas M. Susman,Ppt
Thomas M. Susman,Pptguestbc7697
Ā 
Board Priorities for GDPR Implementation
Board Priorities for GDPR ImplementationBoard Priorities for GDPR Implementation
Board Priorities for GDPR ImplementationJoseph V. Moreno
Ā 

Recommended

No Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyNo Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyKate Chan
Ā 
Data Protection Guide ā€“ What are your rights as a citizen?
Data Protection Guide ā€“ What are your rights as a citizen?Data Protection Guide ā€“ What are your rights as a citizen?
Data Protection Guide ā€“ What are your rights as a citizen?Edouard Nguyen
Ā 
Factsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenFactsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenEdouard Nguyen
Ā 
Are you compliant?
Are you compliant?Are you compliant?
Are you compliant?Gabrielė Songin
Ā 
Didier Reynders letter to the EU Parliament
Didier Reynders letter to the EU ParliamentDidier Reynders letter to the EU Parliament
Didier Reynders letter to the EU ParliamentLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
Ā 
Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India SadanandGahivare
Ā 
Thomas M. Susman,Ppt
Thomas M. Susman,PptThomas M. Susman,Ppt
Thomas M. Susman,Pptguestbc7697
Ā 
Board Priorities for GDPR Implementation
Board Priorities for GDPR ImplementationBoard Priorities for GDPR Implementation
Board Priorities for GDPR ImplementationJoseph V. Moreno
Ā 
Maeve Mc Donagh
Maeve Mc DonaghMaeve Mc Donagh
Maeve Mc Donaghguestbc7697
Ā 
Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Faidepro
Ā 
Anonymous Whistleblowing Systems and European Union Data Protection Measures
Anonymous Whistleblowing Systems and European Union Data Protection MeasuresAnonymous Whistleblowing Systems and European Union Data Protection Measures
Anonymous Whistleblowing Systems and European Union Data Protection MeasuresBusiness Controls, Inc.
Ā 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldParsons Behle & Latimer
Ā 
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...Freshfields
Ā 
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...Dr. Oliver Massmann
Ā 
Francesca Fanucci, Ppt
Francesca Fanucci, PptFrancesca Fanucci, Ppt
Francesca Fanucci, Pptguestbc7697
Ā 
"Information Compliance - Freedom of Information, Data Protection and Librari...
"Information Compliance - Freedom of Information, Data Protection and Librari..."Information Compliance - Freedom of Information, Data Protection and Librari...
"Information Compliance - Freedom of Information, Data Protection and Librari...Terry O'Brien
Ā 
Legislation
LegislationLegislation
Legislationmegabyte
Ā 
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDavid Erdos
Ā 
Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake Morgan
Ā 
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...ioannis iglezakis
Ā 
GDPR, DPAs and the Journalistic Media: Walking the Regulatory Tightrope
GDPR, DPAs and the Journalistic Media: Walking the Regulatory TightropeGDPR, DPAs and the Journalistic Media: Walking the Regulatory Tightrope
GDPR, DPAs and the Journalistic Media: Walking the Regulatory TightropeDavid Erdos
Ā 
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018TRA - Tax Representative Alliance
Ā 
GDPR: data needs to be in safe hands
GDPR: data needs to be in safe hands GDPR: data needs to be in safe hands
GDPR: data needs to be in safe hands legalandgeneral
Ā 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)BenjaminShalevSalovi
Ā 
Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...David Erdos
Ā 
FINAL REPORT
FINAL REPORTFINAL REPORT
FINAL REPORTMartina Lindblad
Ā 
Constitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUConstitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUDavid Erdos
Ā 
What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!catherinecoulter
Ā 
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Amministratore Bluefactor
Ā 
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNION
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNIONENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNION
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNIONQudsiyah Munir
Ā 

More Related Content

What's hot

Maeve Mc Donagh
Maeve Mc DonaghMaeve Mc Donagh
Maeve Mc Donaghguestbc7697
Ā 
Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Faidepro
Ā 
Anonymous Whistleblowing Systems and European Union Data Protection Measures
Anonymous Whistleblowing Systems and European Union Data Protection MeasuresAnonymous Whistleblowing Systems and European Union Data Protection Measures
Anonymous Whistleblowing Systems and European Union Data Protection MeasuresBusiness Controls, Inc.
Ā 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldParsons Behle & Latimer
Ā 
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...Freshfields
Ā 
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...Dr. Oliver Massmann
Ā 
Francesca Fanucci, Ppt
Francesca Fanucci, PptFrancesca Fanucci, Ppt
Francesca Fanucci, Pptguestbc7697
Ā 
"Information Compliance - Freedom of Information, Data Protection and Librari...
"Information Compliance - Freedom of Information, Data Protection and Librari..."Information Compliance - Freedom of Information, Data Protection and Librari...
"Information Compliance - Freedom of Information, Data Protection and Librari...Terry O'Brien
Ā 
Legislation
LegislationLegislation
Legislationmegabyte
Ā 
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDavid Erdos
Ā 
Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake Morgan
Ā 
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...ioannis iglezakis
Ā 
GDPR, DPAs and the Journalistic Media: Walking the Regulatory Tightrope
GDPR, DPAs and the Journalistic Media: Walking the Regulatory TightropeGDPR, DPAs and the Journalistic Media: Walking the Regulatory Tightrope
GDPR, DPAs and the Journalistic Media: Walking the Regulatory TightropeDavid Erdos
Ā 
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018TRA - Tax Representative Alliance
Ā 
GDPR: data needs to be in safe hands
GDPR: data needs to be in safe hands GDPR: data needs to be in safe hands
GDPR: data needs to be in safe hands legalandgeneral
Ā 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)BenjaminShalevSalovi
Ā 
Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...David Erdos
Ā 
Constitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUConstitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUDavid Erdos
Ā 
What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!catherinecoulter
Ā 

What's hot (20)

Maeve Mc Donagh
Maeve Mc DonaghMaeve Mc Donagh
Maeve Mc Donagh
Ā 
Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)
Ā 
Anonymous Whistleblowing Systems and European Union Data Protection Measures
Anonymous Whistleblowing Systems and European Union Data Protection MeasuresAnonymous Whistleblowing Systems and European Union Data Protection Measures
Anonymous Whistleblowing Systems and European Union Data Protection Measures
Ā 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy Shield
Ā 
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Raising the EU Data Protection Laws in a U.S. Litigation: A Guidepost for the...
Ā 
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...
Lawyer in Vietnam Dr. Oliver Massmann COMPLIANCE and CLEAR CONSENT - New EU G...
Ā 
Francesca Fanucci, Ppt
Francesca Fanucci, PptFrancesca Fanucci, Ppt
Francesca Fanucci, Ppt
Ā 
"Information Compliance - Freedom of Information, Data Protection and Librari...
"Information Compliance - Freedom of Information, Data Protection and Librari..."Information Compliance - Freedom of Information, Data Protection and Librari...
"Information Compliance - Freedom of Information, Data Protection and Librari...
Ā 
Legislation
LegislationLegislation
Legislation
Ā 
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Ā 
Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012
Ā 
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
Ā 
GDPR, DPAs and the Journalistic Media: Walking the Regulatory Tightrope
GDPR, DPAs and the Journalistic Media: Walking the Regulatory TightropeGDPR, DPAs and the Journalistic Media: Walking the Regulatory Tightrope
GDPR, DPAs and the Journalistic Media: Walking the Regulatory Tightrope
Ā 
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018
"The EU General Data Protection Regulation: GDPR" - TRA Annual Meeting 2018
Ā 
GDPR: data needs to be in safe hands
GDPR: data needs to be in safe hands GDPR: data needs to be in safe hands
GDPR: data needs to be in safe hands
Ā 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
Ā 
Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...Comparing EU and Council of Europe Data Protection Standards in the Context o...
Comparing EU and Council of Europe Data Protection Standards in the Context o...
Ā 
FINAL REPORT
FINAL REPORTFINAL REPORT
FINAL REPORT
Ā 
Constitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUConstitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EU
Ā 
What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!
Ā 

Similar to Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic discovery

Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Amministratore Bluefactor
Ā 
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNION
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNIONENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNION
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNIONQudsiyah Munir
Ā 
Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Agustin Argelich Casals
Ā 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard
Ā 
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010mleyden
Ā 
Data_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UKData_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UKSally Hunt
Ā 
Data Security Law and Management.pdf
Data Security Law and Management.pdfData Security Law and Management.pdf
Data Security Law and Management.pdfMeshalALshammari12
Ā 
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...John Nas
Ā 
30-31 BB Nov_Dec14 (3)
30-31 BB Nov_Dec14 (3)30-31 BB Nov_Dec14 (3)
30-31 BB Nov_Dec14 (3)Adriana Sanford
Ā 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4Wynthorpe
Ā 
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...AltheimPrivacy
Ā 
Sovereignty: the state of data
Sovereignty: the state of dataSovereignty: the state of data
Sovereignty: the state of datadan hyde
Ā 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINamiable_indian
Ā 
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...AltheimPrivacy
Ā 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012lilianedwards
Ā 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsThe Economist Media Businesses
Ā 
Data Protection Act
Data Protection ActData Protection Act
Data Protection ActYizi
Ā 
Privacy, human rights and Location Based Services
Privacy, human rights and Location Based ServicesPrivacy, human rights and Location Based Services
Privacy, human rights and Location Based Servicesblogzilla
Ā 

Similar to Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic discovery (20)

Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Ā 
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNION
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNIONENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNION
ENCRYPTION LAWS AND COMPLIANCE FOR THE EUROPEAN UNION
Ā 
Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16
Ā 
[REPORT PREVIEW] GDPR Beyond May 25, 2018
[REPORT PREVIEW] GDPR Beyond May 25, 2018[REPORT PREVIEW] GDPR Beyond May 25, 2018
[REPORT PREVIEW] GDPR Beyond May 25, 2018
Ā 
Data Protection Factsheet
Data Protection FactsheetData Protection Factsheet
Data Protection Factsheet
Ā 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Ā 
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010
Ā 
Data_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UKData_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UK
Ā 
Data Security Law and Management.pdf
Data Security Law and Management.pdfData Security Law and Management.pdf
Data Security Law and Management.pdf
Ā 
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Ā 
30-31 BB Nov_Dec14 (3)
30-31 BB Nov_Dec14 (3)30-31 BB Nov_Dec14 (3)
30-31 BB Nov_Dec14 (3)
Ā 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4
Ā 
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
Ā 
Sovereignty: the state of data
Sovereignty: the state of dataSovereignty: the state of data
Sovereignty: the state of data
Ā 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
Ā 
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
Ā 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012
Ā 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next steps
Ā 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Act
Ā 
Privacy, human rights and Location Based Services
Privacy, human rights and Location Based ServicesPrivacy, human rights and Location Based Services
Privacy, human rights and Location Based Services
Ā 

Recently uploaded

Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
Ā 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with CultureSeta Wicaksana
Ā 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
Ā 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
Ā 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756dollysharma2066
Ā 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
Ā 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfAdmir Softic
Ā 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
Ā 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
Ā 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
Ā 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
Ā 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
Ā 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
Ā 
Chandigarh Escorts Service šŸ“ž8868886958šŸ“ž JustšŸ“² Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service šŸ“ž8868886958šŸ“ž JustšŸ“² Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service šŸ“ž8868886958šŸ“ž JustšŸ“² Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service šŸ“ž8868886958šŸ“ž JustšŸ“² Call Nihal Chandigarh Call Girl...Sheetaleventcompany
Ā 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
Ā 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Trucks in Minnesota
Ā 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperityhemanthkumar470700
Ā 
Call Girls Hebbal Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Service Bangaloreamitlee9823
Ā 

Recently uploaded (20)

Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
Ā 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
Ā 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Ā 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Ā 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
Ā 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
Ā 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Ā 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Ā 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Ā 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
Ā 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
Ā 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Ā 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
Ā 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
Ā 
Chandigarh Escorts Service šŸ“ž8868886958šŸ“ž JustšŸ“² Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service šŸ“ž8868886958šŸ“ž JustšŸ“² Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service šŸ“ž8868886958šŸ“ž JustšŸ“² Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service šŸ“ž8868886958šŸ“ž JustšŸ“² Call Nihal Chandigarh Call Girl...
Ā 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
Ā 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
Ā 
VVVIP Call Girls In Greater Kailash āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
VVVIP Call Girls In Greater Kailash āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...VVVIP Call Girls In Greater Kailash āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
VVVIP Call Girls In Greater Kailash āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
Ā 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperity
Ā 
Call Girls Hebbal Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Service Bangalore
Ā 

Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic discovery

  • 1. Electronic Discovery GENEVA GROUP INTERNATIONAL European Conference - Lisbon, Portugal - April 19, 2013 Att. Patrizia GIANNINI Electronic Discovery (EU versus US)
  • 2. Discovery is the process of: identifying preserving collecting preparing reviewingreviewing producing informationinformationinformationinformation in the context of litigation.... Electronic Discovery (E-Discovery) is the same, but includes Electronically Stored Information (ā€œESIā€)(ā€œESIā€)(ā€œESIā€)(ā€œESIā€)
  • 3. Some examples of ESI - electronically stored information - are: emails word documents power point presentations excel sheetsexcel sheets social media posts voice mail and videos All official records (medical, banking, tax, property)
  • 4. EEEE----discovery in the European Uniondiscovery in the European Uniondiscovery in the European Uniondiscovery in the European Union The EU has one of the strictest data protection systems in the world. In the EU data protection is A HUMAN RIGHTA HUMAN RIGHTA HUMAN RIGHTA HUMAN RIGHT and is protected by article 8 of the Charter of Fundamental Rights of The EU.Charter of Fundamental Rights of The EU.Charter of Fundamental Rights of The EU.Charter of Fundamental Rights of The EU.
  • 5. The controlling law in the EU is the Data Protection Directive 95/46/ECData Protection Directive 95/46/ECData Protection Directive 95/46/ECData Protection Directive 95/46/EC All national member States have adopted this directive; some States have gone further in personal data protection. There are quite a lot of differences in implementation of the Directive: France, Germany, Spain, and Italy have stricter rules, while thehave stricter rules, while the UK has a broader interpretation. As with many EU directives, individual States differ in the application of this directive, so one must determine which national law is applicable in any given situation. On January 25, 2012, the European Commission proposed a new Data Protection Regulation, which should replace Directive 95/46/EC.
  • 6. Directive 95/46/EC regulates the processing of ā€œpersonal dataā€ that is ā€œany information relating to an identified or identifiable natural person or ā€œdata subjectā€ā€ (Art. 2 (a) Dir. 95/46/EC). For example, in EUFor example, in EU an email address is ā€œpersonal dataā€. ā€œSensitive Personal Dataā€ is personal data that reveals ā€œracial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of data concerning health or sex lifeā€.
  • 7. Processing such data is, in principle, prohibited, (with few exceptions - Art. 8 of Dir. 95/46/EC). There must be a legal basis to discover personal data. There are only two legitimate bases for processing personal data under 95/46/EC: 1. informed and freely given consent by the person/entity 2. legitimate interest of the data controller, balanced with the fundamental2. legitimate interest of the data controller, balanced with the fundamental rights of the person/entity. E-discovery is a ā€œlegitimate interestā€, but for sensitive personal data, consent is the only legitimate basis for e-discovery, and it must be explicit, not implied.
  • 8. The US Rules of Civil Procedure control discoveryā€”and E-discoveryā€”of documents and things in a partyā€™s possession, custody or control. EEEE----discoverydiscoverydiscoverydiscoveryin the USin the USin the USin the US The US Rules of Civil Procedure control discoveryā€”and E-discoveryā€”of documents and things in a partyā€™s possession, custody or control. In general, a party may request the other party to produce (inspect, copy, test) the following items: ā€¢ any requested documents or electronically stored information, including translation thereof ā€¢ any requested tangible things to permit entry and inspection onto identified land, buildings, or other property. In principle, any non-confidential matter that is relevant, is discoverable even if it is not admissible as evidence, as long as it ā€œmay lead to the discovery of admissible evidenceā€.
  • 9. EU vs US ā€“ The differences in discovery The US has the broadest civil discovery procedure in the world.The US has the broadest civil discovery procedure in the world. None of the other Common Law countries, such as the United Kingdom, Australia and Canada, have such a wide scope of discovery and in most of the Civil Code countries, such as Europe and Latin America, the concept of discovery obligations is almost unknown.
  • 10. When e-Discovery is conducted outside of the US, for example in a foreign affiliate of a US company, the basic procedure is the same. However, there are many complications due to different laws that apply when data is requested from other countries. Many non-US countries have laws protecting data from being collected from/exported to another country. To a US lawyer, working with such broad discovery rules, the EU system seems tooooooooooooo closed off!!! There is a serious problem for US firms with affiliates in EU countries, when they get involved in civil litigation within the US: On one hand, US rules require retention and production of all relevant data, even data located outside of the US, or risk severe penalties by the Courts in case of ā€œspoliationā€ (failure tooutside of the US, or risk severe penalties by the Courts in case of ā€œspoliationā€ (failure to preserve data) On the other hand, EU data protection laws require strict data protection rules for ā€œpersonal dataā€ of their residents, which seriously restricts processing of this data and transfer of this data to ā€œnon-adequateā€ countries (US) outside of the EU, with risks of costly fines in case of violation. So, what can we do????
  • 11. Possible solutions to this DILEMMA 1) The EU should filter and review ESI for relevance. 2) Personal data should be anonymized. 3) The parties should obtain protective orders and ā€œfilings under sealā€ from US courts to protect data from outsiders. 4) A notice should be sent to all employees/customers whose emails or other data are collected. These people have a right to know that information is being collected about him/her.to know that information is being collected about him/her. 5) Data Controllers (parties, law firms and courts) should take reasonable measures to protect personal data from unauthorized access. 6) If the collection of e-discovery is delegated to an outsider, there must be a written agreement for confidentiality and security, including how the data is used, kept and retained.
  • 12. Transfer of Personal data from EU to US How it works As stated above, there must be a legal basis for transfer of personal data outside the EU, which can be done by consent from the person involved transferring the data to a ā€œSafe Harborā€-certified company in the US, transferring the data under standard contractual clauses, transferring them to companies that have binding corporate rules in place. transferring the data under standard contractual clauses, transferring them to companies that have binding corporate rules in place. The question remains, however, as to how this personal data may be legally transferred to opposing counsel and to the Court; you should request a protective order from the Court to guarantee a degree of privacy.
  • 13. ConclusionConclusionConclusionConclusion US affiliate firms in the EU who have to follow e-discovery rules, and simultaneously follow EU data protections laws, are in a conflict. Under the US Rules, including the spoliation rule (failure to preserve data), US Courts have great power to apply whatever punishment they choose, including costly fines, ā€œadverse inferencesā€ (jury assumes missing ESI is adverse to the person who lost the evidence), and even dismissing the case.person who lost the evidence), and even dismissing the case. Over the past few years, case law has shown that US Judges are imposing more sanctions on parties who have ā€œspoiledā€ ESI. These rules apply to all relevant ESI issues in the US, regardless of their geographical location or local laws.
  • 14. Therefore, US affiliates in the EU must have a discovery preservation procedure, since the mere expectation of a lawsuit obligates a party to preserve ESI data. US affiliate firms must also have proper management systems for ā€œinformation governance.ā€ Since storage of ESI has become so inexpensive, the tendency has been to store everything, forever.to store everything, forever. This can be disastrous since, after a lawsuit begins, nothing potentially relevant may be deleted. Therefore, a company may have to pay a high price to process enormous amounts of useless information. To save money, these affiliates should invest in ā€œinformation governance,ā€ (deciding which data will be preserved for how long). This should be tailored to the company, and the type of industry and its regulatory/ business requirements.
  • 15. In the context of EU data protection rules, US affiliates risk investigation and fines/sanctions by local data protection authorities. The extent of the risk depends on the country where the ESI is located; for example, if the ESI is in Germany, the risk is much higher than if it is in the UK. Most data protection authorities are understaffed and underfinanced, andMost data protection authorities are understaffed and underfinanced, and there have been complaints about lack of compliance and/or enforcement. For example, a 2011 study in France showed that 82% of French enterprises do not obey the French Data Protection Act of 2004.
  • 16. But with the recent major changes to EU data protection laws,But with the recent major changes to EU data protection laws, including strengthening the ESI subjectā€™s rights and increasingincluding strengthening the ESI subjectā€™s rights and increasing enforcement of the law, companies should make sure they haveenforcement of the law, companies should make sure they have the rightthe right ESI preservation systemsESI preservation systems.. US courts have decided that merely because a company hasUS courts have decided that merely because a company has outsourced ESI dataoutsourced ESI data, the company still must comply with the, the company still must comply with the rules for Erules for E--discovery.discovery. Companies will have to do a caseCompanies will have to do a case--byby--casecase ā€œbalancing testā€ā€œbalancing testā€ betweenbetweenCompanies will have to do a caseCompanies will have to do a case--byby--casecase ā€œbalancing testā€ā€œbalancing testā€ betweenbetween the risks of compliance with the US rules, and the risks of nonthe risks of compliance with the US rules, and the risks of non-- compliance with the EU data protection laws.compliance with the EU data protection laws. Perhaps the US courts and the EU data protection authorities shouldPerhaps the US courts and the EU data protection authorities should do this balancing test, when companies find themselves in thisdo this balancing test, when companies find themselves in this conflict ā€¦conflict ā€¦ perhaps!perhaps!