Cross-border e-discovery across different countries or jurisdictions raises multiple privacy issues. Data privacy is a rapidly changing constellation of rules and regulations that doesn’t always gel with the demands of litigation or investigations.
The biggest challenge in cross-border eDiscovery, is a lack of understanding of data privacy laws in different jurisdictions. Due to the nature of litigation, cross-border eDiscovery often lands corporations in the risk of violating privacy laws.
With different versions of data privacy laws enforced, managing the personally identifiable information (PII) of employees has become a primary concern. PII is often collected and processed by numerous parties, making it subject to multiple privacy regulations.
E-discovery processes in situations involving EU and U.S. citizens is more complicated. Litigation-based requests for document identification or production under the privacy laws of one country can easily run into conflict with the data protection laws and requirements of another country.
Conflicts now seem to be emerging between the U.S. discovery laws and data privacy laws and regulations laid out by the European Union, in situations where a litigation or an investigation involves discovery of information located across the border. The conflict also arises as a result of differences in the extent of eDiscovery obligations between the two regions, thus making the scope and extent of eDiscovery far more restrictive.
It is thus important for both legal and eDiscovery technology teams to fully understand the legal ramifications of investigations and litigation, that may open challenges related to privacy, before embarking on such projects.