International Ediscovery: Best Practices Around the World
Over six thousand athletes from eighty-five countries have gathered to compete. When you sit down to watch the events, remember that behind every flag is a unique legal system, with diverse privacy laws and ediscovery rubrics. As these laws become increasingly intertwined, legal professionals – like athletes – must constantly push themselves to manage international ediscovery in the digital age.
A central theme in American discovery is that the search for truth in litigation outweighs individual privacy concerns, with the exception of personally identifiable information. The 2006 amendments to the Federal Rules of Civil Procedure are the heart of ediscovery, namely Federal Rules 26 and 34 which define electronically stored information (ESI) as a discoverable source of information. There are new proposed amendments to Rules 26 and 37 on the ediscovery horizon in 2014.
Guided by few appellate decisions, US district courts and magistrate judges are the architects behind an expansive body of ediscovery case law. Proportionality (barring unduly burdensome ESI production and preservation) and cooperation (mandating party-to-party ESI discourse early) are defining facets of American ediscovery. In 2013, courts have expressed unrivalled legal-technological proficiency by tackling several complex ediscovery issues: taxation of ediscovery costs,1 the role of wilfulness in the duty to preserve,2 and marrying smart technology with document processing and review.3
England and Wales
The shifting tides of ediscovery impact both sides of the Atlantic. In the UK, Civil Procedure Rule 31 governs disclosure. Its counterpart, Practice Direction 31B, is the primary source for coping with issues like the preservation of ESI, defining a “reasonable search,” and assessing the level of party communication required before the case management conference.
The UK takes a fundamentally different approach to discovery than the US. While US courts seek to produce all relevant documents to a case, CPR 31.5(7) limits disclosure in the UK “to that which is necessary to deal with the case justly.” Courts in England and Wales now have a “menu” of options for disclosure, which range from no disclosure to full blown train of enquiry disclosure with issues-based disclosure and reliance-based disclosure somewhere in between.
The European Union
The EU Data Protection Directive 95/46/EC (“the Directive”) mandates signatory countries to implement laws restricting the processing of “personal data”—information “relating to an identified or identifiable” person. Moreover, the Directive bars the transfer of personal data to non-EU states unless the country provides for “adequate protection” of personal data and marks a significant detour from the American approach to data protection.4
In 2012, the European Commission proposed a comprehensive reform to the Directive to protect “the fundamental right of data protection and to guarantee the free flow of personal data between Member States.”5 Set to take effect in 2015, the new data protection regime bolsters the rights of data subjects, imposes heightened obligations on organizations and strengthens enforcement measures. This rubric, combined with many civil law systems, provides for minimal discovery of ESI in EU litigation. Coupled with several countries adopting blocking statutes to prevent the transfer of personal data across borders, these new protection laws also create tension with the US Federal Rules of Civil Procedure, which seek to produce all relevant electronic records.
Throughout the Canadian provinces, the 2008 Sedona Conference® Publication, The Sedona Canada Principles, has provided an impetus for developing ediscovery rulemaking. For example, the Ontario Rules of Civil Procedure make an explicit call for cooperation and a meet and confer conference when discussing discoverability of electronic data. Further, they require counsel to consult with The Sedona Canada Principles.
However, following the footprints of the EU, Canada has taken a rigorous approach to data protection regulation at the legislative level. Private sector data use is controlled by the Personal information Protection and Electronic Documents Act, a federal privacy law designed to “support and promote electronic commerce by protecting personal information that is collected, used or disclosed.”
Ediscovery law in APAC is evolving at the speed of light. Some countries have passed ediscovery guidelines (e.g., Singapore); however, many countries, like South Korea and Japan, are still considering implementing ediscovery laws. In the APAC region, ediscovery largely impacts international companies with US-based litigation and antitrust concerns. Local counsel and local service providers can provide immense value when attempting to successfully collect data in the region, while navigating the vast legal system differences. As the market continues to blast through geographic boundaries, watch for countries to continue to parse their existing rules against the demands of litigation, develop laws that cushion these changes, and shift the burden of knowledge to attorneys engaging in international data discovery. It is only a matter of time before a case on your docket, in your firm or on your desk involves multinational discovery laws. Also, for a deeper dive into APAC ediscovery, view this previously recorded Kroll Ontrack/eDJ webinar, Ediscovery in Asia: What U.S. Legal Professionals Need to Know.
1 See Gabriel Tech. Corp. v. Qualcomm Inc., 2013 WL 410103 (S.D.Cal. Feb. 1, 2013). 2 See Moore v. Citgo Co., LP, 735 F.3d 309 (5th Cir. 2013). 3 See Gordon v. Kaleida Health, 2013 WL 2250579 (W.D.N.Y. May 21, 2013). 4 American data protection law involves a concoction of legislation (e.g., the Fair Credit Reporting Act), self-regulation, and industry regulation. 5 Available: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52012PC0010: en:NOT