Litigants navigating the conflict between U.S. discovery
obligations and foreign data protection laws have a new ally, the
American Bar Association ("the ABA"). The ABA
recently passed Resolution 103, which "urges" that:
[W]here possible in the context of the proceedings before them,
U.S. federal, state, territorial, tribal and local courts consider
and respect, as appropriate, the data protection and privacy laws
of any applicable foreign sovereign, and the interests of any
person who is subject to or benefits from such laws, with regard to
data sought in discovery in civil litigation.
The full text of the resolution and accompanying report (the
"Report") can be found here. In supporting its resolution,
the ABA noted that "[l]itigants often face a Hobson's
Choice: violate foreign law and expose themselves to enforcement
proceedings that have included criminal prosecution, or choose
noncompliance with a U.S. discovery order and risk U.S. sanctions
ranging from monetary costs to adverse inference jury instructions
to default judgments." Report at p. 2. As
"U.S. law already provides a clear and workable standard for
resolving the conflict" the ABA believes that Courts should
give more consideration "to the national interests behind the
non-U.S. laws" such that the comity factors are weighed and
applied "in a manner that demonstrates respect for those laws
and the principles of international comity." Report at p.
The ABA's involvement with this issue is particularly
timely, as it has recently become apparent that new data analytic
technologies have weakened the effectiveness and reliability of
anonymization, one of the primary mechanisms available to litigants
to navigate cross border discovery conflicts. See
e.g., The Practice of Law in the Age of Big Data, Nat.
L. J., April 11, 2011.
Despite the apparent strength of this Resolution, it is worth
noting that the ABA appears to have watered down the original
intended language, restricting its statement to data that is
"sought," i.e. affirmatively requested by an opposing
litigant, as compared to the original language, which applied
broadly to data that is subject to preservation, disclosure, or
discovery." The intent of this change is unclear, as the
ABA continues to acknowledge that preservation related-activities
can, by themselves, run afoul of foreign data protection
obligations, even in the absence of actual production or
cross-border transfer. Report at p. 12. For example, the
European Data Protection Directive, defines regulated
"processing" to include mere "storage," and
further provides that data shall be kept in a form which permits
identification of data subjects for no longer than is necessary for
the purposes for which the data were collected." See Directive 95/46/EC, Articles 1 and
6. Such restrictions can be inconsistent with broad U.S.
preservation obligations, and non-compliance would seem to present
many of the same risks that are a concern when it comes to cross
border data transfer.
Regardless of any limited intent, it is hoped that the ABA's
position will be taken to heart by the judiciary, as litigants in
possession of protected data should not have to unnecessarily fear
litigating in U.S. Courts.
One of the world’s most consumer protective spam laws recently went into effect in Canada on July 1, 2014, and many companies operating outside of Canada are learning that the law also impacts them because of how broadly it is drafted.
On July 23, 2014, the Massachusetts Attorney General announced a consent judgment with an out-of-state Rhode Island hospital, Women & Infants Hospital of Rhode Island ("WIH" or the "Hospital"), resolving a lawsuit against WIH for violations of federal and state information security and privacy laws involving the loss of over 12,000 Massachusetts residents’ sensitive patient health records
Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.
Wearable devices, including health and activity monitors, video and audio recorders, location trackers, and other interconnected devices in the form of watches, wristbands, glasses, rings, bracelets, belts, gloves, earrings and shoes are being heavily promoted in the next wave of consumer electronics.