Ricci Dipshan, Legaltech News
A look at e-discovery culture,
regulations and guidance from a host of some of the most active global
e-discovery markets around the world.
Global Data Shutterstock
As the global economy becomes more integrated,
e-discovery is evolving into much more than just a local, myopic process. From
investigating or creating compliance programs at multinational corporations to
conducting cross-border data collection and review, today's e-discovery
practitioners are more exposed to international laws and cultures than ever
before.
With help from Kroll's
Second Annual "New Frontiers in E-discovery Report," here is a look
at the regulations, guidance, laws and culture defining e-discovery around the
globe.
U.K., Canada and Australia
Among the
English-speaking nations outside the U.S., there are wide differences in how
e-discovery is implemented and governed.
Leading the pack is the
U.K., which the report deemed the second-most developed e-discovery market
behind the U.S, noting that its guidance on e-disclosure—what e-discovery is
called in the country—has been a part of its Civil Procedure Rules for over a
decade.
While there are some nuanced
differences , the U.K.'s legal system, like its U.S. counterpart,
has also recently begun allowing use of technology-assisted-review
(TAR) in certain cases .
The U.K. currently
adheres to EU data regulations governing data management, though that could
change in the near-future after the country leaves the EU, ostensibly in the
next few years.
Rob Jones, managing
legal consultant at Kroll Ontrack, notes that e-discovery is more developed in
the U.S. and U.K. due to their "adversarial systems, in which the parties
find and present their own evidence to an impartial judge." This is
opposed to civil law jurisdictions, he added, which have "an inquisitorial
legal system, [where] the finding of fact is more impartial and based on the
key documents that underpin the issues in the case, without a broader
search."
Though e-discovery is
ingrained in the legal systems in the U.K. and U.S., in Canada and Australia
the practice is far more ad-hoc and informal. For example, e-discovery in
Canada is not formally governed by case law but by unofficial industry
standards, such as those set down by Canada Sedona Principles and the Ontario
E-Discovery Implementation Committee (EIC).
E-discovery data in
Canada is also regulated by the country's Personal Information Protection and
Electronic Documents Act , as well as various province-level statutes.
The situation is similar
in Australia which, while having e-discovery processes and standards codified
in law, still treats those regulations more as guidelines than legal rules.
This is because, the Kroll report explained, official sanctions for misconduct
are rare, though courts are empowered to enforce them.
Aside from state laws,
the way sensitive data is regulated in Australia is through the Privacy Act of 1988 , which governs the transferring of data out of the
country, though the report noted that the law is less robust than EU-wide data
privacy regulations.
Though less organized
than e-discovery in the U.S. and U.K., Jones explained that e-discovery
practices in Australia and Canada are still "closely aligned to the
principles in America and the U.K., and there is an aspiration to take the best
from both systems, but make it better."
Europe
Outside the U.K., the
vast majority of European countries operate without formal e-discovery
requirements or guidance, though Spain has legislation requiring e-discovery
and data collection "as a form of judicial aid," the report noted,
such as in cases involving data requests by a foreign law enforcement agency.
Despite a lack of formal
guidance, however, how data is handled and managed across much of Europe is
heavily regulated though EU-wide laws. Among the most important are the EU Data
Protection Directive 95/46/EC, which will be replaced by the more robust
General Data Protection Regulation (GDPR) in 2018, and the Privacy Shield,
which regulates data transfers between the EU and U.S. In addition, each
country has its own local data protection laws and authorities that tailor data
regulation to their own specific needs and standards.
These data regulations,
Jones said, may play a part in hindering the advancement of e-discovery in
litigation. As these regulations "are notoriously difficult waters to
navigate, without an extremely good reason to 'get in the boat and sail,' there
is usually little impetus to think about e-discovery," he said.
But coincidentally, such
laws may also help to create demand for e-discovery outside of courtrooms. The
report noted, for example, that e-discovery interest is high in Germany due to
the Bundeskartellamt, a particularly demanding and active agency that
investigates anti-competitive enterprise behavior. Given this agency, and the
regular compliance audits the country's companies face in its highly regulated
economy, German enterprises are no strangers to the culture of regulatory
document review.
While the report noted
that, in France, organizations still need "educational work" to
better manage e-discovery and implement information governance in-house, it was
optimistic that the situation may change with the implementation of the
country's Sapin II legislation at the end of 2016. Among other changes, the
anti-corruption bill implements far-reaching compliance programs required by
medium and large-sized companies.
Asia
Similar to Europe, most
Asian countries do not have formal e-discovery guidance or requirements, though
there is one important exception.
Singapore, which has
perhaps the most technologically advanced legal system in the region, is the
first Asian country to have an "e-discovery opt-in" codified in law.
While e-discovery is not required, the government recommends it be used in cases
where claims exceed $1 million, where documents to be reviewed exceed 2,000
pages or where a significant amount of documents are in electronic form.
The city-nation also
recently passed a data privacy law, the Personal
Data Protection Act (PDPA) , which governs the transfer and handling of sensitive
data and presents financial penalties for noncompliance of up to $1 million.
Far more complex and
less defined, however, are the laws regulating privacy and data handing in
China, which will more than likely complicate e-discovery collection efforts in
the country.
Though China has a
variety of vague laws governing data, none may be quite as impactful to
e-discovery practitioners in the country as its state secrets law.
In a June 2016 webinar
on China's e-discovery challenges, Kate Chan, regional managing director of
Kroll Ontrack, noted that this law "is rather broad and vague and it is
intended to be so, so that not even lawyers practicing in China will be able to
construe, vet or fully be able to define what are state secrets."
She added that penalties
for breaking this law can range from light incarnation sentences to life in
prison. Additionally, the report cautioned, despite efforts being made to
clarify the law, much of what can be deemed state secrets is still unclear, and
even data whose production was previously allowed may still fall into that
category.
Bing Maisog, an attorney with Hunton & Williams
in Beijing, previously told Legaltech News that among other things, this law would "require
'operators of key information infrastructure' to maintain personal information
collected and produced during their operations within China, or comply with a
security evaluation procedure."
Beyond data handling
laws, international e-discovery practitioners also face novel operational
challenges in Asian countries. The report noted that e-discovery practitioners
in China will need to adapt to the widespread use of both traditional and
simplified Mandarin Chinese in documents, while those in Japan will have to
adapt to prominent use of Japanese in businesses communications.
No comments:
Post a Comment