Difficulties of eDiscovery during international data transfers
International data transfers are incredibly complex processes, as users will need to navigate regulations in each of the countries, international laws and battle against language barriers. As national and international officials continue to roll out new legislation in an effort to standardize and secure the transfer of data, businesses must look past the ordinary to find the proper solutions in the interim.
First, some of the major differences between the two countries in focus will have to be brought to light, followed by any international legislation that has been passed by regulators. Privacy laws are most often associated with the transfer of international data, and when a company needs to transfer its data following an eDsicovery request, those unprepared firms will be in for a long road.
International data protection and privacy laws in the age of eDiscovery
While most first world nations have data protection and privacy laws in place, several developing countries are either just beginning to formulate strategies or have only fledgling statutes that are still in need of refinement. This convolutes the issues substantially, as many countries, including the United States, rely on certain bits of legal language that can be used either to the detriment or advantage of a company, depending on the judge and court overseeing the actions.
The European Union and the United States have among the more advanced data privacy and protection laws in the world, though they continue to evolve. This is largely the result of a lack of former trials that have set enough precedence for a clear and comprehensive set of rules of internal data transfers during eDiscovery proceedings.
European Union nations have similarities because of the framework established in the EU directive, which demanded all member countries develop a set of transfer and privacy laws.
Many nations have similarities outside the EU, as well, including those of the United Kingdom and United States, as well as New Zealand and Australia.
In Asian nations, though, protection and privacy laws are drastically different, and the way in which the languages are translated through solutions during electronic discovery must be carefully thought through.
Cross language and hemisphere data transfer difficulties
Most Asian nations have established data protection and privacy laws regarding international transfers. This includes the Computer Processed Personal Data Protection Law in Taiwan, the Official Information Act in Thailand, the Data Privacy Act of 2011 in the Philippines and the Law for the Proection of Computer Processed Data Held by Administration Organs legislation in Japan.
However, an important note it that most of these laws were established in the mid- to late-1990s, far before the now popular eDiscovery solutions and proceedings were ever conceived. This means these laws will continue evolve, and are not close to being aligned with data protection and privacy laws that are currently in play in the United States.
As anyone versed in eDiscovery knows, the solutions used to sift through and pull information are contingent upon codes that read through language and only take what is legally allowed per a court’s ruling. Asian countries have drastically different characters in their languages, making simple code from traditional eDiscovery solutions providers ineffectual.
What is needed in these instances is an advanced solution that pulls and translates only what has been requested and legally allowed for discovery. These solutions are few and far between, but must be used when conducting international data transfers for eDiscovery requests and proceedings.
Failure to use these solutions could cost businesses enormous amounts of money through penalties from each country in action, and can result in lost face from sanctions imposed by international legislators.
Sources:
https://idpl.oxfordjournals.org/
https://www.informationshield.com/intprivacylaws.html
https://searchsecurity.techtarget.com/magazineContent/Navigating-international-data-privacy-laws
https://www.giodo.gov.pl/163/id_art/326/j/en/
https://www.ntia.doc.gov/files/ntia/comments/100402174-0175-01/attachments/Morrison%20Foerster%20LLP%20Comments.pdf
https://www.educationaldatamining.org/EDM2009/uploads/proceedings/barker.pdf
https://www.oxfordjournals.org/our_journals/idpl/for_authors/