The intersection of US litigation and EU data privacy laws

Companies with operations in the EU are increasingly finding that the broad scope of discovery in litigation in the United States is in conflict with their obligations under laws implementing the EU Data Privacy Directive. Most US courts, when considering whether production of documents in violation of foreign data privacy law should be compelled, have found that the US interest in ensuring the disclosure of all relevant information outweighs a foreign sovereign’s interests in protecting privacy. The coming into force of the GDPR in May 2018, and its vastly increased potential sanctions, may cause litigants and courts to reevaluate that balance.

US lawyers may fail to consider the applicability of foreign law in the discovery process or struggle to explain it convincingly to a court. EU data privacy specialists may give little consideration to the realities of US litigation in designing policies and disclosures. In a world of globalized disputes and in light of the enhanced
penalties the GDPR prescribes, greater awareness of the interrelation of these fields of law by practitioners of each is necessary. The price of failing to respect either may be high.

I have discussed the intersection of US litigation and EU data privacy laws in more detail in an article which was recently published in Privacy Laws & Business International Report, issue 147. To read the full article, please click here.