FREE NEWSLETTER

GET EXCLUSIVE CONTENT

Free Newsletter Free Newsletter
96402007-uk-company-searches-online-180x150r1gif

Julia Chain on future ediscovery considerations arising from regulatory and information governance demands

Added on the 8th Aug 2017 at 5:01 pm
Share Button

Julia Chain, Managing Director, Advanced Discovery UK

With exponential data growth, the proliferation of data sources from mobile, cloud and social media technologies, growing litigation in the current economic environment, and increasingly regulatory and information governance pressures; law firms and corporate legal departments face greater challenges today than ever before.

To mitigate risk, law firms and corporate legal departments need to understand and comply with the upcoming General Data Protection Regulation (GDPR) and Privacy Shield annual review. The following trends outline current key considerations for data controllers (and representatives) with respect to the impact on future eDiscovery obligations relating to litigation, regulatory investigation and other similar matters:

The General Data Protection Regulation (GDPR)
With the GDPR set to take effect in May 2018, those organisations processing or in control of personal information should be busy considering the breadth of their obligations. Developing solutions to tackle the many requirements may feel like an almost insurmountable task; however, the stakes for non-compliance are high as even inadvertent breaches of sensitive data will likely carry significant fines.

Data privacy can be at its most vulnerable when an organisation entrusts data to a third party. Under the GDPR, those tasked with processing data on behalf of a “controller” will now be held to the same standard of responsibility as those who were charged with protecting that data in the first place. However, it’s noteworthy that the burden of protection will remain with the “controller.” For this reason, it is imperative that law firms and legal departments ensure that their third-party providers have all the checks and balances in place to handle and inform upon the obligations set forth by the regulation.

Organisations should ensure that they consider all aspects of the regulation, including relationships with vendors, such as eDiscovery providers, when performing policy and procedure assessments and when considering their general readiness for compliance.

Legal Uncertainty Caused by Privacy Shield
In October 2015, the Safe Harbour Framework for the transfer of data from the UK to the US was declared invalid, leaving transatlantic data transfers in a (albeit temporary) limbo state. Privacy Shield was agreed and installed in its place in July 2016. Privacy Shield, however, has endured a number of criticisms since its implementation, most recently from a resolution passed by European Parliament. With an annual review due in September this year, there are a number of challenges that Privacy Shield faces – from actions of the new Presidential administration in the US and changes in federal law, to legal challenges and issues raised by data protection authorities in the EU.

If Privacy Shield is to survive the annual review, then it will need to evolve to bring clarity for global organisations (particularly US based) relating to their data privacy obligations, including cross-border eDiscovery. Should it fail to evolve, transatlantic data flows may again fall into the abyss of uncertainty.

Learning from Others’ Mistakes
There have been a number of recent cases that are perfect examples of “how not to do” eDiscovery. In the US, the case of Shaw vs Elting, highlighted the cost of taking the wrong approach with sanctions of over $7m following the “unusually deplorable” actions of the claimant. In the UK, the case of Michael vs Phillips offers some interesting details – the actions of the defendants were so extreme that their defence was struck out, meaning that they were not able to defend the claim against them.

These cases highlight failures in the early stages of eDiscovery and data spoliation. Law firms and in-house legal departments will glean insight on the pitfalls to avoid.

About Advanced Discovery
Advanced Discovery is an award-winning and leading global eDiscovery and risk management company. The Company’s global HQ is based in London after acquiring Millnet (now branded Advanced Discovery), the largest and longest established UK based eDiscovery and document services firm. The Advanced Discovery family of companies, including Altep, Legal Placements, Inc., and Millnet Document Services, brings a complete suite of solutions to clients around the globe, including eDiscovery, Information Governance, Riskcovery® & Compliance Risk Assessment, Cybersecurity, Legal Operations Consulting, Data Forensics & Investigations, Paper Discovery and Digital Printing, as well as Legal Recruiting and Placement. The company employs leading professionals in the industry, applies defensible workflows and provides proprietary and industry-proven technology across all phases of the eDiscovery and risk management life cycle. This devotion to excellence has earned Advanced Discovery inclusion on the Inc. 5000 list of fastest-growing companies in the United States and recognition as the highest-level Best in Service Relativity solutions partner for five consecutive years.

 

There are no comments yet, add one below.

Any Comment?