Mitigating the data privacy challenges of eDiscovery

Data Privacy

How is cross-border eDiscovery affected by data privacy?

Since its initial beginnings, e-discovery has been transformed drastically, now having an exciting array of technology options for managing data which is exponentially different in variety, scale, source and complexity. This is further complicated by today’s trend toward the globalization of many industries, the proliferation of data across the enterprise and the complexities of international legal matters.

There is no question that the scope of electronic discovery has grown parallel with the proliferation of data across the enterprise. Today’s projects are now commonly measured in terabytes of data, with the potential of petabytes in the not too distant future. The use of eDiscovery tools and techniques has expanded as well, with new or increased use in regulatory matters, mergers & acquisitions, government transparency, arbitration, antitrust, human resources and more.

It can be extremely difficult to find legal technology resources outside of the United States. One might expect to be able to make a quick call to any number of locations in Europe or Asia, but there are few, if any, local resources outside of the common law jurisdictions of United Kingdom, Canada, India, Singapore and many former British colonies. While approach of “copy and ship” data back to the United States might be suitable for some international projects, it can prove challenging when dealing with matter having cross-border privacy concerns, tight deadlines, trade secrets or a lack of appropriate resources.

Data Privacy Regulations & Data Transfers

It is critical to understand the regulations of the entities that have jurisdiction over the discovery data, whether it be paper or electronic. In today’s world of increased data privacy protection, many countries and regional organizations have enacted strict guidelines, regulations and even criminal laws regarding the use, processing or removal of personal data beyond certain borders without the expressed written consent of the individual. Most notable in this regard would be France and the European Commission, but there are other countries throughout the world following the lead of Europe.

Beyond data privacy regulations, it is also important to note that there are countries that have strict regulations about the export of data for matters of secrecy and national security. China typically requires a detailed review of all data related to any organization associated with the government or Communist Party before it is permitted to leave the country.

Global eDiscovery Resources

Innovative solutions have come online which leverage a cloud infrastructure to provide superior performance, reliability, security and functionality at ultra-competitive price points. These innovative e-discovery platforms have escaped from the legacy architecture of massive servers, storage devices and data centers to the freedom of on-demand cloud computing, which can strategically store evidentiary data within regional centers.

This regional capability has made cross-border e-discovery significantly easier, with providers such as Amazon Web Services providing virtually unlimited, on-demand capacity from secure data centers in Australia, Brazil, China, Germany, Ireland, Japan and Singapore and the United States.  Microsoft, Rackspace, Google, DigitalOcean, Tata and CenturyLink provide similar service options.  As a significant additional benefit to this capacity and footprint, a group of cloud servers can provide the same processing and storage capabilities as a single high-end server for a fraction of the price.

Even in an industry so resistant to change, one is hard-pressed to find argument with new solutions that provide such compelling benefits and a valuable alternative to the legacy eDiscovery platforms in use today.

first published on December 4, 2015