All posts in International Ediscovery

Dutch Data Discovery

The Netherlands is one of the most economically developed countries in the world. Despite being a small country in comparison to others in the EU, the Netherlands is a significant player in the banking and energy sectors and is home to some of the largest corporations in the world. The Netherlands is our next stop, as KrolLDiscovery explores ediscovery in countries around the world.

How is ediscovery unique in the Netherlands?

The Netherlands has no formal requirement for disclosure of electronic documents in legal proceedings (and thus the word “ediscovery” is not regularly used in Dutch legal circles), though international law firms use ediscovery technology in cross-border litigation. For the most part, regulatory matters are the biggest driver for Dutch law firms and corporations when it comes to using ediscovery technology.

The Dutch economy is dominated by companies operating in sectors which are frequently the subject of regulatory investigations such as energy, banking and electronic good manufacturers. Domestically, the Netherlands Authority for Consumers and Markets (ACM) has become very active and has been carrying out an increasing number of dawn raids on businesses, particularly those in the energy, automotive and telecommunications sectors. As an international business center, Dutch subsidiaries of foreign companies or Dutch multinational firms are also vulnerable to scrutiny from international regulators such as the European Commission or foreign authorities such as the U.S. Department of Justice.

This period of increased regulatory activity has caused something of a paradigm shift within Dutch companies when it comes to compliance. In the past it was more common for a reactive approach to be taken whereby companies only used ediscovery technology when under investigation. Now we are finding that companies in the Netherlands are prioritizing internal compliance and dedicating more resources and budget towards implementing schedules of compliance audits.

What data protection and privacy laws affect legal proceedings in the Netherlands?

The Dutch Personal Data Protection Act (Wet bescherming persoonsgegevens [Wbp]) was updated in January 2016. The changes include the ability to impose substantially higher fines for a broader range of violations. The update also introduces various data breach obligations, including the obligation for companies to notify the data protection authorities and affected individuals of any data breach.

Aside from the Wbp, there are other national laws that may affect ediscovery such as the Dutch Telecommunication Act (Telecommunicatiewet, implementing Directive 2002/58/EC on the protection of privacy in the electronic communications sector). Dutch law firms, corporations and ediscovery providers need to be familiar with both these laws and ready themselves for the forthcoming General Data Protection Regulation which will replace the Wbp.

Finally, many Dutch lawyers have concerns about the impact of Brexit and how it might affect transferring data between the United Kingdom and the Netherlands. At the moment, the United Kingdom is one of the Netherlands’ biggest trading partners and so regulatory and litigation cases often involve both Dutch and British companies. Depending on what happens when the United Kingdom and European Union negotiate data protection agreements, Dutch firms may begin choosing ediscovery providers who can offer local data centers or mobile ediscovery solutions to avoid the risk of breaching laws that restrict cross-border data transfers.

What are some examples of best practices for conducting ediscovery in the Netherlands?

  • Consider using a forensics expert for data collection in the Netherlands rather than in-house IT teams.
  • Understand the changes in data protection legislation and be ready for the General Data Protection Regulation.
  • Employ predictive coding technology to manage big data, particularly for competition investigations.
  • Be proactive and prepared for potential dawn raids. The Dutch competition authority is branching out from banking and casting a wider net in its investigations.

How can KrolLDiscovery help?

KrolLDiscovery is your international ediscovery resource, no matter your location on the around world. Read more about predictive coding in Australia and Ireland, ediscovery cooperation in Canada, fighting fraud in France, data protection in the UK, Japan and China, ediscovery practices in Belgium and Germany, and anti-corruption laws in Brazil.

A Taste of Ediscovery in Brazil

Olá!

Brazil is the next stop on our 2017 ediscovery world tour. As the only Portuguese-speaking country in South America, Brazil has the largest population, area and economy on the continent. An increase in industrial production, consumer and business productivity, and a stable currency have set the stage for flourishing business opportunities in Brazil, accompanied by heightened volumes of litigation and investigations…ripe for the use of ediscovery technology.

Brazil’s Unique Ediscovery Conditions

Brazil is a civil law jurisdiction, where there is no procedure or requirement to use discovery-like mechanisms in legal proceedings. Additionally, the process of collecting, filtering and reviewing data is unfamiliar to Brazil’s business culture, impaired by the fact that much corporate data is in a hard copy or non-searchable digital format. Given that a considerable volume of data is not in a format that makes ediscovery processing easy and streamlined, many Brazilian corporations view ediscovery processes and expenses as difficult to justify.

This does not mean, however, that ediscovery is absent in Brazil. Collecting and processing data in Brazil is driven mainly by practical necessity due to national and international regulatory investigations, international arbitration issues, mergers and acquisitions of Brazilian companies, and out-of-country litigation extending into Brazil. In all of these legal and regulatory scenarios, Brazilian companies are benefiting from ediscovery technology. Furthermore, in 2014 Brazil passed an anti-corruption law called the “Clean Compliance Act,” compelling some corporations and their counsel to take advantage of ediscovery technology in corporate compliance efforts.

What About Data Protection and Privacy in Brazil?

Currently, Brazil does not have an extensive set of data protection or privacy laws. However, Brazilian statutory law protects narrow classifications of data. For example, the Brazilian Federal Constitution and certain regulations, such as medical rules and consumer codes, contain privacy protections. Furthermore, Brazilian law does not expressly restrict cross-border data transfer, but transferring data out of Brazil is not the norm. Also, there have been recent changes impacting the need for increased security and protection of personal data, such as the Brazilian Internet Law. Lastly, keeping up with changes in Europe and Asia, it is highly expected that Brazil will enact its first over-arching data protection law in the near future.

Around the World with KrolLDiscovery

KrolLDiscovery is your international ediscovery resource, with current information about predictive coding in Australia and Ireland, ediscovery cooperation in Canada, fighting fraud in France, data protection in the UK, Japan and China, and ediscovery practices in Belgium.

Hot Topics in Ediscovery

As you get ready to head back to the office this fall, make sure you’re up to speed on some of the most significant developments in ediscovery from this summer.

New Data Protection and Transfer Laws in Japan and China

Earlier this summer, Japan and China enacted significant changes to their data protection and transfer laws. In Japan, the Act on the Protection of Personal Information (APPI) went into full effect on May 30, 2017 and companies are expected to make immediate changes. China’s controversial Cybersecurity Law went into full effect in early June 2017 and focuses on network operators managing data in the country.

Antitrust Law and Technical Innovation

Technological advancements throughout the world have transformed policies and institutions that enforce antitrust law. Check out parts one and two of our video series focusing on how policy and technology changes create implications in the many fields of antitrust law.

Civil Procedure Rules in State Court

Following the release of the 2015 amendments to the Federal Rules of Civil Procedure (FRCP), states have taken different approaches to updating their own rules. Some states have adopted the new FRCP, other states are currently considering changes and a handful of states march to the beat of their own drum. Learn more about your state and states that may be important to you in the future.

Fighting Fraud in France

Fraud, corruption and bribery hit close to home for legal and IT professionals around the globe. In France, game-changing legislation has taken effect to strengthen anti-corruption efforts. Sapin II, as the legislation is called, is modelled on the U.S. Foreign Corrupt Practices Act (FCPA) and the U.K. Bribery Act. U.S. businesses with global operations should be prepared with renewed understanding of France’s regulations.

Whether you have a matter that requires collection of electronically stored information (ESI) in a country with strict data protection rules or have questions about state rules of civil procedure, you can keep up to date on everything ediscovery with weekly updates from The Ediscovery Blog.

Belgium: The Ediscovery Capital of Europe

Hallo! Salut!

KrolLDiscovery is your international ediscovery resource, with current information about predictive coding in Australia and Ireland, ediscovery cooperation in Canada, fighting fraud in France, and data protection in the U.K., Japan and China.

Our 2017 ediscovery world tour brings us next to Belgium. As a divided country linguistically, culturally and geographically, Belgium has impacted the way leading international corporations and law firms are implementing new ediscovery practices.

Unique Ediscovery Practices in Belgium

To speak of Belgium is to speak of Brussels. It is undeniable that Brussels is at the center of the European Union and the host of the European Commission itself. Brussels is perhaps the most international city in the world, attracting leading international corporations and law firms. When it comes to ediscovery, Belgium has two distinct markets – international and national. As a result, Brussels has become one of the biggest ediscovery markets in Europe due to the size and the number of cases worked on in country. Law firms in Brussels work globally and rely on sophisticated ediscovery technologies for international cases.

Ediscovery Technology Needed Outside of Brussels

As the de facto capital of Europe, Belgium is at the center of the European ediscovery and yet, at the same time, removed from it. At the focal point, there are a massive amount of investigations in Brussels, yet there are no formal discovery requirements in country. As such, there is a greater need for education on the applications of ediscovery technology for companies and law firms who are operating outside of Brussels. A majority of Belgian ediscovery users are prominent, global law firms, working in competition-focused practice areas that involve multiple jurisdictions. By other law firms becoming educated on various ediscovery technology, it will improve how volumes of electronic data and documents in different languages are handled. Furthermore, corporations will be more likely to use ediscovery technology following a dawn raid and for large-scale compliance audits, culminating in more effective management of these legal matters.

Tips When Conducting Ediscovery in Belgium

  • Select an ediscovery provider that is as international as the case; this will go a long way to reducing cultural, legal and linguistic misunderstandings.
  • When there are large merger control cases, choose the best review technology available, with advanced analytics and predicative coding, in order to not be penalized for missing documents or deadlines.

Don’t be afraid to use ediscovery technology in new areas, such as arbitration or compliance audits. International firms in Brussels are increasingly using ediscovery technology in new legal scenarios that involve large data sets.

Fighting Fraud in France: How Sapin II and Ediscovery Technology Can Help

James Farnell, KrolLDiscovery, Legaltech News

Editor’s note: this article originally appeared in Legaltech News.

Fraud, corruption, bribery. Across the globe, these challenges hit close to home for legal and IT professionals regularly called on to collect, analyze and produce data in support of an active investigation or compliance audit.

In France, game-changing legislation is taking effect to strengthen anti-corruption efforts and U.S. businesses with global operations need to be prepared. The provisions of new anti-corruption legislation, Sapin II, have just come into force in France (as of May 2017). Sapin II, adopted on November 8, 2016, is modeled on the U.S. Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act.

Sapin II: The Key to Closing Loopholes in France

In 2005, Sapin II was first proposed and named after Michel Sapin, a French politician and France’s Finance and Economic Minister. Like many countries, France has attempted to combat fraud through multiple anti-corruption laws. However, these laws had several loopholes. The main aim of Sapin II was to strengthen existing anti-corruption legislation by implementing provisions that would close existing loopholes in France’s anti-corruption laws.

Sapin II is a comprehensive anti-corruption framework, some parts of which are more important than others. Below are a few key provisions of Sapin II, along with brief explanations.

1. France’s Expanded Jurisdictional Reach: Prior to Sapin II, French prosecutors had limited jurisdiction in bribery cases. Sapin II removed these restrictions and gave criminal prosecutors the opportunity to charge more offenders in bribery cases.

2. Creation of the French AntiCorruption Agency (AFA): Sapin II created a new administrative agency known as the AFA. The AFA has replaced the Central Service for the Prevention of Corruption (SCPC). It is monitored by a presidential appointee and a sanction commission. The AFA has four major responsibilities:

  • Prevent and detect corruption in the private and public sector;
  • Help companies implement compliance programs that are required;
  • Report violations of the law to prosecutors; and
  • Oversee the monitorships of corporations.

The AFA sends informative reports to the Justice and Budget Ministries to work together to keep up with fraud and anti-corruption strategies.

3. Compliance Program Requirement: Under Sapin II, a company must have a compliance program in place when there are more than 500 employees and the company has a gross revenue exceeding 100 million euros. This is applicable to both French subsidiaries and non-French companies who fulfill the above criteria. There are eight criteria that must be met in order for a compliance program to be deemed to be sufficient by the AFA. The most important criteria are that there must be corporate risk mechanisms and disciplinary procedures in place. Failure by a company to have a compliance program could lead to directors and managers being sanctioned by the AFA.

4. Whistleblower Protection Provision: Sapin II protects those who with good faith report against those who have violated any of France’s laws, international treaties where France is a party, or have threatened the public interest. In order for the whistleblower to receive protection he or she must notify a supervisor directly or indirectly. If the issue is not resolved within a reasonable amount of time then external parties may be notified and if three months have gone by and it is still not resolved, the public may be notified about the violation. Retaliation against a whistleblower can lead to both criminal and civil punishment.

5. French Deferred Prosecution Agreements (DPA): Sapin II’s DPA is modeled on the U.S. DPA. French corporations are forced to argue facts that have been listed by the DPA. Whether a corporation is punished depends on the judgment from a court through a public hearing. If found guilty, a fine of 30 percent of the company’s average revenue for the past three years must be paid to the French Treasury.

6. New Criminal Offenses and Bribery: It is now a crime for any company or individual to offer a donation, gift or reward to sway a public officer to abuse their discretion with public authority or government. This new criminal offense combines both French criminal law and anti-corruption efforts to stop and prevent fraud.

Sapin II and Ediscovery Technology

As legal and technology professionals in law firms and corporations begin to work under the new provisions of Sapin II, it will be increasingly important to turn to technology solutions to audit compliance programs and investigate fraud. Of particular interest within Sapin II, is the requirement that companies implement a procedure for assessing the effectiveness of a particular compliance program. The review of corporate electronic communication is one way of ensuring that organizations are complying with anti-corruption laws and ediscovery technology can be a critical piece of a thorough compliance audit. For example, the data analytics features in many leading ediscovery review platforms can help detect hidden or emerging compliance risks under anti-corruption laws.

In addition to assisting with a compliance review, legal professionals have increasingly leveraged ediscovery technology to facilitate the investigation and analysis of specific fraud matters. For example, in sensitive investigations, companies can rely on computer forensic experts to collect data and make use of mobile ediscovery technology which allows data to be processed, hosted and reviewed at the company’s premises, if need be. Data need not leave the premises while a sensitive investigation is underway. Most importantly, in France or anywhere around the globe, companies need to seek guidance from local experts to assist in the navigation of local data protection laws and with the collection, processing and analysis of electronic evidence in investigations and litigation.

Whether fighting fraud in France, investigating money laundering in Brazil or collecting data from a Chinese subsidiary in a U.S.-based litigation, organizations all over the world can manage a wide range of business and legal challenges using ediscovery technology.

Antitrust Law in the Era of Trump, Brexit and Technological Innovation

Recently, leading practitioners in antitrust law congregated in Washington, DC to discuss various effects the changing world has on antitrust laws and enforcement. At the Annual Spring Meeting of the ABA Section of Antitrust Law, KrolLDiscovery partnered with The Capitol Forum to create a video series of thoughts and insights from nationally-renowned antitrust experts.

Political change and technological advancement throughout the world has transformed policies and institutions enforcing antitrust law. The new administration of President Trump, Brexit, various policy changes and fast-moving technological advancements all create implications in the many fields of antitrust law. Part one of our video series will focus on how these changes are affecting antitrust law and litigation. Each video is organized with a short description to make it easier for you to decide which of these compelling videos to view first. Enjoy!

DOJ and FTC Involvement in Antitrust Law and Mergers

Watch: The Role of the FTC’s General Counsel featuring Bill Blumenthal, partner at Sidney Austin LLP, as he discusses his experience with antitrust law and merger regulations while acting as former General Counsel for the Federal Trade Commission.

Watch: Major Changes to the Antitrust Guidelines for International Enforcement and Cooperation featuring Jeff Jaeckel, co-chair of Morrison & Foerster’s antitrust law practice group, as he discusses the new DOJ and FTC antitrust guidelines on international law released in January 2017.

Watch: Competitive Effects featuring Ken Reinker, a partner at Cleary Gottlieb Steen Hamilton LLP, as he discusses how agencies review and analyze competitive effects and what impact the new administration will have on this analysis.

Technology’s Role in Merger Review and Antitrust Litigation

Watch: Big Data and Antitrust Enforcement featuring Maurice Stucke, of counsel at the Konkurrenz Group and law professor at the University of Tennessee, as he discusses big data’s impact on the traditional areas of antitrust enforcement and the resulting issues for mergers.

Changing Global Policies Impact U.S. Antitrust Laws

Watch: Global Antitrust Approach featuring Nick Gaglio, a partner at Axinn Veltrop & Harkrider LLP, as he discusses the importance of a global antitrust counsel, complexities of dealing with multiple jurisdictions and the effects of the new administration on global antitrust regimes.

Watch: Impacts of a Changing World featuring Jay Modrall, a partner at Norton Rose Fulbright, as he discusses differences in the Commission’s and CMA’s approach to transactions, the present and future impact of Brexit on global antitrust law, and how to mitigate the ensuing negative consequences.

In the next month, watch for part two of The Capitol Forum series, containing additional interviews with leading antitrust experts.

Japan and China: New Data Protection and Transfer Laws Imminent in Asia Pacific

Ediscovery in China

Kate Chan, APAC ediscovery

Kate Chan, KrolLDiscovery, Legaltech News

Editor’s note: this article originally appeared in Legaltech News.

The global ediscovery community is abuzz about data protection. 2018 will usher in new data protection and transfer laws in the European Union (EU), but many ediscovery professionals are less informed about similar changes in Asia that have recently taken effect.

Japan: Land of the Rising Sun

Japan’s Act on the Protection of Personal Information (APPI) stands as one of Asia’s oldest data protection laws and has remained unchanged since it went into effect in the early 2000s. The decision to enact Japanese amendments to the APPI was most likely influenced by three factors: a significant increase in the volume of data being created, a rise in data breaches and illegal sale of private information and a pressure to update policies in light of the EU’s work on the General Data Protection Regulation (GDPR).

A word of warning: The APPI amendments went into full effect on May 30, 2017 and Japanese authorities expect companies to make immediate changes. Below are some key provisions of the APPI amendments in Japan.

1. Creation of the Personal Information Protection Commission: The amended APPI went into partial effect in 2016, creating the Personal Information Protection Commission (PPC) as a central, independent regulatory authority with enforcement powers.

2. Two new classifications: Two information classifications will determine whether data can be transferred and if the owner of that information can give consent to its transfer: sensitive information and anonymized information. Sensitive information (information about a person’s race, creed, social status, medical records, criminal history, etc.) receives enhanced regulatory protection, with the person’s consent required before such data can be transmitted. Anonymized information (personal information where there is no possibility of identifying the person) can be transmitted with restrictions but without the express consent of the individual.

3. “Opt-in” is now “opt-out”: The current rules require the user’s permission before personal data can be transferred. Under the amendments, companies can share data without permission if they disclose certain information to the user beforehand, such as the nature and purpose of the personal data being provided, and the way the data is being provided. The company transferring the information must also give the user the option to opt out of the transfer before it occurs. Businesses must disclose to the PPC if they will continue to default to an “opt-out” policy, or change the process transferring information to a third party. The PPC will make these changes known to the public.

4. International data transfer policy: For the first time, the APPI will address international information sharing. Any company transferring personal records outside Japan’s borders will need the user’s permission and opting out will not be an option unless the foreign jurisdiction has similar privacy standards.

5. Sanctions for noncompliance: The PPC is enacting a two-tiered criminal penalty measure into the APPI and its guidelines. A negligent violation will bring about an enforcement notice ordering the company to either correct the issue or halt data transfer operations. Failure to comply may result in imprisonment up to six months or a fine up to JPY 300,000. Intentionally stealing or providing personal information for a dishonest purpose may result in a direct penalty of up to one year in prison or a fine up to JPY 500,000.

China: The Red Dragon

In early June 2017, the People’s Republic of China implemented its controversial Cybersecurity Law. The government is becoming more involved with data protection and strengthening enforcement. Up until now, its current rules have not been clearly defined or regularly enforced, so it is important to keep up with developments or risk getting caught off guard.

Unlike Japan’s focus on protecting data, China turns its attention to the network operators managing data. Below are some key facets to its new policy.

1. Data stored in mainland China: The new law insists that Chinese citizens’ “personal information” and “important data” be stored on servers within its borders. Any companies claiming an exception that is “truly necessary” must undergo a security assessment before information can be released. This will affect the majority of foreign companies that operate in China; in particular, those that use their global infrastructure and IT resources to operate their business in China, as the original data collected, including business data and customer data, within China will typically be stored directly in the data centers or servers physically located overseas. For example, many global companies are still using email servers located outside China for their China operations.

2. Law applies to network product and service providers: The majority of the new law’s provisions apply to “Critical Information Infrastructure Operators” (CIIO) possessing data critical to China’s security. Industries predominantly targeted in this new definition include financial, transportation, health care, utilities and telecommunications.

3. Stronger data protection provisions: Supplementing existing data privacy guidelines in China, network operators must first obtain their clients’ consent before collecting and disclosing personal information, including the reason for the disclosure, and take measures to ensure the security of personal information. Companies need to ensure that an appropriate framework is established for collecting and using data, demonstrating that any data collected has a proper purpose and that its use can be explained in detail. Companies should also ensure appropriate security and protection measures are in place to safeguard the data as well as incident response procedures for responding and reporting any breach.

4. Security examinations: All network providers must pass a “network security examination.” This includes specific requirements that network operators must follow when purchasing new network systems.

5. Severe consequences for noncompliance: While specific penalties are unknown at this time, cancellation of a business license is part of the current regulations. Additionally, the new regulations require CIIO’s to establish violation reporting mechanisms, suggesting that China is taking the new law very seriously.

In instances where there are concerns with removing data from China, or the company premises themselves, a mobile solution may be the answer. Over the past couple of years, mobile technology has become incredibly powerful, facilitating processing, filtering and analysis onsite. Onsite mobile solutions can also be used in tandem with traditional processing by acting as a cost-effective method of segregating and filtering out personal information, sensitive company data or privileged documents early on and prevent unwanted disclosure. When conducting ediscovery or internal investigations in China, companies must review and clear any state secrecy or data privacy concerns, and redact sensitive information prior to sharing it out of the country. This, in turn, reduces the risks and costs associated with over-collection by culling irrelevant data and focusing on what is relevant or responsive.

As legal and technology professionals in law firms and corporations prepare for the data protection implications of the EU GDPR, do not disregard important changes afoot in Asia. Most importantly, seek guidance from local, in-country experts, prepared to help you collect, host and transport data in investigations, litigation or regulatory matters around the world.

Spring Digest: Everything You Need to Know (so far!) in 2017

Ediscovery has been busy this year. We’re only five months in and we’ve already seen developments in predictive coding, proportionality standards and ediscovery practices around the world.

Before you head off on your summer vacation, take a minute to refresh yourself on some of the hottest topics in ediscovery so far this year.

Proportionality is Key

One of the most significant amendments to the Federal Rules of Civil Procedure back in 2015 was a new requirement for discovery to be “proportional to the needs of the case.” Today, counsel must ensure that their discovery requests are specific and add value to their case in relation to the accompanying expense.

Australia Gets in the Predictive Coding Game

First the United States, then Ireland and England, and now Australia. Predictive coding (also known as TAR) continues to spread around the world as courts encourage parties to consider technology to discover and inspect documents.

Using Cellebrite in Mobile Phone Investigations

You need not be a computer wizard to appreciate the volumes of relevant data housed on the mobile device in your hand. The standards and technology for extracting mobile device data are still progressing, variable and slightly confusing. KrolLDiscovery’s Jason Bergerson answers common questions around specific technology and processes in mobile phone investigations.

Ediscovery Around the World

Throughout this year, KrolLDiscovery will be diving deep into ediscovery practices around the world. We hope you’ll join us as we explore data collection, privacy, proportionality and production practices in the Americas, EMEA and APAC. So far, we’ve stopped in Australia, Ireland, Canada, the U.K. and Germany to discuss some ediscovery trends in each locale.

Be sure to sign up for updates from The Ediscovery Blog to stay on top of everything ediscovery.

Germany: The Hub of European Ediscovery Technik

Guten Tag!

From information about predictive coding in Australia and Ireland to cooperation in Canada and data protection in the U.K., KrolLDiscovery is your international ediscovery resource.

The next stop on our ediscovery world tour is Germany. As a leader in technology exports and the world’s fourth-largest economy, legal technology, privacy, security and data protection practices are a well-known and vital part of Germany’s business culture.

LITIGATION AND ENFORCEMENT IN GERMANY

Germany’s central location in the European Union and expertise in technology make it an attractive location for international business. As such, it is no surprise that international disputes and exacting governmental regulation are also a regular part of German business activities. Specifically, when it comes to litigation, German law firms are commonly managing cross-border disputes, often involving jurisdictions such as the United Kingdom and the United States where ediscovery is required in civil cases. Further, Germany’s position as a prominent global economic force means that many companies’ planned mergers will be large enough to attract the attention of the European Commission and be subject to a merger control investigation. Lastly, Germany’s own independent competition authority, the Bundeskartellamt, is one of the most active in Europe and has a reputation for its meticulous and demanding approach to investigations. For German companies facing investigations, regulatory scrutiny or cross-border litigation, ediscovery technology provides a lifeline in meeting requests for volumes of business documents.

WHAT MAKES GERMAN EDISCOVERY PRACTICES UNIQUE

What is unique about these cases is the way German lawyers are using ediscovery technology. German lawyers not only use ediscovery technology to search and analyze data to discover material facts or produce large amount of data to regulators in a short period of time. They also need the technology to redact personally identifiable information in accordance with Germany’s strict data protection laws. Data protection in Germany is primarily regulated by the Bundesdatenschutzgesetz (BDSG), which implements the European Union’s Data Protection Directive (which will be replaced by the General Data Protection Regulation in May 2018). In addition, there are state data protection laws providing legal requirements for data processing carried out by state-level public authorities or public bodies.

TIPS WHEN CONDUCTING EDISCOVERY IN GERMANY

  • Prioritize information governance and know where your data is before you start a case.
  • Use predictive coding. Data volumes are growing all the time and predictive coding is the most efficient way to find the right information. Regulators are not sympathetic to those who miss deadlines.
  • Choose quality over cost. In multi-jurisdictional cases, mistakes come at a high cost. Choosing the cheapest providers in each company can often be a false economy. It is safer to choose an established provider with a network of local offices and experts who have experience in working collaboratively across jurisdictions.

Stay to speed on global ediscovery practices. Don’t miss this whitepaper, “A Practical Guide to Cross-Border Ediscovery.”

United Kingdom: Ediscovery Around the World

The United Kingdom, a common law jurisdiction, is the second most established geography for ediscovery after the United States. There is a high degree of familiarity with ediscovery in the United Kingdom because edisclosure is a formal stage of the civil litigation process, governed by Part 31 of the Civil Procedure Rules, along with associated Practice Directions.

Our next stop exploring data collection, privacy, proportionality and production practices in the Americas, EMEA and APAC brings us to the United Kingdom.

How are ediscovery practices in the United Kingdom different from neighboring countries or the United States?

Because there has been a keen emphasis on proportionality for a longer time, edisclosure in the United Kingdom is narrower than ediscovery in the United States.  In addition, unlike many of its European neighbours, the United Kingdom has had edisclosure form part of its Civil Procedure Rules for over a decade. During that time, practical know-how regarding ediscovery technology has spread beyond litigation, so most lawyers are comfortable with the advantages a full analysis of electronic evidence can bring to their case.

How are data protection and privacy laws impacting ediscovery in the U.K.?

U.K. law firms frequently face cross-border discovery issues, which comes with the significant challenge of transferring data across borders to countries where different rules and regulations apply. While the United Kingdom is considered less strict than Russia and China, the EU General Data Protection Regulation (GDPR) might change this. Further, impending Brexit implications are also expected to have some impact on the way that data is handled for disputes and investigations in the United Kingdom. The bottom line: in the midst of this uncertainty, it seems sure that there will be more scrutiny on the holding of personal data and more fearsome penalties for mishandling personal data in the future.

What best practices are recommended for conducting ediscovery in the United Kingdom?

Akin to ediscovery practices around the world, edisclosure in the U.K. is often delivered by collective teams, making teamwork an absolute best practice. Further, similar to many other countries, disclosure and regulatory deadlines must be met in a well-ordered and timely fashion. The urgency and precise requirements of ediscovery cases carry a high degree of risk, so “getting it right” calls for expertise, care and coordination, as well as responsive support. For this reason, practicing ediscovery is as much about the people you work with, as it is about the technology you use.

In the U.K., companies and their counsel are interested in taking a more surgical approach to data selection. Instead of using keywords, review platforms offer analytical tools that can reveal more about the data, helping to provide a better understanding of who was involved, how they communicated and the words they actually used. In medical terms, this level of sophistication is akin to keyhole surgery, as opposed to older and cruder methods. Additionally, ediscovery technology can be used to perform proactive checks on employee behavior. Keeping up to date with ediscovery market developments is another new ‘best practice.’ The United Kingdom has a competitive ediscovery industry, so being able to quickly select the right provider for a quantifiable advantage (such as local presence or a particular technology) is of tremendous benefit.

Looking to stay up to speed on global ediscovery practices? Don’t miss this whitepaper, “A Practical Guide to Cross-Border Ediscovery.” From predictive coding practices in Australia and Ireland to cooperation in Canada, KrolLDiscovery is your international ediscovery resource.

 
css.php