On February 11, 2009, the EU Article 29 Working Party, set up under Article 29 of Directive 95/46/EC, released its working document addressing the difficulties of cross border discovery and providing guidance to EU data controllers on how to proceed.
Recognizing the “need for reconciling the requirements of US litigation rules and the EU data protection provisions,” the document is intended to provide guidelines for EU data controllers but also provides valuable insight to American practitioners regarding the difficulties they may face in cross border discovery, especially with European countries. As stated in its introduction:
There is a tension between the disclosure obligations under US litigation or regulatory rules and the application of the data protection requirements of the EU. There is also the issue of the contrast between the geographical and territorial basis of the EU data protection regime and the multinational nature of business where a corporate body can have subsidiaries or affiliates across the globe. This is of particular relevance to the European affiliates of multinational companies which can be caught between the conflicting demands of US legal proceeding and the EU data protection and privacy laws which govern the transfer of personal information.
Specifically, the document discusses the differences between Common Law and Civil Code jurisdictions, making requests for information through the Hague Convention, and relevant Articles of Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing personal data and on the free movement of such data (a/k/a The Data Protection Directive).
A full copy of the Working Document is available here.