EDRM is launching a new project to develop guidelines for cross-border discovery under new European regulations taking effect next year.
The coming General Data Protection Regulation (“GDPR”) will intensify the challenges that U.S. companies and counsel face in complying with discovery requests that involve data in the EU. The EU defines Personally Identifiable Information (“PII”) much more broadly than the U.S., and includes “information that identifies a natural person,” such as name, address, or email address, etc. The GDPR is a game changer, imposing potentially tens of millions of dollars in fines for failure to comply.
Interpretation of this new regulation is expected to be guided by the European Data Protection Board (“EDPB”), case law, and approved Codes of Conduct, which the GDPR specifically encourages trade groups and associations to develop. EDRM’s project team will research and develop practical guidelines for cross-border transfer of information for e-discovery; the guidelines will lay the foundation for the creation of a formal code of conduct.
“EDRM is in a unique position to draft such a code of conduct, given the expertise and commitment of our members and the support that Duke Law can provide,” said Deena Coffman, managing director at BDO and the EDRM GDPR project co-lead. James Waldron, director of EDRM at Duke Law, will also serve as co-lead on the project.
All members of EDRM, including lawyers, paralegals, information governance experts, and e-discovery consultants are invited to participate in this GDPR project team. Volunteers must commit approximately 10 hours per month to participate in meetings, research, design, drafting, and modeling. Duke Law students will be recruited during the 2017-18 academic year to further assist with research, drafting, and editing.
To participate, please send an email to EDRM@law.duke.edu indicating your interest and relevant experience. The project team plans to begin meeting in late July. Questions about the project may be directed to EDRM@law.duke.edu.