Editor’s Note: The Electronic Discovery Reference Model (EDRM) is a U.S.-based organization that develops standards and best practices for e-discovery and information governance globally. In August 2017, EDRM formed a project team to address conflicts between U.S. discovery rules and the EU’s General Data Protection Regulation (GDPR) concerning cross-border data transfers.
On October 23, 2023, after over five years of development, EDRM publicly released its draft “General Data Protection Regulation Cross-Border Discovery Guidelines” to solicit feedback during a public comment period ending November 20, 2023. The guidelines offer recommendations for navigating GDPR compliance when collecting, preserving, and producing data located in the EU that is relevant to U.S. litigation or investigations.
Press Announcement Summary
EDRM Unveils New Draft Guidelines for GDPR Compliance in Cross-Border Discovery #
ComplexDiscovery Staff
The Electronic Discovery Reference Model (EDRM) has released new draft guidelines aimed at assisting legal practitioners with navigating conflicts between U.S. discovery rules and the European Union’s General Data Protection Regulation (GDPR).
The “General Data Protection Regulation Cross-Border Discovery Guidelines” offer best practices for collecting, preserving, and producing evidence located in the EU that is potentially relevant to U.S. litigation or investigations. The guidelines, along with accompanying resources such as a checklist and model documents, are intended to facilitate compliance with both U.S. discovery obligations and GDPR data protection requirements.
The public comment period for the draft guidelines will remain open until November 20, 2023. The guidelines were developed by an EDRM project team comprised of U.S. and Irish legal and privacy professionals.
EDRM, an organization that creates global standards and resources for e-discovery and information governance, formed the project team in 2017. According to EDRM co-trustee David Cohen, “Where litigation or investigation matters involve evidence located in Europe of the UK, parties are put into a difficult position of determining how to comply with U.S. discovery and/or production obligations without violating the GDPR.” He added, “For even a single GDPR violation parties can be fined, up to the greater of 20 million Euro or 4% of a company’s annual worldwide revenue. Practitioners do not want to face such liabilities.”
Helen Kilroy, Chair of the Commercial Litigation Association of Ireland, stated: “The Commercial Litigation Association of Ireland is delighted to endorse the EDRM’s Data Protection Guidelines, which are an invaluable tool for lawyers in understanding and ensuring their obligations under the General Data Protection Regulation when engaged in cross-border litigation.”
Read More on the New Guidelines #
- Read the complete release at EDRM Announces New GDPR Guidelines Released For Public Comment.
- Learn more about the GDPR Project – EDRM
Assisted by GAI and LLM Technologies
Additional Reading
- eDisclosure Systems Buyers Guide – Online Knowledge Base
- A Running List: Top 100+ eDiscovery Providers
Source: ComplexDiscovery
