Another Sedona Conference Commentary, This One on Enforceability of Orders Entered Under GDPR: eDiscovery Best Practices

Sedona is hot this time of year!  And, it’s not just the weather!  😉

Last week, I covered the announcement of the Third Edition of the Cooperation Proclamation: Resources for the Judiciary from The Sedona Conference® (TSC).  Within a day, TSC announced another publication – this one regarding the enforceability in U.S. Courts of orders and judgments entered under GDPR.

TSC and its Working Group 11 on Data Security and Privacy Liability (WG11) announced last week that its Commentary on the Enforceability in U.S. Courts of Orders and Judgments Entered under GDPR (“Commentary”) has been published for public comment.  It’s available for download for FREE here.

As TSC notes in their announcement email, WG11 developed this Commentary to evaluate the enforceability in a United States court of an order or judgment entered under the European Union (EU) General Data Protection Regulation (GDPR) by an EU court, or by an EU Member State supervisory authority, against a U.S.-based controller or processor. The goal of the Commentary is to provide guidance to stakeholders in the EU and in the U.S. on the factors—both legal and practical—that speak to the enforcement of GDPR mandates though U.S. legal proceedings.

The Commentary is contained within a 42-page PDF guide.  In addition to a 2-page Introduction and a 1-page Conclusion, the Commentary is comprised of six parts, as follows:

  • Part I provides an overview of GDPR’s extraterritorial scope under GDPR Article 3 and briefly examines how EU supervisory authorities have interpreted that provision since GDPR entered into force in May 2018.
  • Part II addresses the state of the law in the U.S. regarding the recognition and enforcement of foreign country orders and judgments. As we explain, some states have addressed the issue by adopting statutes, and others have relied on the common law. Each approach, however, relies on a set of common principles. Part II describes those principles, touching on questions about enforcement of private money judgments and injunctions as well as public orders prohibiting or mandating certain conduct or levying fines or other penalties for violations of foreign laws.
  • Building on that discussion of general principles, Parts III, IV, and V address how those general principles apply to claims by private plaintiffs (Part III) and claims by EU supervisory authorities (Part IV), and the potential defenses they create for U.S. defendants (Part V).
  • Finally, Part VI briefly addresses the ways that GDPR’s requirements might be enforced other than through the direct enforcement of an existing EU order or judgment entered under GDPR. These could include contract-based claims arising from GDPR-mandated data processing agreements, and claims brought against U.S. organizations by the U.S. Federal Trade Commission (FTC) and individual data subjects under the EU-U.S. Privacy Shield.

The Commentary is open for public comment through August 31, 2020. As always, questions and comments may be sent to comments@sedonaconference.org. The drafting team will carefully consider all comments received, and determine what edits are appropriate for the final version.  And, a webinar on the Commentary will be scheduled in the coming weeks, and will be announced by email and on The Sedona Conference website.  It will be interesting to see what comments the WG11 team receives regarding this ever-evolving topic.

Also, just a reminder that on Wednesday, July 15, ACEDS will conduct the webinar Seeing 20/20: Reasonable and Proportional Discovery in 2020 at 1pm ET (noon CT, 10am PT).  Come join Mandi Ross of Prism Litigation Technology, Martin Tully of Actuate Law and me where we’ll discuss challenges with “right-sizing” discovery proportionally and defensibly, what can be leveraged from the rules and relevant case law regarding proportionality, and what best practices can be deployed for quick evaluation of potentially relevant custodians and data sources.  Don’t miss it!

So, what do you think?  Have you checked out this latest TSC Commentary yet?  If so, what did you think?   Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Leave a Reply