Congrats to EDRM for publishing the final GDPR guidelines for cross-border eDiscovery after the completion of a public comment period!

Announced on Friday, EDRM released its General Data Protection Regulation Cross-Border Discovery Guidelines, after an “extensive” public comment period.

Parties that have possession, custody, or control of evidence potentially relevant to U.S. litigation or investigations are typically required to identify, collect, preserve, and produce such evidence (with limited exceptions) in response to discovery requests, subpoenas or litigation demands, regardless of where that evidence is located. Those requirements, however, may directly conflict with provisions in the European and UK General Data Protection Regulation (GDPR).

EDRM established the project team to develop guidelines and other resources to assist practitioners with compliance. The updated guidelines can be downloaded here. EDRM’s announcement also has quotes from project team leaders David Cohen and Yelizaveta Kotova of Reed Smith, Helen Kilroy of the Commercial Litigation Association of Ireland (CLAI) and Mary Mack, EDRM’s CEO and chief legal technologist.

The Final GDPR guidelines are comprehensive (at 34 pages), yet easy to navigate with just three primary sections. The first section is the Checklist Guidelines For GDPR Compliance, which provides a set of fourteen questions (and high-level considerations for each) to ask regarding conducting discovery in a GDPR compliant manner. The second section is the Guidelines For GDPR Compliance In The Context Of US Litigation Discovery And Investigations, which goes into more depth for each of the fourteen questions with information you need to know when addressing them. The final primary section is a Template Protective Order, which spans nine total pages (seven pages for the order itself, followed by two single-page exhibits).

With cross-border discovery becoming more common with so many international companies and disputes, the final GDPR guidelines for cross-border eDiscovery are very timely! Congrats to EDRM and the GDPR project team for a very comprehensive and useful set of guidelines!

So, what do you think? Does your organization deal with a lot of cross-border discovery? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.