European Data Privacy Laws Require Creative Thinking

Back to Blog

With all of the data privacy changes occurring in Europe recently, data management and eDiscovery require some creative out-of-the-box thinking.

When I was a Chief Information Officer (CIO) in a national defense law firm in the early 2000s (even before most hotels had internet), we created a mobile trial network system that allowed a fully robust system to be delivered to anywhere in the country at a moment’s notice. At the time, we were the only law firm that we knew of that allowed a seamless synchronization between our firm’s network and this mobile unit, allowing legal documents to be easily accessed, reviewed, changed and synchronized between the two systems. We also ran on-demand internet to those locations.  The network and internet allowed our lawyers to be in the most remote of areas and still have full access to any matter’s documents and allow for multiple lawyers to connect their personal laptops to this system in a make-shift war room.

Today, that same concept is enhancing our European solutions.

For some of the largest corporations, we have developed a multi-tier solution of mobile laptops, appliances and network systems that allows technology to be placed in any country for the purposes of processing, hosting and review. Right now, this technology is mostly in Belgium, France, Germany, Italy, Switzerland and the United Kingdom but it has the flexibility to be anywhere.

That flexibility applies to the Foreign Corrupt Practices Act , False Claims Act and other multinational litigation as well, with mobile personnel available for reviews in a variety of sites. There is no need to be tied to a brick and mortar solution.

Why does this matter? The decisions on data management between the United States and Europe are still in flux. Clients need options that are separated from the complexities of laws, but allow a robust solution in Europe. The data should be processed, hosted and reviewed in country and under the client’s control until truly responsive documents are identified.  Then, and then only maybe, can the documents be moved from that country to the United States for introduction into the United States’ court systems.

Additionally, it is important to work with individuals who live in Europe and understand the various countries’ cultures. I remember the first time I tried to set up a system on the fly and quickly realized that, unlike the United States, many European organizations close between Christmas and New Year’s. In addition, they only work specific hours and maintain strict rules against working on holidays.  While this may not be as much of a problem if the matter is being handled in European tribunals or trials, these various considerations must be discussed and handled appropriately when the matter is in the United States’ court system. Here, one may not have a judge that understands the complexity of getting the data from Europe.

Finally, when searching for a provider, look for a company who can handle the data transfer from Europe to the United States while ensuring the necessary documentation is complete for such a transfer.  Each European country’s laws are different. The service provider must have a team with intimate knowledge of appropriate regulations and the ability to pull the data to the United States properly.

From my days as a CIO running T1 lines to portable war rooms to today’s complexities of European privacy laws, one thing remains constant – things are always changing. Challenges must be overcome and usually the best way to get those resolved is through creative, out-of-box thinking.

Posted by Todd Haley, Vice President, Business Intelligence, eTERA Consulting. Todd can be reached at

Share This:

Back to Blog

Leave a Reply

Your email address will not be published. Required fields are marked *