- Court Refuses to Allow EU Privacy Laws to Shield U.S. Company from Discovery Obligations
- April 10, 2018
- A federal court in Michigan recently became the latest court to weigh in on the extent that litigants could rely on European Union data laws to shield them from producing documents in U.S. litigation. The United States District Court for the Eastern District of Michigan held that despite restrictions on the disclosure of “private” data inherent in E.U. data law, a litigant in the United States was still required to comply with the discovery requirement of the Federal Rules of Civil Procedure even if that necessitated production of documents and data stored on servers in the European Union.As email communication and ESI have become ubiquitous in world commerce, the United States and the European Union have applied radically different default rules concerning its ownership and placed radically different default rules on their use in litigation. The European Union considers any email or ESI which contains a personal identifier, such as a name, to contain personal data. The EU Data Protection Directive (also known as Directive 95/46/EC) is a regulation adopted by the European Union to protect the privacy and protection of all personal data collected for or about citizens of the EU, especially as it relates to processing, using or exchanging such data.As it relates to litigation, the EU Data Protection Directive forbids production of any emails or ESI without first identifying the individuals whose “personal data” is implicated and obtaining the consent to its disclosure. In practice, these rules dramatically reduce the exchange of documents between parties in European litigation.In a world of international commerce, a growing number of legal disputes in the U.S. implicate emails and other ESI stored on servers in the European Union. Savvy European companies subject to U.S. litigation have invoked E.U. data law requirements for some time. The parties citing these provisions often rightly claim that compliance with them makes adherence to U.S. discovery norms prohibitively expensive. In response, these companies often seek relief from court from normal U.S. document production obligations.U.S. courts have begun to annunciate a rubric for determining when and how E.U. data law might limit discovery in U.S. litigation. Relying for guidance on a 1987 U.S. Supreme Court decision, these Courts have acknowledged that such foreign statutes do not deprive an American court of its power to order a company to produce evidence. However, U.S. Courts do look a multiple factors to determine whether production of a specific set of emails and ESI in a given case is warranted. These factors include the importance of the emails and ESI to the litigation, alternative means of securing the information, and the extent that noncompliance would undermine U.S. interests.This already complex issue has become compounded as U.S. companies which are subsidiaries of E.U. companies also seek to invoke E.U. data privacy laws to limit their own U.S. discovery obligations. These U.S. subsidiaries premise this position on the fact that their emails and ESI are housed on E.U. servers. In the Michigan case, the Court had to wrestle in part with such a claim. In dismissing the concerns raised by such a U.S. company and ordering it to produce ESI in the U.S. which was stored in the E.U., the Court noted that the United States had a substantial interest in vindicating the rights of American plaintiff. The Court further reasoned that E.U. data law would not compel it to disregard its duty to render a fully informed disposition of the case.
Until such time that the U.S. and E.U. forge a compromise approach to their widely different classification of work email and other ESI, companies facing litigation with E.U. parties or their U.S. subsidiaries must be prepared to deal with the additional challenge and expense posed by the EU Data Protection Directive.