Risk Update

Information Governance: New Sedona Publications (Legal Holds & Jurisdictional Conflicts w/Cross-border Data Transfer)

A few recent draft publications of note from the Sedona Conference related to information governance issues:

The Sedona Conference Commentary on Legal Holds, Second Edition: The Trigger & The Process” —

  • “This Commentary provides practical guidelines for determining (a) when the duty to preserve discoverable information
    arises, and (b) once that duty is triggered, what should be preserved and how the preservation process should be undertaken.”
  • “The preservation obligation typically arises from the common-law duty to avoid spoliation of relevant evidence that may be used at trial6 and is not explicitly defined in the Federal Rules of Civil Procedure. Nonetheless, the Federal Rules and state counterparts governing the scope and conduct of discovery provide a framework for interpreting the duty to preserve, which the guidelines set forth below interpret and apply.”

Commentary and Principles on Jurisdictional Conflicts over Transfers of Personal Data Across Borders” —

  • “The goal of this Commentary is to provide: (1) a practical guide to corporations and others who must
    make day-to-day operational decisions regarding the transfer of data across borders; and (2) to provide a framework for the analysis of questions regarding the laws applicable to cross-border transfers
    of personal data.”
  • “The Underlying Tension. Data lies at the crossroads of the inherent tension between the free flow of information on the one hand and security and privacy on the other… others value security and privacy highly and believe that free flow needs to be limited based upon principles such as consent, data minimization, and security by design. For example, whereas the U.S. generally distinguishes between public and private data, and affords the latter protections in specific areas, Europe protects the underlying right of a natural person to determine the disclosure and use of his or her personal data and affords such right general constitutional protection.”
  • “What is therefore needed, and what this Commentary hopes to achieve, is to distill and update key choice-of-law principles with respect to personal data. In our view, comity is the bulwark against chaos, and how comity should be applied is one of the goals of this guide. When comity cannot be the answer, the Commentary proposes steps on how conflicts should be resolved. This paper outlines the complex data and legal backdrops that cause conflict and proposes a set of principles to help achieve resolution.”
  • “At present, there is no universal framework for cross-border data transfers in a globalized context. There are, however, certain generally recognized International Law Principles that apply to all nations, which can serve as a starting point for mitigating the conflict-of-laws issue with respect to personal data.”