Large, multinational corporations today preserve vast quantities of electronic data out of fear that they will suffer sanctions under the Federal Rules of Civil Procedure for destroying evidence that could be relevant to ongoing or pending litigation. But, as U.S. companies hoard data, European regulators are stepping up enforcement of privacy laws that require the systematic elimination of data that identifies individuals without their consent. These laws, such as EU Directive 95/46, on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data, are arguably far-reaching and may affect data relating to persons with only minimal contacts in the European Union. In some cases, current and proposed laws could implicate data preserved in the United States that has no connection to any EU resident. Litigants in U.S. courts know well that American judges can and do order production of evidence despite foreign privacy laws forbidding it - creating a Hobson's choice between sanctions here for non-compliance with discovery orders or sanctions abroad for violation of the privacy law. But, the ways in which preservation alone can violate non-U.S. data protection laws is less well-known. If current trends continue, however, the over-preservation practices of multinational corporations could come under the scrutiny of European regulators who are increasingly empowered to enforce potentially broadly applicable data protection laws.
U.S. Preservation Requirements and EU Data Protection: Headed for Collision,
36 Hastings Int'l & Comp. L. Rev. 257
Available at: https://repository.uchastings.edu/hastings_international_comparative_law_review/vol36/iss1/4