Data Law Insights

Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Category Archives: Transnational Discovery

Subscribe to Transnational Discovery RSS Feed

Privacy & Cybersecurity Weekly News Update- Week of July 9

Posted in Admissibility, Cybersecurity / Data Security, Government Agencies, Information Management, Privacy, Rules, Social Media, Transnational Discovery
“Pokémon Go” Developer feels the heat over data collection; 2nd Circuit Ruling limits government’s access to data stored overseas; 9th Circuit CFAA Ruling increases Facebook’s control over its Users’ Data; Dutch Study reveals tension between EU Trade Deals and Data Protection “Pokémon Go” Developer in Hot Water over Extensive Data Collection Practices In early July,… Continue Reading

2nd Circuit: Government Cannot Force Companies to Hand Over Communications Data Stored Overseas

Posted in Accessibility, Criminal Law, Government Agencies, Information Management, Privacy, Transnational Discovery
The Second Circuit today issued a much-anticipated ruling holding that U.S. firms are not required to turn over user data stored overseas, even in the face of a government warrant.  This decision arose from Microsoft’s December 2014 appeal of a civil contempt ruling against the tech giant for refusing to turn over the personal data… Continue Reading

Breaking News on New General Data Protection Regulation: Council Agrees on General Approach

Posted in Cybersecurity / Data Security, Data Breach, Privacy, Transnational Discovery
On June 15, 2015, Justice Ministers in the Council reached agreement on a general approach concerning the General Data Protection Regulation (GDPR). This allows the Council to start negotiations with the European Parliament (which formally adopted its compromise text for the GDPR in March 2014) with a view to reaching overall agreement on the GDPR.… Continue Reading

Data Breaches and Data Protection Enforcement: Netherlands and Belgium Not Waiting for New Data Protection Regulation

Posted in Cybersecurity / Data Security, Data Breach, Privacy, Transnational Discovery
The European Commission introduced the draft General Data Protection Regulation (GDPR) in January 2012. The GDPR seeks to harmonize legislation across the EU member states, replacing the 1995 EU Directive and the varying national laws that have implemented this Directive. The European Parliament formally adopted its compromise text for the proposed GDPR back in March… Continue Reading

Belgian Cyber Security Guide

Posted in Cybersecurity / Data Security, Privacy, Transnational Discovery
This morning, I went to a seminar organized by the Belgian Data Protection Authority during which the new “Belgian Cyber Security Guide” was introduced. The guide is an initiative from the ICC Belgium, the Federation of Enterprises in Belgium, B-CCentre (Belgian Cybercrime Centre of Excellence for Training, Research & Education), Isaca, E&Y and Microsoft, with… Continue Reading

Federal judge lifts stay of warrant requiring Microsoft to turn over data stored on server located overseas

Posted in Cloud Computing, Criminal Law, Government Agencies, Privacy, Transnational Discovery
Last week, in In re Warrant to Search a Certain E-mail Account Controlled and Maintained by Microsoft Corp., a federal judge lifted the stay of execution of an order requiring Microsoft to turn over content stored on a Microsoft server located in Ireland.  While this development is largely procedural, we have previously discussed the potential… Continue Reading

Federal Judge Orders Microsoft to give US Prosecutors customer emails stored on an overseas server

Posted in Cloud Computing, Criminal Law, Government Agencies, Privacy, Transnational Discovery
A federal judge in the Southern District of New York upheld a magistrate judge’s decision that requires Microsoft to turn over to federal prosecutor customer email content stored in an overseas Microsoft data center. Ruling from the bench, Chief Judge Loretta Preska concluded that Microsoft must comply with a U.S. search warrant for customer emails,… Continue Reading

Crowell & Moring Releases “Data Law Trends & Developments” and Announces Expanded “Data Law Insights” Blog

Posted in Accessibility, Admissibility, Cloud Computing, Cooperation/Meet & Confer, Criminal Law, Cybersecurity / Data Security, Data Breach, Ethics, Government Agencies, Government Contracting, Government Regulations & FISMA, Information Management, Preservation, Privacy, Privilege/Rule 502, Proportionality, Public Sectors, Rules, Sanctions, Social Media, Spoliation, Technology Assisted Review, Transnational Discovery
We are pleased to announce the publication of a report titled “Data Law Trends & Developments: E-Discovery, Privacy, Cyber-Security & Information Governance.” The report explores recent trends and anticipated future developments on critical issues related to the intersection of technology and the law, which affect a wide range of companies and industries. In addition, the… Continue Reading

What You Should Know About the Changing U.S.-EU Safe Harbor Agreement

Posted in Cybersecurity / Data Security, Information Management, Transnational Discovery
The July 2000 Safe Harbor agreement between the United States and Europe concerning cross-border data flows is one of the key regulatory structures governing how organizations can collect, store, move, and use the massive amount of personal data generated in our interconnected world. Fourteen years after its inception, the agreement is under increasing strain from… Continue Reading

Court Holds That U.S. Government Can Seize Email Data Stored Overseas and Questions Applicability of Fourth Amendment to “Information Communicated Through the Internet”

Posted in Cloud Computing, Criminal Law, Government Agencies, Privacy, Transnational Discovery
In a remarkable decision addressing the reach of search warrants aimed at personal data stored by a third party in the cloud, a court ruled last week that an internet service provider (“ISP”) can be compelled to produce personal information located outside of the U.S. The decision by Magistrate Judge James Francis (S.D.N.Y.) denied Microsoft… Continue Reading

EU Court of Justice Issues New Ruling on Website-Blocking Orders

Posted in Transnational Discovery
On March 27, 2014, the EU Court of Justice (CJEU) ruled in the UPC Telekabel Wien-case that national courts may impose website blocking orders to internet access providers (IAPs) requiring them to prevent their subscribers from accessing a website containing copyright infringing material, without specifying the concrete blocking measures to be taken. The Court also… Continue Reading

EU Data Protection Rules Might Transform the Internet

Posted in Privacy, Transnational Discovery
With initial approval in the European Parliament civil liberties committee (the so-called LIBE Committee), the EU is moving ahead with overhauling its existing 15-year-old Data Protection Directive, replacing it with the General Data Protection Regulation (GDPR). The European Commission introduced the draft GDPR in January 2012 and seeks to harmonize regulations across the 28 member-states,… Continue Reading

Will We Have a New EU Data Protection Regulation in 2014?

Posted in Cybersecurity / Data Security, Privacy, Transnational Discovery
In January 2012, the European Commission published its proposal for a general Regulation on data protection, which would apply directly in all EU Member States (see our newsletters from February 28, 2012, July 12, 2012, and January 22, 2013). The new Regulation should replace the current Directive 95/46/EC on the protection of individuals with regard… Continue Reading

No Time to Waste: Data Breach Notification Required NOW

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Privacy, Rules, Transnational Discovery
On June 24, 2013, the European Commission (EC) issued new rules requiring telecom operators and Internet Service Providers (ISPs) to provide data breach notification to regulators within 24 hours of detection. In the U.S., the Department of Health and Human Services (HHS) issued a proposed rule on June 19, 2013 that would require certain entities… Continue Reading

U.S.-EU Framework Agreement on Data Protection in Law Enforcement Investigations Inches Forward

Posted in Criminal Law, Cybersecurity / Data Security, Privacy, Transnational Discovery
For more than a year, the United States and the European Union have been engaged in negotiations over a data protection framework covering trans-Atlantic law enforcement cooperation. Last week, U.S. Attorney General Eric Holder and EU Vice-President Viviane Reding met in Washington to discuss that and other topics. Both expressed optimism in a joint press… Continue Reading

The Internet Flows Through…Virginia: Federal Prosecutors Use Server Location to Extend Their Reach

Posted in Cloud Computing, Criminal Law, Government Agencies, Transnational Discovery
If you are alleged to have bribed government agents outside the United States or pirated music and movies protected by the Copyright Act, then you may find yourself sitting in a federal court in Richmond, Virginia. Why? Various government agency servers are located in that court’s jurisdiction and evidence of your criminal activities may have… Continue Reading

Apps on Smart Devices and Data Protection: February 27, 2013 Opinion of the Article 29 Working Party Provides Valuable Guidance

Posted in Cybersecurity / Data Security, Information Management, Privacy, Social Media, Transnational Discovery
Apps on mobile devices collect large quantities of data from the device and process these (i) in order to provide services to the end-user, but also (ii) for other purposes that are often unknown or unwanted by the end-user. Many of the data processed, such as location data, contact data, unique device and customer identifiers,… Continue Reading

Federal Judge Approves FTC’s Request to Serve Foreign Defendants Through Facebook

Posted in Rules, Social Media, Transnational Discovery
Earlier this month, a U.S. District Court judge for the Southern District of New York (S.D.N.Y.) ruled that the Federal Trade Commission (FTC) could serve foreign defendants located in India through Facebook messages, as long as the defendants were also served by email. Judge Paul Engelmayer’s order appears to be the first in the U.S.… Continue Reading

The 9th Circuit Takes a Step Toward Stronger Privacy Protections for Electronically Stored Data at the Border

Posted in Criminal Law, Government Agencies, Privacy, Transnational Discovery
Last week, the 9th Circuit issued a “watershed” en banc decision in United States v. Cotterman, restoring – at least to some degree – digital privacy at US borders.  In a controversial ruling causing a split with other Circuits, the 9th Circuit created limits on the government’s ability to search electronic devices at the border,… Continue Reading

Privacy and Data Protection: EU Commission’s Proposal For New Data Protection Regulation – Status

Posted in Cybersecurity / Data Security, Privacy, Transnational Discovery
As I have previously written, in January 2012 and July 2012, the EU Commission has proposed a comprehensive reform of existing EU data protection rules, including a draft for a new Data Protection Regulation. This proposal is the subject of the ordinary legislative procedure, which means it is under review by both the Council and… Continue Reading