ArticlesThought Leadership

A Balancing Act: Mitigating Data Privacy Risks in Cross-Border Discovery

By March 1, 2021August 19th, 2021No Comments

The intersection of foreign laws governing data collection and cross-border discovery operations continues to be a challenge in global litigation. US Courts generally will require discovery to proceed, notwithstanding GDPR, local data privacy laws or other foreign legislation that may stand in the way.

How can global enterprises best proceed in a manner that meets the obligations of both US discovery and global data protection requirements?

This article by ProSearch Head of Data Privacy, Ryan Costello, outlines three solutions – protective orders, redactions, and ‘privacy logs’ – for complying with data privacy laws and other foreign regulations that often are at odds with US court requirements for document production.

Read the article here, in the March 2021 issue of Law Journal Newsletters Cybersecurity Law and Strategy.

Ryan Costello

Ryan Costello

A US-licensed attorney and expatriate based in Europe for more than 10 years, Ryan has cultivated an expertise in data protection and data privacy compliance across a career in eDiscovery and litigation support. With a particular interest in the area where cross-border discovery and data protection intersect, Ryan has worked with a myriad of clients to manage EU-based eDiscovery exercises while navigating data protection compliance challenges on both sides of “The Pond.” With the implementation of the General Data Protection Regulation (GDPR) amidst other changes in the regulatory context, Ryan has assisted organizations in remediating cross-border discovery risks at every turn, with an eye toward solutions that utilize best practice technical and organizational measures, data management solutions and innovative technologies. Ryan assists across a range of client engagements, with a focus on assessing protective controls for personal data across the lifecycle of the EDRM. He is also a frequent writer and speaker on the GDPR, as well as data protection compliance topics and challenges in the US and across the globe. Ryan received his BA in English and Communications from Elon University, and his JD from Western New England University.