[Session 5] Moving Data Overseas: Update on Cross-border Transfer Mechanisms

The transmittal of data across international borders is now a routine part of eDiscovery and an absolutely essential consideration in any Information Governance program, even for organizations that don’t consider themselves to be “global.” The privacy and data security implications for any type of cross-border data transfer, whether in response to a legal obligation or a routine business need, are enormous and complex. In the past several months, the efficacy of established mechanisms for data transfer into the U.S. – court orders, letters rogatory, Model Contract Clauses, Binding Corporate Rules, Privacy Shield, and others – has come under question by regulators, courts, and campaigners around the world. On the flip side, overseas parties seeking discovery in the U.S. under 28 U.S.C. §1782 are finding out that it isn’t as easy as they may have thought. This session will summarize the current state of play, including significant developments with the passage of the CLOUD Act in the U.S. and the continuing Schrems litigation in the EU.