Multilingual Legal Translation Services for the EU
Multilingual certified corporate translation services come in handy in cross-border litigation. Anyone familiar with international litigation is well aware of the fact that US discovery demands for evidence in the European Union (EU) can lead to major conflicts with EU data protection requirements. This is particularly true in arbitration, where the proceedings do not have the imprimatur of a Court. However, on a positive note, the relative flexibility of the arbitration practice and the tradition of streamlined discovery make the issue less difficult.
In general, European data protection issues typically arise in the international arbitration context often involving multilingual litigation translations. However, these issues often arise under purely domestic United States rules if one of the parties is a European company or an affiliate of a European company. As international arbitration often provides only for restricted discovery, it is the US domestic arbitration context that the most problematic privacy issues arise.
In this post we look at some of the conflicting obligations presented by EU and US laws and the different approaches the two take towards data protection.
Conflicting Obligations and Expectations
Discovery issues tend to arise in cross-border litigation where the US expectation of broad-ranging discovery is applied to persons or entities in European countries with significantly narrower approaches to discoverability of information in litigation. These issues become more problematic when the documents sought in discovery include information considered to be personal information by EU countries. The EU typically defines personal information as anything relating to the individual and thus raising privacy concerns – needless to say this is much different than the United States’ definition and thus causes significant problems with cross-border discovery.
Gathering Foreign Language Evidence
As a general statement, the civil law jurisdictions in the UE and the US have fundamentally different methods of gathering evidence. In the EU, civil law jurisdictions generally limit disclosure of evidence to what is offered by each party as evidence in support of a case. On the other hand, in the US pre-trial discovery rules are very broad. When an arbitration involves parties from both the US and EU, the parties face the need to reach a middle ground between these two approaches that also takes into consideration privacy concerns and potential breaches to EU law.
It must be noted that privacy is taken very seriously in the EU. Even if a business entity involved in arbitration is willing to provide discovery, it must still comply with applicable privacy and data protection laws. Thus, it is essential that an arbitration tribunal carefully manage the discovery process and carefully address privacy and data protection issues.
Data Protection on Both Sides of the Pond
The bottom line is that the US and EU have very different notions of what is considered ‘personal data’ and in order to successfully manage the discovery process in the arbitration setting one must understand these differences.
The EU uses a broad view of what constitutes personal data. Protection of personal data falls under Directive 95/46 EC (European Parliament) and the 1995 Data Protection Directive, which define it as ‘any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.’ Thus, personal information includes emails and documents created at the workplace (including lab notebooks, quality assurance documents, work-related memos and reports, along with the individual’s name and contact information.
Accordingly, personal data may be collected only for a specific, explicit purpose and may not be further processed in a manner incompatible with the original purpose ‘unless the use meets a specified exception’. Furthermore, the Data Protection Directive also requires that individuals must receive detailed notice regarding processing of their personal data and that ‘records containing personal data must be adequate, relevant and not excessive to the purposes for which the data are processed as well as accurate and kept up-to-date.’
Needless to say, this is very different from the approach taken in the US, where protection of personal data is generally restricted to specific types of sensitive information such as personal medical information, social security information, information relating to children and financial information. Further, the US does not recognize specific limits on processing data for business purposes.
Read our legal translation blog post on litigation translation and data protection in the EU.
Contact our litigation translation company to translate GDPR Engagement Letters from English to the EU languages.