Extract from Doug Austin’s article “Cross-Border Discovery and the Battle Between Relevancy and Data Privacy Concerns”
With so many multi-national organizations today and global regulatory environment expanding significantly in recent years through GDPR and other data privacy laws, it was inevitable that we were going to see more cases involving cross-border discovery. It was also inevitable that we were going to see more disputes over whether potentially responsive data from custodians in foreign jurisdictions is protected through data privacy laws.
And inevitably we are seeing those disputes more frequently play out in American courts. Let’s look at a couple of those cases here.
Giorgi Global Holdings, Inc. v. Smulski
In this case against the defendants alleging civil violations of the Racketeer Influenced and Corrupt Organizations Act (RICO) among other things, the plaintiffs requested via letter that defendant Wieslaw Smulski be ordered to produce documents in compliance with the Federal Rules of Civil Procedure without regard to Polish law and/or GDPR. Defendant Smulski claimed that he couldn’t produce otherwise discoverable documents in the case because the GDPR and/or Polish privacy law prohibit him from doing so. Smulski lived in Poland but was an American citizen.
But the Court disagreed. Pennsylvania District Judge Jeffrey L. Schmehl ruled that the defendant, “an American citizen sued in the United States, bears the burden of showing that the GDPR and/or Polish privacy law bar production of…relevant documents” which “he cannot do”. As a result, Judge Schmehl ruled that the “GDPR and/or Polish privacy law does not bar Smulski’s production of relevant documents in this matter.”
