Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Intellectual property litigators are, by their very nature, interdisciplinary creatures who weave together different strands of the law to effectively advocate for their clients. Lately, however, the fabric of successful litigation has gotten a little more frayed by the pulls of globalization, e-discovery, and data protection. On Aug. 24, the U.S. District Court for the Central District of California affirmed a critical May 29 discovery decision by the magistrate judge in Columbia Pictures Industries v. Bunnell. While this decision has received much attention in e-discovery circles, the court’s ruling on random access memory has overshadowed a larger lesson about international e-discovery and the impossible decision that may face IP litigators: to choose between potentially violating the law of a foreign country and risking discovery sanctions at home. This dilemma has been around for decades, but the Bunnell decision highlights how e-discovery and IP litigation have together driven up the risk of being trapped between competing demands. COLUMBIA PICTURES STORY On Feb. 23, 2006, Columbia Pictures and several other movie producers filed a copyright infringement action alleging online piracy of their movies through the defendants’ TorrentSpy Web site. On May 15, 2006, the plaintiffs sought discovery of the defendants’ server log data, including the Internet protocol addresses of users and information on downloads. During an evidentiary hearing, at least one defendant conceded that without these materials, a case could not be brought “because such logs are �essential’ to finding direct infringement.” Magistrate Judge Jacqueline Chooljian held that the server log data, stored temporarily in RAM, were “extremely relevant” evidence and that the defendants failed to show that the data were not reasonably accessible due to undue cost or other burden. The defendants had objected to preserving and producing the Internet protocol addresses in part because that would violate the law of the Netherlands, where their servers were located — in particular, the Netherlands’ Personal Data Protection Act. But Chooljian ruled that the defendants still had to preserve and produce the data. Their argument was undercut by the fact that, due to recent operational changes, the data for U.S. users were apparently on U.S. servers. However, even if the data were overseas, Chooljian concluded that “it was not clear that the Netherlands’ Personal Data Protection Act applies.” Finally, Chooljian found that even if the Dutch law did prohibit disclosure of the information, it did not deprive the court of its power to order production and preservation of the data. The district court affirmed this ruling, finding that (1) the defendants had not met their burden to show the Dutch law applied and (2) even the law did apply, “it is well settled that [foreign] statutes do not deprive an American court of the power to order a party subject to its jurisdiction to produce evidence even though the act of production may violate that statute.” Finally, the defendants raised several other defenses involving the Stored Communications Act, the Wiretap Act, the Pen Register Statute, and the First Amendment, all of which the court found unpersuasive or negated by the fact that the Internet protocol addresses would be masked in the logs provided to the plaintiffs. PRODUCE THE PROHIBITED The RAM issue has received the most attention from e-discovery practitioners, but it’s unlikely to be (and shouldn’t be) adopted by other courts. Chooljian’s decision to require retention and production of RAM data was based on the specific facts presented and the defendants’ concession of the potentially dispositive nature of those data. What deserves more attention is that the court required the potential production of electronically stored data from the Netherlands, where the defendants believed they were legally prohibited from disclosing it. Chooljian found — after weighing several factors, including the importance of the discovery — that the Dutch blocking statute was not enough to override the plaintiffs’ right to the information. In other words, if the defendants are correct and producing the server log information is prohibited in the Netherlands, they are stuck between violating the judge’s order and violating the Dutch law. This problem is not new. The U.S. Supreme Court addressed the effect of foreign blocking statutes — specifically, Swiss banking laws — on discovery in Societe Internationale Pour Participations Industrielles et Commerciales v. Rogers (1958). Three decades later, the Court in Societe Nationale Industrielle Aerospatiale v. District Court for the Southern District of Iowa (1987), recognizing that discovery in the United States is much broader than in other jurisdictions, endorsed a balancing test to determine when foreign statutes excuse compliance. These may not be the two most famous Supreme Court cases for IP litigators, but they could be on all our lips soon. And the reason is the convergence of globalization, e-discovery, and expanded data protection rights for employees in Europe and elsewhere. Note that this problem is not based on any unique facts of Bunnell; it can appear in any case where a party is required to produce records held outside the United States, particularly stored within the jurisdiction of a European Union member. Intellectual property cases are especially susceptible to this dilemma because they center on intangible property, which, by its very nature, is fluid and easily transmittable. Imagine a patent dispute where one inventor worked in Germany. In discovery for a U.S. infringement case, the inventor’s e-mail could be deemed relevant to what he knew when he made his invention and applied for the patent — a reasonable area of inquiry for those pursing an inequitable conduct defense. Likewise, the e-mail of a French developer of an allegedly infringing product would likely be requested by a U.S. plaintiff attempting to prove willful infringement. Similar issues can arise in copyright, trademark, and trade secret litigation as parties track intangible data around the globe to determine who knew what when. WHEN WORLDS COLLIDE With the advancement of technology, more and more companies have a global scope, either directly or through their subsidiaries, affiliates, agents, and contractors. Businesses perform important tasks all over the world. Much of the evidence of this work is created and maintained as electronically stored information (e-mail, word processing files, databases, PowerPoint presentations, etc.). Wherever it is stored, this information may be subject to the laws of the host country. The Federal Rules of Civil Procedure, however, obligate litigants to produce relevant and responsive information if it is in their possession, custody, or control. This means companies can be ordered to produce data from all over the globe and, arguably, from their subsidiaries, parents, affiliates, and agents. A great deal of information is thus subject to the laws of two or more countries — again not new, only more common in a high-tech, globalized age. What causes the potential contradiction that every IP litigator needs to manage or avoid is the fact that European Union states have enacted data protection laws codifying the concept of privacy as a fundamental human right. Pursuant to the EU Data Protection Directive, each member state has issued national laws governing the “processing of personal data.” Other countries have followed suit, including Australia, Canada, Hong Kong, Japan, Russia, and other European states. While each EU member country’s law has its own nuances and complexities, all of them define “processing” and “personal data” broadly. E-mail, for instance, is almost always considered to be personal data and, therefore, protected. Generally, companies in the European Union can only process data for a specific legal purpose and only as needed for such purpose. Discovery in U.S. litigation is generally not considered a legitimate purpose. In fact, merely preserving personal data for such litigation could arguably run afoul of the data protection laws (a chilling thought given some of the recent sanctions regarding spoliation). These laws also guarantee citizens the right to access and the opportunity to correct and request deletion of information, which potentially contradicts a company’s obligation to preserve evidence relevant to IP disputes. Further, the data protection laws prohibit the transfer of personal data to countries that lack adequate standards of protection. That includes the United States. There are some narrow exceptions — if the receiver has been deemed a “safe harbor,” for example, or if the transfer is authorized using an approved model contract. But it can be difficult, if not impossible, to squeeze document production for an IP case into these exceptions. Moreover, in some countries, even an employee’s consent to preservation, collection, and production of e-mail and other personal data is not sufficient because courts have concluded that such consent cannot be judged “voluntary” given the power of the employer over its employees. The importance of e-mail and other forms of electronically stored information means that IP litigators must be cognizant of the challenges of international discovery. Turning a blind eye to the current tension between broad U.S. discovery and restrictive foreign data protection laws will likely expose clients to liability. Additional forces are working against IP litigators. Businesses are consolidating their information technology systems, meaning that more information than ever before is held abroad. Data protection laws are being enacted in more countries and being interpreted more restrictively. And at home, discovery orders are becoming more expansive — the Bunnell case being a perfect example. PRACTICE POINTERS Here then are five practical tips for international e-discovery in IP cases: 1. Ensure everyday compliance. Data protection laws do not apply only in litigation. Companies should review their ordinary data transfer and processing protocols to ensure compliance. When you need to convince the court that you can’t produce data because of privacy laws abroad, you had better not be violating those same laws in normal operations. 2. Obtain local counsel in foreign jurisdictions. If a party has to produce data from abroad, counsel in those jurisdictions may be able to propose ways to do so and still comply with all foreign laws and regulations. Local counsel can also help bridge any cultural divides caused by the U.S. discovery system. 3. Determine the scope of international discovery as soon as possible. While it is always advisable to figure out early where potentially relevant information is stored, this is especially important where such information may be stored abroad. Complying with an additional layer of foreign laws and procedures can be very time-consuming — a challenge under the typical restraints of U.S. discovery (much less the tougher rules in “rocket dockets”). Moreover, negotiations with the opposing side on discovery of electronically stored information is now mandatory under the Federal Rules, which produces new pressure to agree to ostensibly reasonable requests. You’ll be at a great disadvantage if you promise production of relevant employee e-mail before you learn that key employees are located in the European Union. 4. Use phased discovery of data stored abroad. Negotiate with opposing counsel to narrow any discovery from abroad, but also propose a phased approach, with production from foreign sources postponed until later in the process. In the worst case, you gain additional time to comply with foreign data regulations. In the best case, opposing counsel may be satisfied with production from U.S. sources, obviating the need to go to foreign sources. 5. In arguing that foreign laws should excuse noncompliance with a discovery request, present testimony and facts, not simply conclusions. In Bunnell, the defendants presented very little to back up their claim: (1) a statement that the relevant information was located on a server in the Netherlands; (2) copies of their contract with the company from which they leased the server, which said the contract was governed by Dutch law; and (3) a copy of the Netherlands’ Personal Data Protection Act. They could have provided much more and, in retrospect, should have. A company trying to excuse compliance not only bears the burden of persuasion, but is usually fighting against the natural inclination of the court to permit discovery. Add to this the likelihood that the judge is no expert in foreign data protection statutes, and the need to make a full case becomes clear. So provide expert testimony as to why the foreign data protection laws apply, what hurdles must be complied with (if production is even possible), and what the consequences of violating them will be for the company. Lay out as complete a picture as you can — not simply a barebones argument that “this will be difficult or impossible.” The more you appear prepared and reasonable — with as little data as possible at issue — the better chance you have of convincing the court that your client should not be given the impossible choice between obeying the U.S. court and complying with the foreign laws.
David J. Kessler is a partner in the Philadelphia office of Drinker Biddle & Reath. Kessler, who focuses on intellectual property litigation, founded the firm’s e-discovery and data management task force.

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.