This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.

The struggle is real. With the EU’s General Data Protection Regulation (GDPR) set to take effect in May of 2018, the serious implications for corporate legal counsel and e-discovery teams are difficult to deny. Among other aspects of its broad reach, the GDPR extends compliance requirements to both data controllers and “processors,” a distinction that certainly includes e-discovery data processing in the context of litigation and investigations. Complicating matters further, the Regulation affords data subjects the “right to be forgotten,” a key aspect that affords individuals that right to request erasure or removal of data from systems and databases, presenting potential new challenges for the collection and hold of data in connection with U.S. discovery requirements.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]