#Article

Information Privacy and Why Your Data May be Safer in Canada


Information Privacy and Why Your Data May be Safer in Canada

A new policy urges US courts to respect foreign privacy laws. That could be good news if your data is stored north of the border.

Whether contemplating the personal information security of social media profiles or worrying about how many e-mails are stored on the company’s server, data privacy is an important issue for legal and human resources professionals, as well as for anyone who stores information online.

Data privacy has been a hotly debated topic in Canada for the past year. The diligence with which Canadians guard their privacy has been showcased in the strong opposition to a proposed online surveillance bill (Bill C-30), which seeks to extend the powers of police and other authorities to access the private information of Canadians without having to get a warrant. The Canadian Privacy Commissioner and the public have spoken out strongly against the bill, reiterating the commitment Canadians have to the strong data protection in place. Canadian privacy laws are considered to be tighter than those in the US, and on par with the robust legislation in place in the EU.

2 Countries, 2 Sets of Rules

While tighter privacy laws can mean that data, even foreign data, stored in Canada is comparatively secure, there is always the fear that other countries can attempt to apply their own laws when the courts get involved, as the US has been known to do.

“…although the US Supreme Court directed federal courts in the 187 case of Aerospatiale v. District Court of Iowa  to show “due respect” for non-US laws through utilization of a five-factor balancing test, US courts have nodded toward that case and then defaulted to directing litigants to follow the US discovery rules,” says Kenneth Rashbaum, a partner in the New York law firm Rashbaum Associates, LLC.

“Where the privacy and data protection laws in the litigant's country proscribe disclosure of the information beyond the country's borders without consent, this places litigants in the Hobson's Choice of deciding whose laws he or she should violate,” he says.

Solution for a Global Economy

But a recent US move may be good news for those who worry about their discovery obligations when data is stored across borders.

Last month, the American Bar Association (ABA) adopted a new policy that urges the US courts to respect the data privacy laws of foreign countries when managing discovery in civil litigation. This could be a reason to feel secure about storing data in Canada, wherever that data may be from.

“It is hoped that the policy will cause judges to reflect upon the dilemma noted above and work with counsel to find ways to permit the discovery to go forward in ways that comply with the laws of the country from which the data has been demanded in discovery,” says Rashbaum, who was the Chair of the drafting team for the ABA resolution.

Let’s All Get Along

“The ABA is not a governmental organization,” he notes, “and the policy does not have the force of law.  It may be cited by litigants as persuasive, but not binding, authority for the proposition that the pertinent data privacy and protection laws should be followed, so that the litigant can comply with the laws of both countries.”

“Most mid-size and large companies have a global presence,” says Rashbaum. “For global commerce to flow smoothly, countries must show respect for each other's laws.”