Legal Implications for Information Technology, Services and eDiscovery in APAC
On 21 September in Hong Kong, the Sedona Conference held its first one-day forum in Asia to address the unique challenges facing the data privacy and eDiscovery practitioner communities in Asia, including:
- The global trend of exploding data volume and data type diversity
- Asia regional diversity in legal systems – for example, Asia has more than 50 jurisdictions, only four of which are common law
- Languages – Asia has eight times more languages than in Europe
- Technology – including the “bring your own device” (BYOD) trend, and the popularity of WeChat and other chat applications
The “Sedona-style” conference featured small group collegiate discussions (where Chatham House Rule apply), and the gatherings are as much about bringing together thought leaders to have a meaningful dialogue on law and policy as they are about developing guidelines and principles to address topical problems, especially eDiscovery, data transfers and privacy.
Hong Kong – as part of China but with a separate and independent legal system, and serving a gateway of global trade and data flow – was a particularly good location for the event. Hong Kong, in legal and technology terms, is a valuable location for data centers, information storage and processing operations to serve the greater Asia-Pacific region as well as global organizations doing business in Asia.
Takeaways from the event included:
- Information governance and eDiscovery exist on the same data continuum: Legal practitioners must understand this continuum to manage interrelated risks arising from both legal and regulatory regimes governing data privacy, data localization and cross-border data transfer, as well as from cybersecurity and infrastructural challenges.
- Critical stakeholder involvement: All stakeholders from both public and private sectors and from the data privacy and eDiscovery practitioner communities should be involved – and engaged – in the eDiscovery process.
- Data as risk vs. value: Compliance can be viewed through a few different lenses, all impacting corporate budgets and strategy. Different compliance approaches should be taken whether facing the context of data privacy or data security. In sum, compliance can be seen as both a risk and cost as well as a business-enabling value-add.
- Legal and IT must work together: eDiscovery is a good benchmark for managing risks and costs in the intersection between legal/compliance and IT; it’s an area where cooperation and coordination between legal/compliance and IT and internal and external counsel is crucial; and where interdisciplinary understanding is quite valuable.
The forum, hosted by Mayer Brown in Hong Kong, packed much discussion into a single day, and delivered plenty of food for thought for eDiscovery, compliance and technology professionals alike.