Using Arbitration and ADR for Disputes about Personal and Non-Personal Data: What Lessons from Recent Developments in Europe? - ARIA - Vol. 30, No. 2
Originally from American Review of International Arbitration (ARIA)
The application of the General Data Protection Regulation (GDPR) as of May 25, 2018, has provoked a flurry of reactions well beyond the territory of the European Union (as a result of the extensive territorial scope of the GDPR that can affect entities located outside of the European Union under certain conditions).
The GDPR has attracted a lot of attention and has also raised some concern in many business and legal communities, including the international arbitration community. The application of personal data law to the processing of personal data in the course of arbitration proceedings can be indeed quite complex (and potentially burdensome) and may impose additional obligations on the parties and (on the arbitral institutions) involved in the proceedings that must be taken very seriously in view of the risks of liability resulting from the GDPR.
In spite of the importance of the application of the GDPR to international arbitration, it would be regrettable to consider that the new legal regimes regulating and protecting data (such as the GDPR) are only a source of concern for the global arbitration community. On the contrary, these legal regimes that create new legal obligations are likely to generate new legal challenges and legal disputes that could in turn be submitted to arbitration and to other alternative dispute resolution mechanisms in certain circumstances. It is consequently not surprising that providers of arbitration and of other alternative dispute resolution (ADR) services have emerged in order to offer online dispute resolution tools for solving GDPR-related disputes (specifically for data breach disputes). In any event, it is clear that in our data-driven economy in which data is and will be a key driver of innovation and power, the volume and strategic importance of “data disputes,” generally defined as disputes relating to the conditions of protection, of access to and/or of use of data in certain circumstances will (continue to) increase significantly in the future.