GDPR: The Most Frequently Asked Questions: Can a litigant use a subject access request as a means of obtaining quasi-discovery?

BCLP
Contact
LinkedIn
Facebook
X
Send
Embed

The European Union's General Data Protection Regulation ("GDPR") is arguably the most comprehensive - and complex - data privacy regulation in the world.  Although the GDPR went into force on May 25, 2018, there continues to be a great deal of confusion regarding the requirements of the GDPR.

To help address that confusion, Bryan Cave Leighton Paisner is publishing a multi-part series that discusses the questions most frequently asked by clients concerning the GDPR.

Question: Can a litigant use a subject access request as a means of obtaining quasi-discovery?

Answer: Yes. The UK’s Information Commissioner’s Office has taken the position that a company (or a lawyer) cannot refuse to honor a data subject’s access request simply because the “requester is contemplating or has already begun legal proceedings.” According to the ICO, “whether or not the applicant has a ‘collateral’ purpose (ie other than seeking to check or correct their personal data) for making the [subject access request] is not relevant.”

The net result is that if the access request does not adversely impact the rights or freedoms of a third party (e.g., request information that is subject to attorney client privilege, or that concerns a third party), a lawyer that controls such information may be required to produce it to a requestor that is attempting to obtain information that may be useful in litigation.

[View source.]

Written by:

BCLP
BCLP
Contact
more
less

BCLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide