Preventing Corruption While Protecting Personal Information

Multinational businesses are subject to a patchwork of laws of the various jurisdictions in which they operate. Complying with the myriad rules and regulations can be challenging. Compliance obligations vary from one country to another, even where countries within a market (such as the European Union) have a deliberately harmonized approach. To add to the complexity, requirements under one jurisdiction’s laws sometimes create tension with another’s. For example, more and more companies are implementing due diligence processes for engaging third parties in order to reduce the risks of violating anticorruption laws, such as the U.S. Foreign Corrupt Practices Act (FCPA) and the U.K. Bribery Act 2010 (‘‘U.K. Bribery Act’’). However, their due diligence programs may unwittingly expose them to risks under privacy and data protection laws around the world.

More than 70 countries currently have a privacy or data protection law. These laws regulate the collection and use of personal information, which generally means any information pertaining to identified or identifiable individuals. Because anti-corruption compliance programs often involve collecting and using information about individuals to perform background checks, scrutinize red flags, or conduct internal investigations, these programs fall within the scope of the privacy and data protection laws. In order to carry out such activities lawfully, a company conducting due diligence on third parties may be required to notify concerned individuals about the company’s privacy practices, obtain their consent to the collection and use of the personal information, establish agreements or other controls to share the personal information with affiliates and service providers, or obtain approvals from privacy regulators. Thus, performing adequate anti-corruption due diligence while respecting privacy obligations can be challenging, but can be accomplished.

Originally published in Privacy & Security Law Report on 04/08/2013.

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Topics:  Anti-Corruption, Compliance, Consent, Corruption, Data Protection, Due Diligence, FCPA, Personally Identifiable Information, UK Bribery Act

Published In: General Business Updates, Criminal Law Updates, International Trade Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Morrison & Foerster LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »