One of the issues that manufacturers/distributors are paying more attention to is their document retention policies. Things get complicated, however, when a corporation has operations outside of the United States. It is not uncommon, for instance, for a manufacturer/distributor to store information on a computer server that is housed outside of the United States.
Records retention, and the related concepts of data privacy and security, have long been treated differently in the U.S. and Europe. The European nations historically have had a much higher commitment to protecting both privacy and personal data than the U.S. In contrast, the fact that a company stores its data on a server that is located in a foreign country is unlikely to excuse compliance with document requests directed at the U.S. company in a civil action or regulatory inquiry in the U.S.
As a related issue, there have been questions raised on the ability of the U.S. government to obtain information (via a warrant) that may be maintained overseas. There is a bill in Congress that is attempting to address that issue. As described by the National Association of Manufacturers’ Blog, Shopfloor, NAM is supporting the Law Enforcement Access to Data Stored Abroad Act, or LEADS Act, (S. 2871), introduced by Senators Hatch (R-UT), Coons (D-DE), and Heller (R-NV). The main thrust of the bill is that it would preclude the use of a U.S. warrant to obtain content stored on servers outside the U.S. unless the content is in the account of a “United States person.”
Manufacturers and distributors that have any communications kept overseas should monitor this bill closely to see if it is passed. This is another example of the tension that exists between data privacy laws in the U.S. and elsewhere and companies need to be aware of these issues because a small change in document retention policies could have widescale implications.