DATA IN DISPUTE: THE ARBITRATION GREY AREA IN DATA PROTECTION SCHEMES
In the age of virtual communication, a large number of professional interactions are subject to data privacy laws. Neutrals who use personal information in the handling of disputes are subject to these laws and all their administrative requirements. Moreover, in a dispute between parties from two different countries, more than one data protection law may apply. As a result, compliance can be onerous, requiring the arbitrator to track their responsibilities, follow and control the flow of information, and comply with data subjects’ individual rights.
Though data protection laws are diverse, many have a common shortcoming: they do not contemplate private dispute resolution as a legitimate reason for collecting or processing data. Neutrals are therefore required to provide their own justification, such as a legitimate business purpose or a judicial function, neither of which is entirely accurate in capturing the neutral’s role. To address this conflict, this article argues that dispute resolution should receive greater recognition in future statutes.
Despite growing enthusiasm for and even public enfranchisement of alternative dispute resolution (ADR), data protection laws largely do not acknowledge it. Because mandatory laws will follow the parties to the proceedings, compliance in international dispute resolution could be difficult.
The 2021 International Arbitration Survey by White & Case found that international arbitration is the preferred method of resolving cross-border disputes for 90 percent of respondents. In the US, the Federal Arbitration Act (FAA) was introduced specifically to promote arbitration as a matter of public policy and to make arbitration agreements involving interstate commerce enforceable. Courts readily refer cases to ADR processes, a policy which is a far cry from the enmity in the courts that the FAA was enacted to fight.
Jan-Mar 2024 issue
New York International Arbitration Center (NYIAC)