Not so long ago, the discussions on privacy and personal data protection seemed restricted to legal professionals directly involved in the technology field. The status quo changed very quickly: currently, there is no area of law that is not impacted by these issues. Today, data protection issues go well beyond the management of databases by entities and to sanctions that can be applied in case of data breaches. The seriousness attributed to the topic by governments of several countries has imposed a radical change in the various professional fields of action. In this context, this essay deals with the interface between data protection and international arbitration. It aims to demonstrate that international arbitration has become a notorious stage for the applicability of different public policy rules that seriously impact the roles of all professionals involved in them, including the parties, lawyers, arbitrators, witnesses and other agents that act directly or indirectly in the proceedings.
This essay is organised as follows: in addition to this brief Introduction, section 2 delimitates the main concepts and definitions related to personal data protection (using as main guidance the General Data Protection Regulation—‘GDPR' and the Brazilian Data Protection Act—‘LGPD'), as well as the lawfulness of the processing of personal data in lawsuits and arbitrations; section 3 focuses on addressing the data flows typically found in international arbitration and on examining the possible extraterritorial application of data protection laws to agents involved in the arbitration process; finally, section 4 addresses examples of risk situations and mitigating measures that can be adopted in the context of international arbitration, taking into account the impact that non-compliance with data protection regulations may cause.
Already registered ?