The Sedona Conference Commentary on the Enforceability in U.S. Courts of Orders and Judgments Entered under GDPR
In January 2021, The Sedona Conference published its Commentary on the Enforceability in U.S. Courts of Orders and Judgments Entered under GDPR ("Commentary").
Redgrave LLP Partner, David C. Shonka, served as one of the contributing editors of the Commentary, which was developed by The Sedona Conference Working Group on Data Security and Privacy Liability (WG11) to evaluate the enforceability in a United States court of an order or judgment entered under the European Union (EU) General Data Protection Regulation (GDPR) by an EU court, or by an EU Member State supervisory authority, against a U.S.-based controller or processor. The goal of the Commentary is to provide guidance to stakeholders in the EU and in the U.S. on the factors—both legal and practical—that speak to the enforcement of GDPR mandates through U.S. legal proceedings.
Part I of the Commentary provides an overview of GDPR’s extraterritorial scope under GDPR Article 3 and briefly examines how EU supervisory authorities have interpreted that provision since GDPR entered into force in May 2018. Part II addresses the state of the law in the U.S. regarding the recognition and enforcement of foreign country orders and judgments. Some states have addressed the issue by adopting statutes, and others have relied on the common law. Each approach, however, relies on a set of common principles.
Part II describes those principles, touching on questions about enforcement of private money judgments and injunctions as well as public orders prohibiting or mandating certain conduct or levying fines or other penalties for violations of foreign laws.
Building on that discussion of general principles, Parts III, IV, and V address how those general principles apply to claims by private plaintiffs (Part III) and claims by EU supervisory authorities (Part IV), and the potential defenses they create for U.S. defendants (Part V).
Finally, Part VI briefly addresses the ways that GDPR’s requirements might be enforced other than through the direct enforcement of an existing EU order or judgment entered under GDPR.
The full text of The Sedona Conference Commentary on the Enforceability in U.S. Courts of Orders and Judgments Entered under GDPR is available free for individual download from The Sedona Conference website here.
The opinions expressed in this publication, unless otherwise attributed, represent consensus views of the members of The Sedona Conference Working Group 11. They do not necessarily represent the views of any of the individual participants or their employers, clients, or any other organizations to which any of the participants belong, nor do they necessarily represent official positions of The Sedona Conference.