Imagine a U.S. prosecutor is investigating a criminal matter and needs to obtain data or information stored in a suspect’s smartphone application. The problem is, the app was developed by a small tech startup in Denmark. In order to obtain access to the relevant information, the prosecutor would need to issue a MLAT subpoena to the app developer. Under normal circumstances, this would be a challenge, because of the General Data Protection Regulation (GDPR), a regulation of the European Union (EU).
Under the GDPR, European companies cannot provide user information or private data in response to a U.S. subpoena, except in a manner that is consistent with the Mutual Legal Assistance Treaty (MLAT). America has entered into MLAT agreements with 65 other countries and reached a specific agreement with the EU with regard to how data disclosure would be handled in these situations. Foreign companies who receive a U.S. subpoena should carefully consult an experienced Internet attorney from Revision Legal to help navigate the appropriate response.Read more