Services

Mediation is a form of conflict intervention in which the mediator or mediation team assists the parties in their negotiations to help them reach a result, based on their individual interests, that is the best possible outcome for each party and that enjoys the support of all parties. The joint solution is documented in a settlement agreement between the parties.

Mediation involves the resolution of a conflict through negotiations and conciliation. Mediation is most appropriate when the parties are prepared to look for a solution together and want to maintain their relationship, or stop it from deteriorating further. This can be the case, for instance, if the parties involved have a long-term business relationship; then renegotiation is often preferable to ending the contract. Another common situation is where parties have shared interests as well as conflicting interests: for example, reducing losses, avoiding publicity or completing the project as soon as possible. The first step is to list all the interests of the parties involved, doing so in a cooperative spirit (something the mediator in particular can achieve). Those interests do not just have to relate to the conflict; they can also include the parties’ future relationship, which often helps create an opening for a wider range of options.

It is not the mediator’s task to impose a binding ruling concerning the conflict on the parties involved. The parties themselves are responsible for finding a solution, which means they remain in control throughout the mediation.

There are a number of other advantages to using mediation. First, mediation is a relatively fast, cheap option. ITDR’s experience in recent years has shown that nearly every ICT mediation can reach settlement within weeks. A precondition for successful mediation is that the parties cooperate of their own free will and that they remain responsible for the solution. 92% of the ICT mediation cases reported to and dealt with by ITDR resulted in a successful outcome (that is, a signed settlement agreement).

The mediation procedure always starts with an ‘Application’. The request can be submitted by just one of the parties, but it is also possible for the parties involved in the dispute to submit a joint request. The request can be recorded in a basic letter. You will find a basic model below to help you in compiling an application. This model is for an application for ICT mediation submitted by one of the parties to the dispute.

WHEN IS MEDIATION APPROPRIATE

• When mediation is appropriate:
• The parties are prepared to reach a solution together (shared interest).
• The parties want to maintain their relationship, or stop it from deteriorating further.
• The parties do not expect to get a solution from a legal battle.
• The conflict involves disputes about communication rather than fundamentally opposed interests.
• The parties prefer to retain responsibility for the solution.
• The parties are looking for a lasting solution that enjoys the support of all sides.
• The parties are looking for a fast solution.
• The parties are looking for a cheap solution.
• The conflict has not escalated to the point where parties are seeking revenge.
• The parties do not want a case tried in open court for reasons of privacy (confidentiality).
• The parties are willing to cooperate on a voluntary basis.
• The parties are looking for a pragmatic, creative solution.
• The parties are willing to put the past to rest and focus on the future in order to reach a settlement.

WHEN IS MEDIATION NOT APPROPRIATE?

• One of the parties is not prepared to make concessions or is determined to be proved right.
• The parties want a public ruling from the regular courts, for example for the purpose of setting a precedence.
• The parties want an enforceable order (court case or arbitration). However, it should be noted that this can also be achieved by having the settlement agreement drawn up by a civil-law notary.
• The parties want to be sure of a resolution to the dispute at the end of the process.
• The conflict has escalated to the point where each party wants to damage the other.
• One party is much more powerful than the other, so that negotiations would not be on an equal footing.
• It is in one of the parties’ interests to employ delaying tactics.

Arbitration is a form of justice recognized and guaranteed by law in which private arbitrators arrive at a ruling based on a formal legal procedure with associated legal documents. The parties can agree to submit their conflict to arbitration. This means they undertake to submit their dispute to arbitrators, who give a ruling on the case that is binding for the parties involved.

An arbitration ruling has the same force of law as a ‘normal’ ruling. After the arbitrators have drawn up and signed the ruling, it is registered with the court. After that, one of the parties can engage a bailiff, who can for example seize the property of the other party in order to enforce implementation of the ruling. Arbitration is an internationally recognized form of conflict resolution. Many countries have signed the United Nations Convention on the Recognition and Enforcement of Foreign Arbitral Awards.

The big advantage of arbitration compared with the regular courts is that the arbitrators are specialized; in the case of ITDR, they are specialized in problems that are specific to the ICT sector. Consequently, arbitration boards are multidisciplinary. At ITDR, they consist of top-class lawyers with considerable experience of procedural law and ICT conflicts on the one hand, and leading ICT experts with many years of experience with information technology on the other hand.

ITDR is known for the speed with which it can carry out arbitration. It has short completion times of no more than three to four weeks. The sessions of the arbitration board chosen by the parties involved can take place in the Netherlands or abroad, at a time of their choosing. In urgent cases, arbitration can be arranged in a matter of days. That also applies to disputes where a temporary measure needs to be taken. This is far from uncommon in ICT projects where there cannot be any interruption to progress but at the same time such a measure is needed. These cases are usually handled in summary arbitral proceedings. Summary arbitral proceedings are similar to normal arbitration, except that the proceedings can be completed in only a few days.

ITDR offers arbitration among its services. A precondition for starting arbitration via ITDR is that the parties to the dispute have entered into a written agreement in which it has been agreed that any disputes that need resolving will be submitted to ITDR for arbitration. This agreement is termed the arbitration agreement.

In addition to the standard arbitration proceedings, ITDR offers the option of summary arbitral proceedings. Summary arbitral proceedings take only a short time and are aimed at reaching a ruling relatively quickly regarding an urgent matter in which a decision is required in short order. You can consider requesting a provisional arrangement through summary arbitral proceedings if you are unable to wait for the case to be dealt with in standard arbitration proceedings. You will find a basic model below to help you in compiling an application.

WHEN IS ARBITRATION APPROPRIATE

• The parties are seeking compliance with the contract or cancellation of the contract.
• The parties are seeking reasonable compensation.
• The parties are largely able to provide supporting evidence for their arguments (contracts, correspondence, notices of default and such like).
• The parties require an enforceable order (ruling).
• Settlement of the dispute requires (technical) knowledge of the sector and its business practices.
• The parties do not have the time or the patience for court proceedings dealing with the substance of the case.
• The parties wish to be able to resolve their dispute in confidentiality.

WHEN IS ARBITRATION NOT APPROPRIATE?

• The parties want to be able to lodge an appeal (this is only possible for arbitration if agreed in advance).
• The parties do not want a formal procedure.
• The parties want a public ruling from a court (the regular court), for example for the purpose of setting a precedence.
• Undisputed monetary claims.

An expert report is a report by an independent expert (usually an ICT specialist) that gives answers to questions posed by the judge(s), arbitrators or directly by the parties involved. In the latter case, this is usually because the parties involved want a joint picture of how an external expert views their conflict before taking legal action.

There is a distinction between an expert engaged by a party and an independent expert appointed jointly by both parties (or the court or the arbitrators). As ITDR aims to operate exclusively from a neutral and independent position, such reports will always constitute an independent opinion on the case being submitted. Given its status, ITDR will never serve as an expert for one specific party; it will only provide expert reports on the orders of all parties involved, doing so in accordance with the ITDR Rules of Procedure for expert reports.

At the request of the courts, arbitrators or parties involved, ITDR will act as an intermediary in finding an expert. In expert reports for the courts, the expert will focus on those questions that the court has formulated for the specific case.

A. Importance of data protection and information security

ITDR is involved in dealing with, resolving and settling disputes and conflicts to do with the protection of personal data and information security. ICT security is of increasing importance as actions of legislators in the European Union and Switzerland shows. To combat the violation of data abuse, the EU introduced the General Data Protection Regulation (GDPR), the European privacy rules which businesses and organizations must comply with from 25 May 2018. In Switzerland, the parliament revises the Swiss Data Protection Code (“Datenschutzgesetz”, “DSG”) at the moment. It should come into force in January 2021. The aim is, inter alia, to at minimum equalize the Swiss data protection and ICT security with the GDPR.

B. The GDPR

Thanks to the GDPR, the privacy of citizens in Europe is attracting a great deal of attention. The GDPR affects all of society, from large companies to small and medium-sized enterprises. ICT companies too, such as software suppliers, Cloud providers, hosting companies and other ICT service providers, in view of the interest their clients have in ensuring that personal data is properly protected, are giving their full attention to the GDPR. The GDPR also extends to private and public organizations.

• In order to strengthen the protection of personal data, the GDPR imposes a large number of new obligations and sanctions, also in the area of ICT security. The obligations concerning information security consist of new rules on ‘privacy by design’ (the conversion of the principles of the GDPR into software code) and ‘privacy by default’ (the technical set-up of privacy). Any breach of privacy and security rules risks incurring heavy fines and liability.
• In the ICT sector, the GDPR is also making its presence felt in often much more stringent requirements in ICT contracts, requests for tenders and tender documents. This can be seen, for example, in processor agreements and other contracts that are designed to ensure that personal data is dealt with carefully. These contracts deal with difficult and wide-ranging matters, as the issue of privacy and security has now grown to become a specialist discipline.

C. The Swiss Data Protection Law (SDPL/"DSG")

For the Swiss market, it is important that the SDPL will be acknowledged as equal to the GDPR. Therefore, one of the most important guidelines for the Swiss parliament during the current revision is to keep up with the standards of the GDPR. However, the approach in Switzerland is to protect privacy which is why the parliament wants to include a so-called profiling with high risk. Profiling with high risk means the systematic processing of combined personal data to draw conclusions about different areas of a person's life. In case of a profiling with high risk, it is planned to ask for explicit consent of the person whose data is processed. The special handling of profiling with high risk could put the equivalence decision of the EU at danger. Until the new data protection law comes in force, however, the Swiss Data Protection Law of 1992 stays in force.

D. The role of ITDR

Failure to comply with the statutory rules and contractual provisions concerning privacy and security can lead to complex conflicts and disputes. ITDR can call on experts with many years of extensive practical experience in privacy and security matters, both lawyers and ICT experts.

A significant advantage of having ITDR deal with disputes in this area is the total confidentiality and secrecy that is guaranteed under the ITDR regulations. This is different when the regular courts are involved, as they act in the public domain. By their very nature, the security policy and security measures of an organization must hardly ever be exposed to the general public. With this in mind, engaging ITDR is an obvious choice.

ITDR is fulfilling its social responsibility to play, even more clearly than before, a professional, independent and impartial role in dealing with disputes and conflicts. A dispute or conflict can be submitted to ITDR on the basis of existing ITDR rules. The associates of ITDR all have extensive and in-depth experience in this area.

E. Privacy and security disputes

Privacy and security disputes come in all shapes and sizes. Among the issues dealt with are:

• Disputes about the implementation of processor agreements
• Disputes arising if organizations exchange personal data between themselves, either on an ad-hoc basis or on a large scale
• Disputes between a Data Protection Officer or another privacy professional within an organisation and the (senior) management of that organization
• Disputes about security incidents and data breaches
• Disputes about security with software development
• Disputes about specific security measures, such as penetration tests and monitoring
• Disputes about privacy and security tools
• Disputes about specific security standards, such as ISO 27001, ISO 27002, NEN 7510, NEN 7512 and NEN 7513.
• Specific, customized arrangements can be made to deal with disputes between businesses and organizations on the one hand, and citizens whose data are processed on the other hand.