Whenever you are dealing with a tax audit there is always going to be the request to turn over documents. That maybe where the IRS says we want you to prove a business purpose. We want you to show us how you negotiated the terms of the deal. And in many instances, where are those documents? They’re in emails. And they are cross-border emails where you have employees of the multi-national company in Mexico, in the U.K., and so what automatically comes into most folks mind is, hey these emails support our business purpose or the negotiations occurred so we’ll turn them over. In comes the data protection laws. And this is something that now has to be at the forefront of any tax audit. Which is are we complying with the data protection laws throughout the world. What does that mean? These data protection laws are rules that govern how personal information, especially of employees but it can be of customers, business partners, competitors. But how this personal information is stored and processed by the employer. So multi-national companies and their tax departments need to consider whether any data privacy rules prohibit the collection or disclosure of this personal data. Cause the processing of this data is regulated in most countries. For example. Just a few months ago, in May of this year the EU came up with legislation that contains rules on how organizations collect or use data of EU citizens. It’s called the General Data Protection Regulation, GDPR. And what GDPR does is it ensures that companies are held accountable for the personal data of EU citizens. These data protection laws are at the forefront of a general councils legal issues that they are looking at. Why is that? For probably two reasons. The first is it’s the personal data and the personal information of their employees. They want it to be protected. But two, is the penalty that is involved. The countries have made sure that if you violate these data protection laws the penalty’s going to be severe. How severe? Up to 4% of the companies worldwide revenue. Because of the fact your protecting the personal information of your employees which is important to do and two because of the potential exposure to this penalty tax departments need to be very cognizant of this issue. And when they compile the information, and analyze the information that their going to turn over to the IRS, they need to have the involvement of data privacy advisors. To make sure that what information can be collected, can be stored, and then ultimately disclosed. Because to the extent that it cannot be disclosed the IRS will appreciate that. And to the extent that the information can maybe be redacted in a document. The IRS will appreciate that. But again, you won’t know that unless you reach out to your data protection advisors. But no matter what, if you’re going to disclose this information outside of the company you can’t afford to ignore these data protection laws.