FTC investigations are supposed to be non-public. In fact, FTC regulations require the agency to preserve the confidentiality of the existence of their investigations and all of the company information and witness testimony they obtain during their investigations.

So how is it, then, that a detailed internal report of the FTC staff’s confidential investigation of Google — full of quotes from confidential business documents and witness testimony — and its recommendation to sue the company for multiple antitrust violations was suddenly front page news?

And was this disclosure an isolated occurrence?

Unfortunately, no.

The Wall Street Journal recently broke the news that the Federal Trade Commission (“FTC”) had inadvertently disclosed FTC staff’s internal and confidential report about its 2012 investigation into Google’s search engine practices in response to a FOIA request.1 In 2013, the FTC Commissioners decided not to sue Google based on charges that it had been stifling competition by manipulating search results but Google did agree to change how it displayed third party content and reformed its advertising practices. 2 The newly-released 2012 report, however, shows that FTC staff compiled significant evidence that it believed argued in favor of suing the search giant for multiple monopolization violations.3 Indeed, FTC staff concluded that Google’s actions resulted in “significant harm” to rivals.

The Commission decided not to sue Google after extracting Google’s promise to change its business practices.4 In the wake of the report’s disclosure, though, the Commission is now being criticized for being too lenient and it is looking to do damage control, as the disclosure - and the Journal’s subsequent refusal to return the report - has raised significant questions about protections for confidential information at the FTC.

Leaks During the FTC’s Google Investigation

This is not the first time that improper disclosures from the FTC have made the news. In fact, it is not even the first time the FTC has been criticized for improper disclosures of its investigation of Google. In 2012, when the FTC investigation was underway, unnamed sources told a variety of media outlets that top decision-makers at the FTC thought a case should be brought against Google.5 Senator Ron Wyden later slammed the FTC leaks, and said he intended to find those responsible for failing to keep the information confidential as required by federal law.6 This led to a request by the then Chairman of the House Committee on Oversight and Government Reform, Darrell Issa (R-Calif.), to the FTC’s Investigator General at the time, Scott Wilson, to start a probe into the media leaks.7 The FTC responded by asking the United States Postal Service (“USPS”) Office of Inspector General to conduct the investigation on their behalf.8

The investigation did not identify those responsible.9 But it did find that “managers and supervisors within the FTC’s Anticompetitive Practices and Mergers 1 Divisions maintained regular email contact, both receiving and sending messages, with several reporters.”10 It also uncovered numerous examples of disclosures of internal deliberations and positions of the FTC’s Commissioners and what legal action, if any, the FTC was prepared to take against Google.11 These types of findings may merit further review on the FTC’s part into what occurred and how to prevent similar breaches in future.

How Did it Happen This Time?

In this most recent instance, the FTC staff’s internal recommendation and report was disclosed inadvertently as part of an unrelated Freedom of Information Act (“FOIA”) request.12 FOIA allows for the disclosure of records or information from federal agencies in response to a written request. While the law was first enacted in 1967, a 2005 executive order updated the legislation and implemented changes designed to ease the FOIA process and improve administration of the FOIA program.13 FOIA applies to executive branch government agencies, including the FTC and Department of Justice (“DOJ”).

Despite this mishap, there are stringent confidentiality protections in place (provided they are complied with) to protect information that parties send to the antitrust enforcement agencies, as well as their decision-making process. In the antitrust context, there are two broad categories of potentially sensitive information: documents and information provided as part of a pre-merger notification or through compulsory or voluntary process related to an agency investigation.

Protections for Merger Review Materials

One of the most common reasons for submitting confidential information to either the FTC or DOJ is in connection with a Hart-Scott-Rodino (“HSR”) filing that is required to notify the agencies of a planned merger. The HSR filing and further responses to later agency requests during their merger investigation are nonpublic and exempt from disclosure under FOIA.14 They may only be disclosed when required as part of an administrative or judicial proceeding, or if disclosed to Congress.15 Protected information includes the fact of filing, which would reveal that filing thresholds were met. However, parties seeking to stringently protect the fact of filing are advised not to apply for early termination, as grants of early termination are public.

The agencies take a similar stance on disclosure of any HSR materials to other independent federal agencies. They interpret the HSR Act to preclude such disclosures unless the parties issue a waiver.16 Similarly, while the FTC and DOJ are increasingly cooperating with foreign competition enforcement agencies, neither agency will share confidential business information without the consent of the filing parties. However, HSR filings and related materials in the possession of the filing parties are treated without differentiation from other documents in private litigation. Accordingly, while the FTC and DOJ will not disclose the contents of an HSR filing, they can be obtained directly from the parties during the discovery phase of a litigation proceeding.17

Once the HSR investigatory process ends, there is no statutory provision restricting future use of HSR materials by the agencies. The FTC has stated that the HSR Act authorizes the Commission and the Assistant Attorney General to use their discretion in making information filed under the HSR Act public in proceedings brought by or against the Commission or DOJ. As a result, once an investigation is ended, it is common practice for the parties to request the return or destruction of any information submitted. Nonetheless, the FTC and DOJ have indicated that, when feasible, they will give 10 days’ notice of their intended use of such materials. Where 10 days’ notice is not possible, staff will provide as much notice as is possible, advise the forum that the material was obtained in the HSR process, and request that the materials be received in camera (in chambers). Providing notice gives the parties time to seek protective orders covering the information.18

Other Compulsory and Voluntary Submissions

Confidential information submitted outside of the HSR process may find protection under the FTC Act. That statute exempts all materials obtained through compulsory process from FOIA disclosure. Information provided voluntarily in lieu of compulsory process is also protected but not to the same degree. For example, while information obtained through compulsory process is protected by Section 21(b) of the FTC Act, which requires information to be under the control of an FTC custodian and access limited to duly authorized FTC employees, the same protection is not in place for information provided voluntarily.19 FTC rules also strictly limit the agency’s discretion to release information obtained voluntarily in the course of a law enforcement investigation if the information is designated confidential. Such information can only be disclosed if the FTC determines that it is not a trade secret, or privileged or confidential commercial or financial information. In the event of such a disclosure, the FTC Act requires that the agency provide 10 days’ notice prior to disclosure and an opportunity for the submitter to challenge the disclosure in court. Parties appearing before both the DOJ and FTC can also seek written assurances that information will be protected from disclosure or that they will be given advance notice in the event of a disclosure.20

Penalties for Disclosure

The unauthorized disclosure of information obtained by the FTC is a criminal offense under Section 10 of the FTC Act, and can be punished by up to a $5,000 fine and one year imprisonment.21 Further criminal sanctions are also available under the Trade Secrets Act or the Larceny Act. Unauthorized release of information could lead to disciplinary proceedings within the FTC. Similarly, unauthorized disclosure of information obtained by the DOJ can lead to a fine, imprisonment of up to one year, and removal from office.22

Takeaway

The HSR Act, FTC Act, and agency rules and procedures have many structures in place to prevent the disclosure of confidential information, with additional procedures in place allowing parties’ ample notice if disclosure is contemplated. As the recent Google incident shows, however, the FTC’s protections are not foolproof. Parties submitting information to the enforcement agencies should be aware of the protections in place, both at the time of submission and in the event that an agency later determines that disclosure is required as part of an administrative or judicial proceeding. Companies should also know when waivers may be requested and when to seek written assurances. Accordingly, knowing when and how to protect disclosures to the antitrust enforcement agencies allows parties to better safeguard their own confidential information.