The High Court of Ireland found that the Competition and Consumer Protection Commission (the CCPC) seized material to which it was not entitled during its dawn raid of CRH and granted an injunction preventing the CCPC from accessing the materials seized. The judgment provides useful insight for both businesses and practitioners on the CCPC's approach to dawn raids and arguably raises a question mark over the CCPC practice of the bulk seizure of electronic documents for subsequent off-site review without first having assessed the documents for relevance.
As part of an investigation into alleged anti-competitive practices in the bagged cement sector, the CCPC conducted a dawn raid at the premises of Irish Cement Limited (Irish Cement) in County Louth. During the course of this search the authorised officers of the CCPC, acting pursuant to a search warrant, took a copy of the email inbox of a senior executive within the CRH Group of which Irish Cement is part.
The Court was ultimately satisfied that, on the balance of probabilities, some of the e-mails seized were not caught by the terms of the search warrant. In particular the inbox contained emails and attachments which were unconnected to the business of Irish Cement and related instead to other CRH group companies with which Mr Lynch was involved. The central issue before the court was what should be done with the emails which it was claimed the CCPC did not lawfully have in its possession.
CRH applied to the High Court for a declaration that the CCPC had acted outside the scope of the search warrant and ultra vires and contrary to section 37 of the Competition and Consumer Protection Act 2014 (the 2014 Act) and sought an injunction restraining the CCPC from accessing, reviewing or making any use whatsoever of the records sized which did not relate to an activity in connection with the business of supplying or distributing goods or providing a service at Irish Cement in County Louth.
CRH also sought declarations that the CCPC had acted in breach of Article 8 of the European Convention on Human Rights (the ECHR), Articles 7 and 8 of the Charter of Fundamental Rights of the European Union (the Charter), the plaintiff's right to privacy under Article 40.3 of the Constitution and the Data Protection Acts 1988 and 2003.
Powers of Authorised Officers
In general terms, Section 37 of the 2014 Act deals with the powers of authorised officers of the CCPC when conducting competition law investigations. The Court considered that Section 37 was drafted in unambiguous terms meaning there was no need to apply anything other than a literal interpretation.
The court considered the powers arisingunder section 37(2) paragraphs (c) and (e) of the 2014 Act to be" very broad" in that they grant seizure, retention, inspection and copying powers in respect of any books, documents or records relating to an activity found at any place referred to in paragraph (a)(emphasis added).
The reference to "place" includes any place at which any activity in connection with the business of supplying or distributing goods or providing a service, or in connection with the organisation or assistance of persons engaged in any such business, is carried on. The term "activity" is also widely defined in that it is not limited to an activity of Irish Cement but incudes any activity in connection with the business of supplying or distributing goods or providing a service, or in connection with the organisation or assistance of persons engaged in any such business.
The Court found that the constraint on this "vast breadth of information which section 37(2) (c) and (e) allow the Commission to 'hoover up'" is limited "by law and in practice" by section 37(1) which only permits authorised officers to exercise these powers for the purpose of obtaining any information which may be required in relation to a matter under investigation.
The "over-reach" in searches
This raises the question of what then is to be done with material (other than legally privileged material which is dealt with in the 2014 Act), that is seized under Section 37 but should not have been seized, a question which the court considered to be "largely, if not entirely, ungoverned by law".
The Court repeatedly emphasized that this "over-reach" in searches is unavoidable noting that:-
Unless the law were to require (and it does not) that authorised officers consider every individual document before they copy and/or take it, then it is likely if not inevitable that there will be some over-reach in every search.
The CCPC had suggested that it would review the material and sieve out the material to which it was entitled to. The CCPC pointing out that it was bound by the duty of confidentiality under Section 25 of the 2014 Act. The plaintiff, and ultimately the Court, rejected this solution. Describing Section 25 as the "leakiest of sieves" when it comes to the protection of confidential information, the Court expressed the view that the plaintiffs could be forgiven for believing that Section 25 didn’t meet their fundamental concern that the CCPC has possession of information which it was not entitled to possess.
The Court therefore granted an injunction prohibiting the CCPC from "accessing… pending any (if any) agreement as might be reached between the parties to those proceedings to their mutual satisfaction, whereby a section 33-style or other arrangement is established to sift out that material that ought to have been taken from that which was not."
Section 33 of the 2014 Act sets out the treatment of privileged legal material. Section 33 provides that where material which is seized by the CCPC which is claimed to be legally privileged, there is a mechanism for such material to be vetted impartially with a view to determining whether that privilege has been correctly claimed. The court described this as a "perfectly sensible and practically operable process" and stated that;
It appears to the Court that there is no reason why such a process could not have been voluntarily agreed between the Commission and the plaintiffs.
Invasion of Privacy
The Court did not accept that the collection of material not covered by the terms of the search warrant was a breach of Article 8 ECHR or of the plaintiff's right to privacy but considered that a breach would occur if the Commission were to proceed to review the material;
The plaintiffs contend that for the Commission to go through material that it was not authorized by warrant to remove gives rise, literally and legally, to an unwarranted breach of the right to privacy. This is a contention with which the Court respectfully agrees.
This arguably raises a question mark over the CCPC's practice of bulk seizure of emails for off-site review which would tend to capture emails which are not relevant to an investigation. During proceedings, the CCPC justified this practice on grounds that it minimised the impact of the raid on the business, allowed for review in a "controlled environment" and was generally in line with international best practices relating to digital evidence.
Also of interest is the suggestion by the Court that it was open to the persons present at the time of the dawn raid to refuse to release some or all of the personal data being sought by CCPC. This refusal to handover seems to be limited to personal data which the CCPC was "not entitled to" meaning personal data which is not relevant to the investigation.
The European Commission's explanatory note on Commission Inspections (September 2015) notes that the EU data protection rules apply to all personal data collected during an anti-trust investigation and that Personal Data of individual staff members of undertakings may be copied or obtained during an investigation and may become part of the Commission file.
The decision raises a question mark over the CCPC practice of the bulk seizure of electronic documents for subsequent off-site review without first having assessed the documents for relevance.
In the context of dawn raids by the European Commission this issue does not appear as frequently as the European Commission tends to conduct on-site reviews over a number of days with premises being sealed overnight where necessary. In the few cases where this issue has arisen the General Court has appeared to condone the practice of the European Commission to seize documents for subsequent review.
For example, in Nexans v Commission(Case T‑135/09)Nexanschallenged the legality of the Commission’s acts of copying the computer files of an employee and removing them for inspection, rather than inspecting them on the Nexans premises. The Court declared this challenge inadmissible, finding that the contested acts of the Commission did not constitute an actionable decision.
In subsequent guidance issued by the European Commission this practice is explicitly referred to as follows;
If the selection of documents relevant for the investigation is not yet finished at the envisaged end of the on-site inspection at the undertaking's premises, the copy of the data set still to be searched may be collected to continue the inspection at a later time. This copy will be secured by placing it in a sealed envelope. The undertaking may request a duplicate. The Commission will invite the undertaking to be present when the sealed envelope is opened and during the continued inspection process at the Commission's premises. Alternatively, the Commission may decide to return the sealed envelope to the undertaking without opening it. The Commission may also ask the undertaking to keep the sealed envelope in a safe place to allow the Commission to continue the search process at the premises of the undertaking in the course of a further announced visit.
The CCPC has lodged an appeal with the Court of Appeal against the High Court decision. Practitioners and businesses should remain alert for future developments.