In the course of an undertaking’s competition compliance or audit procedures, it may turn to a forensic IT services provider to look for data files which might reveal anti-competitive practices. If the provider is not instructed by the undertaking’s external counsel, the communications between the undertaking and the provider do not benefit from any particular protection. The provider will then have to answer any requests for information from a competition authority, just like any “third party”, without being able to object that it is acting as an auditor or that its services are confidential.

On that basis, the Hague Court of Appeal validated the Dutch Competition Authority’s request for a forensic IT services provider to produce a list of clients in the sector under investigation for which the provider had carried out competition law compliance audits. The Court made sure that the principle of proportionality had been respected and pointed out that the investigators had not asked for access to the results of the audits. According to the Court of Appeal, the competition authority’s request was justified by the interest in knowing the identity of the audited undertakings, as the audits might prompt them to destroy any proofs that were discovered. Apparently the provider had “transferred” the incriminating information onto its own computer system.