An ever-increasing proportion of documents and communications are created and stored electronically. To keep pace with this change and ensure that its procedures are appropriate and relevant in this changing landscape, the European Commission has introduced new working practices with an increased focus on electronic data and the use of forensic IT software. To coincide with this new approach, the Commission has issued revised guidance on its dawn raid powers and procedures when investigating possible breaches of the competition rules.
This note summarises developments and identifies some best practice guidelines to avoid censure from the Commission.
Under its new approach, the Commission will systematically utilise forensic IT software in conducting its search of a firm's documents during a dawn raid. Documents answering to certain key word searches will be centrally collated on the Commission’s on-site server and Commission analysts will access the server to assess the documents individually for relevance to the investigation. In this respect, the process does not differ much from the current protocol.
One noticeable difference is that the Commission will no longer accept paper copies of documents – all copies, including of hard copy original documents, will be electronic and the searched company will now receive a DVD of the documents removed rather than a paper bundle. The raids recently conducted in connection with the sugar and oil trading industries were the first paperless dawn raids.
The guidance helpfully codifies the Commission’s current practices and highlights the extent of the Commission’s investigatory powers. Specifically in relation to electronic data, the guidance now:
- imposes an obligation of active cooperation on firms being raided. Active cooperation goes much further than merely enabling access and may require firms to direct the Commission inspectors to where requested documents may be stored;
- expressly states that a firm is required to provide specific technical assistance to facilitate searches of its IT systems including temporary blocking of email accounts, removing and reinstalling hard drives and making an employee with “administrator access rights” available to support the Commission officials with their search;
- broadens the range of devices which may be seized and searched to make clear that this applies not only to computers but also mobile phones, tablets, USB keys and other such devices;
- confirms the Commission’s ability to utilise its own forensic IT software and hardware during the search, but also that the Commission may request to use the company’s own hardware including laptops and PCs (when the Commission's own hardware is used, the data copied onto the hardware will be wiped completely clean before the hardware is removed from the premises);
- asserts that the Commission is at liberty to copy data which has not been searched in order to continue the search of that data at the Commission’s premises (note that the legal basis for this has been disputed in two recent cases, but the European courts have so far declined to decide on this point); and
- confirms the firm’s right to request a signed list of the documents removed during the search.
A particular area of concern regards the protection of electronically-stored privileged material. The general rule is that disclosure to a regulator can be withheld on grounds of privilege; that is, a document should remain confidential between a lawyer and his client. With much of the search conducted by forensic IT software, there is an enhanced risk that the inspectors gain access to privileged (and/or irrelevant) information. The Commission has chosen not to deal with this possible issue in its new guidance.
Risks of non-compliance
The penalties for obstructing the Commission’s searches can be severe. The Commission is able to fine companies up to 1% of global turnover or, to put it another way, increase the fine it imposes on a firm for infringing the competition rules by 10%.
For example, in March 2012, the Commission fined Czech company EPH €2.5 million when IT personnel changed the Commission-only passwords on blocked email accounts and were asked to redirect emails away from key personnel inboxes.
We recommend that all our clients revisit their dawn raid manuals and internal checklists to ensure that they reflect the Commission’s latest practices and reflect the heightened level of cooperation demanded in respect of electronic data.
In particular, we recommend that you:
- provide training to IT personnel to ensure that they understand their role in ensuring compliance with the Commission’s procedures – lack of adequate training and possible obstruction by IT staff could prove to be costly to a company under investigation;
- to the extent possible, store all legally privileged documents and emails in folders clearly marked with the word “privileged” and notify the Commission officials before they begin the inspection that you object to these folders being searched. Privileged materials should be disseminated on a need-to-know basis and further safeguards may be necessary to protect the work of in-house counsel;
- ensure that a company representative shadows each inspector as the electronic searches are conducted and that they note down the search terms as they are entered, object to the opening of any legally privileged documents and raise objection if they consider that an irrelevant document has been flagged for removal;
- have procedures in place to ensure that key personnel are able to manage their work schedules without their Blackberry or smartphone;
- always ensure that you receive a signed list of the documents removed at the end of the inspection and request that the inspectors share a list of the documents removed at the end of each day;
- on the rare occasions that hard drives are removed from the premises, ensure that any hard drives removed to be searched at the Commission’s premises are taken in a sealed envelope and request to have a legal adviser present at the Commission when the envelope is opened and the search conducted; and
- allow the inspectors onto the premises immediately to allay their concerns about instantaneous destruction of electronic data but ask that they do not commence the search until your legal adviser is present. The Commission officials will accept only a short delay.