The European Commission has issued revised guidance on the conduct of inspections at business premises ("dawn raids”). The new guidance is largely a codification of the Commission’s prior interpretations of its powers in light of recent case law, and it contains useful guidance on the treatment of IT data and the company’s obligation to cooperate with the Commission.

Broad interpretation of authority to inspect and take copies

In conducting investigations, Commission officials are entitled to:

  • enter any premises, land, or means of transport of companies and associations
  • examine the books and other records related to the business, in whatever medium they are stored
  • take or obtain in any form copies of or extracts from such books or records
  • seal any business premises and books or records for the period and to the extent necessary for the inspection
  • ask any representative or employee of the company being investigated for explanations on facts or documents relating to the subject matter and purpose of the inspection and to record the answers.

In its new guidance, the Commission states that it will seal and take away copies of hard drives that it could not examine during the inspection. The data on the hard drives then will be inspected at a later time in the presence of the company and its lawyers. This interpretation goes beyond the scope of the authorizing regulation, which allows the Commission to make and remove copies only of documents that are within the scope of the inspection. Therefore this broad interpretation may be subject to challenge; the General Court already refused to rule on this point in an appeal brought by French cable producer Nexans against the Commission’s decision in the Power Cables cartel. Nevertheless, Commission documents suggest that reviews usually are done on the spot and that the “sealed envelope” procedure remains rather exceptional (about 10% of the cases). 

Detailed guidance on treatment of IT data

As the Commission increasingly focuses on data stored electronically, the reissued guidance spells out in more detail the Commission’s interpretation of its own powers. First, inspectors can search the IT environment and storage media (laptops, desktops, tablets, mobile phones, CD-ROM, DVD, USB-key and so on) of the company. For this purpose, the Inspectors may not only use any built-in (keyword) search tool, but may also make use of their own forensic IT tools.

Second, the new guidance stresses the company’s obligation to cooperate fully and actively with the inspection. This means making available IT staff during raids to explain the systems and give administrator access rights. The Commission is also entitled to use its own forensic IT tools, which will be cleansed at the end of the investigation.

Third, companies are also required to block email accounts or temporarily disconnect computers from the system. The duty was exemplified in a March 2012 decision where the Commission imposed a EUR 2.5 m. fine on a Czech company that failed to block email accounts and diverted incoming traffic. 

Reinforced duty to cooperate

The guidance incorporates two recent decisions that illustrate the extent of companies’ duty to cooperate. In a 2008 case, the Commission fined German energy group E.ON. EUR 38 m. for breaking a seal that Commission officials had placed on physical files. The fine was upheld by the Court of Justice on appeal in 2012. The guidance now contains an explicit obligation on the company to ensure that seals are not broken. In the E.ON. case, the Commission and the Court did not accept the company’s defense that the seal had been broken by janitorial personnel.

In the 2006 Bitumen cartel decision, the Commission had increased by 10% a fine on KWS for having delayed a dawn raid by 47 minutes to wait for external counsel. On appeal, the General Court recognized the company’s right to seek external advice, but held that it should have allowed the officials to enter the premises to prevent any destruction of evidence.

An explanatory note on the Commission’s 18 March guidance can be found here.