10 key themes
Protecting your rights of defense through investigations and litigation
Some agencies are turning to more expansive and intrusive investigative techniques in complex investigations. Broad requests for documents in one jurisdiction have the potential to expose many more classes of documents to authorities or third parties in other jurisdictions. These trends underscore the need for careful and coordinated responses across multiple jurisdictions if a company is to maximize the protection of its procedural rights of defense: allowing it to defend personal rights, such as privacy and the right to counsel, and to ensure a fair process overall.
Intrusive techniques and lengthy reviews, particularly in Europe
The ability of agencies to conduct and gather evidence from on-site "dawn raids" or physical inspections is facing practical challenges:
- evidence is increasingly being stored digitally – a trend accelerated by remote working – thereby reducing the volume of physical evidence that would be gathered from on-site dawn raids at offices;
- data is often stored outside of the agency’s jurisdiction, particularly for multinational firms; and
- social distancing requirements have added further complications as fewer staff will be working in offices and the agencies themselves need to consider the health impact on a company’s employees, the agency’s own staff conducting the inspection and on associated law enforcement and legal advisers.
Nevertheless, authorities are still pursuing more rigorous and intrusive investigations via wide-ranging document discovery exercises with more significant penalties.
The European Commission is increasingly requiring the production of large volumes of internal documents from businesses under investigation, with a growing risk of these broad document requests hoovering in irrelevant or personal documents.
Alicia Van Cauwelaert
The EC’s document requests are increasingly based on search terms whereby businesses under investigation are required to submit all documents from identified executives/employees that respond to stipulated keyword search requirements, regardless of whether the documents are relevant or responsive to the EC’s investigation. These wide-ranging document requests are potentially more far-reaching than a traditional "physical" process as the United Statesual safeguards built into an on-site inspection, for example to exclude the production of certain classes of documents (such as personal information or documents not relevant to the subject matter of the investigation), are not necessarily present or accepted by the agency in relation to electronic searches.
Businesses can find themselves "between a rock and a hard place", faced with both a wide-ranging electronic search request backed by significant sanctions and applicable data protection legislation requiring them to protect the privacy rights of their employees (and other impacted individuals). As a practical matter, solutions may involve proactively identifying documents containing sensitive personal data and seeking to engage with agencies to set up bespoke processes for dealing with such documents (e.g., the United Statese of document logs or data rooms with safeguards to protect sensitive personal data).
It should be noted however that authorities are also lobbying for even greater investigative powers, especially the need to adapt to new ways that information is obtained, used and stored as a result of digitalization. For example, as part of potential post-Brexit reforms, the UK’s CMA has called for broader powers to allow it to gather information which current laws may not allow (e.g., regarding the role algorithms play in decision-making). Interim measures powers are another feature appearing consistently in proposals by many authorities, including in Germany and Ireland. These powers allow authorities to implement far-reaching measures at the outset of an investigation (e.g., to cease allegedly anti-competitive conduct) where there is a risk of serious and irreparable harm to competition and prima facie evidence of an infringement, until the investigation is completed; and they have been used recently by authorities in the UK and Brazil. Moreover, the interim measures tool is likely to become more common in the EU following the Broadcom decision. The EC imposed interim measures in October 2019 ordering Broadcom to stop applying certain contractual provisions in agreements with six main customers for chipsets. By October 2020, the EC had accepted commitments from Broadcom (without finding an infringement) to suspend all existing agreements and not enter new agreements containing exclusivity/quasi-exclusivity arrangements and other exclusivity-inducing provisions – a relatively swift resolution.
Key challenges arising
The diverging approaches and procedural rules in different jurisdictions add layers of complexity to firms seeking to protect their rights when facing investigation by multiple authorities. For example, the widening scope of documents being gathered by the authorities in Europe, Asia and Australia is expected to have consequences in other jurisdictions like the United States. Authorities are increasingly collaborating across jurisdictions and want to share information, discuss the evidence and align on theories.
No agency wants to be caught with less evidence and information than another authority or private litigants. In practice, once a document has been disclosed to one agency, it can be difficult to claim that another authority or plaintiff should not receive it. A disclosure to one is likely to be a disclosure to many.
The parallel concern is that expansive document requests from an authority in a jurisdiction where legal privilege or privacy rights are narrow will broaden the pool of documents discoverable by private litigants around the world. Such private litigation may involve a damages claim directly related to the authority’s investigation (e.g., cartel damages) or it may only be tangentially related to the subject of the original investigation (e.g., a plaintiff seeking an injunction due to an alleged abuse of dominance). Therefore, the ripples of an EC information request investigating one line of business could very well be felt in private litigation in the United States regarding another line of business, months or years later, for example if privilege was found to be waived over certain documents when providing them to the EC.
- Negotiating the scope of information requests: different approaches are needed when negotiating the scope of document and information requests with different agencies. In the United States, greater judicial oversight typically allows representatives of the parties to reach a compromise with agencies on the scope of requests. Some agencies will be more flexible than others in negotiating the scope of information requests and the timeline for responding.
Discovery of documents produced to the European Commission as a class of documents to litigants in other jurisdictions can be of concern to the European Commission as it reveals its investigative strategy and may curtail a firm’s incentive to cooperate freely with its investigation.
- Privilege claims: the scope of legal privilege is wider in some jurisdictions than in others. For example, privilege under US and UK law covers communications with in-house lawyers, whereas this is not recognized under EU law; the scope in Germany is considerably narrower than in common law jurisdictions; and in Japan attorney-client communications are generally not privileged but the JFTC’s new Determination Procedure will protect some confidential communications with attorneys in relation to certain antitrust investigations. Where documents privileged under the rules of one jurisdiction are disclosed in a jurisdiction where such documents are not privileged, parties need to take proactive steps to demonstrate privilege has not been waived, so that they can continue to assert strong privilege claims in other jurisdictions.
- Personal or private documents: the protections available for personal or private information are greater in certain jurisdictions (such as the EU) in light of applicable data protection (e.g., the EU’s GDPR) or other secrecy rules. These safeguards give businesses some additional protections where agencies’ broad document requests capture sensitive personal or private information. However, these protections are not equal across jurisdictions. For example, US courts will not always defer to European privacy rights, particularly if personal documents have already been produced to authorities in Europe.
Responding to a request for information can be like walking a tightrope – Data Protection legislation may restrict your ability to respond fully to a request, in particular if information collected in Europe will be disclosed outside Europe.
Satya Staes Polet
Despite these challenges, there are opportunities for parties to protect their rights and the rights of their employees if appropriate steps are taken. The exercise of these rights can also force authorities to provide better solutions and facilitate the better conduct of the investigation concerned.
Looking ahead in 2021:
The broad investigative approach taken by some authorities and the prospect of documents being requested by other agencies or private litigants off the back of that reinforces the importance of:
- Scoping an information request as soon as it is received and preparing robust and comprehensive methodologies upfront:
- to assist with any negotiations with the agency over scope and proportionality; and
- to put the authority on notice of the party’s approach – and mitigate the risk of future disputes.
- Coordinating across jurisdictions on the procedural minutiae and not only the substantive legal issues. Parties should understand the differences in practice and procedure between the various jurisdictions where investigations and third-party private litigation could arise.
- Mitigating the risk of cross-border document disclosure to other agencies, private litigants or third parties – for example taking advantage of data protection laws in certain countries and taking steps to minimize the risk of waiving privilege in other jurisdictions. The timing of the exercise of these rights is crucial.