A Less Stringent Approach to the Deletion of Data during Dawn Raids?

23.06.2024

Contents

Introduction

The Turkish Competition Authority’s most effective tool for obtaining evidence is dawn raids for hard and soft data. The Turkish Competition Board (“Board”) is therefore intolerant to deletion of data during a dawn raid. In its decisions, the Board consistently did not consider whether the deleted data was recovered or even relevant to the raid’s purposes. This was the case regardless of the size of the company subject to the raid.

In the recently published Koyuncu Electronic decision,[1] a majority of the Board continued the long-established practice - but with significant, and unusual, dissent.

Three Board members (one of whom is the President) provided a dissenting opinion, arguing there was no reason to impose a fine as the deleted data was not related to the raid and, moreover, that it was recovered.

What Happened?

According to the facts, both the company’s retail account director and head of channel sales deleted several e-mails (later recovered) after initiation of the raid. [2]

In its defence, the company stated that the deletion was a routine procedure and unrelated to the raid. [3] In response, the Board referenced its previous decisions which confirmed that data cannot be deleted for any purpose after the initiation of the dawn raid [4], and further argued that the company was unable to provide any tangible proof that the deletion was part of a routine procedure. [5] A fine was therefore imposed.

Dissenting Opinion

Dissenting Board members first emphasized that the case was not related to a cartel and, in such cases, acts of data deletion can never be tolerated. They accepted that SMEs without a competition compliance programme may panic when faced with the magnitude of a dawn raid and that, in such cases, the Board should use its discretion while considering the following factors:

— The magnitude of the possible breach.

— Size and competition law capacity of the party.

— Social and cultural context.

— The sequence of events and the rationale for deletion.

— Whether the data can be recovered.

— Content of the data.

The dissenting opinion therefore based its decision that no penalty should have been imposed, on the following points:

— The deletion did not occur as part of a cartel investigation but as part of an alleged vertical infringement.

— The deleted correspondences were recovered, and the correspondence therein did not provide evidence of an infringement.

— Only two out of seven employees deleted data from their devices. Therefore, the risk of not being able to obtain evidence was low.

— Reactions to a dawn raid may be reasonable and penalties should not be imposed reflexively.

— To ensure a collaborative atmosphere during raids in SMEs, case handlers should emphasise that personal data is strictly protected.

Conclusion

Despite the dissenting opinion, Koyuncu Electronic reaffirms the Board’s intolerance to data deletion during a dawn raid. As case law confirms, recovery of the deleted data or its irrelevance to the dawn raids is not considered. However, it remains to be seen whether the majority of the Board will develop a more relaxed approach in future. Overall, though, the decision is consistent with the Board’s longstanding approach, and nothing has changed for undertakings.

The decision is an important reminder that all companies, from SMEs to multinationals, should have a robust competition compliance programme in place.


[1] Koyuncu Electronic (21.09.2023, 23-45/839-295).

[2] Koyuncu Electronic (21.09.2023, 23-45/839-295), para. 7.

[3] Koyuncu Electronic (21.09.2023, 23-45/839-295), para. 24. It is understood that the deleted data include promotional e-mails, notifications sent by online retail sites, etc.

[4] See, for example, the Unmaş Decision (20.05.2021, 21- 26/327- 152) where the fact that the deleted data can be accessed by forensic informatics devices will effect the assessment. Many decisions of the Board on this subject were cited in the decision.

[5] Koyuncu Electronic (21.09.2023, 23-45/839-295), para. 25.

This website is available “as is.” Turkish Law Blog is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this website, and in no event shall they be liable for any loss or damages.
Ready to stay ahead of the curve?
Share your interest anonymously and let us guide you through the informative articles on the hottest legal topics.
|
Successful Your message has been sent