Over the past years, Romania has excelled in antitrust law enforcement as the Romanian Competition Council boasts stellar appraisals both inside the country and at the EU level.
The RCC has established an increased presence in the daily lives of businesses and in the business-wise jargon of CEOs and corporate pundits. This is mainly due to the boost in the RCC’s activity after 2010, as it began vigorously to inspect and assess various industries and to offer recommendations to both businesses and Government initiatives.
As early as 2012 the RCC implemented a new electronic method of undertaking dawn-raids. Enthusiasm was high because this new method meant a reduction in the printing of selected elements of proof and in inspection hours. However, no one anticipated that the actual workload would grow. The accessing of the electronic storage means and the examination piece by piece of all collected data meant a true challenge for businesses and lawyers. It also meant an upper hand for the RCC since it was allowed enough time to examine the immense volumes of information that it collected in depth.
The RCC’s position was further consolidated since courts are consistent in issuing authorizations for forensic examinations for periods of up to three months and to prolong them without much consideration, since authorizations are inevitably non-contentious.
What businesses need to know is that during a dawn-raid the RCC (like the European Commission) has access to all their hardware and software infrastructure. Specifically, RCC inspectors must be allowed access and given the passwords, pass codes, or encrypting keys to all programs or applications used on site. Storage facilities – including both physical servers and cloud storage – must be made available.
Most importantly, no documents must be tampered with by the company under investigation. First, any such tampering may be noticed on the spot, as the RCC inspectors use machines and software to make identical copies of HDDs, local storage space, cloud storage, mobile phones, PDAs, tablets, and so on, and any tampering with electronic data may be either recorded or indicated outright. Second, the RCC has spared no expense in investing in its IT facilities; it has and uses state-of-the-art computer programs which can detect with millimetric precision whether a document has been tempered with which, if duly established, may negatively affect a company’s position in an investigation (in terms of amount of fine increased via the ascertainment of aggravating circumstances).
In the tranquility afforded by the RCC’s forensic laboratories its inspectors may undertake the actual examination with the required degree of attention to detail. Under current enactments, they may do so with or without the owner of the data or its lawyer being present. They must only be allowed to be present when a working copy of the HDD produced during the dawn-raid is made and when the minutes containing the actual documents selected and retained are being drafted. Of course, the law does not require such presence, but any diligent business will undoubtedly hire a lawyer to represent its rights and interest and will delegate one of its employees to participate in the actual examination.
Indeed, both employee and lawyer are essential during the actual examination process. The employee is best placed to acknowledge whether a piece of information is in any way related to the scope of the investigation. The lawyer is also necessary, as he is best placed to identify documents and correspondence falling within the attorney-client privilege and fight to have them removed from the investigation dossier, and he is best placed to moderate interventions by the employee.
Since forensic examination are undertaken piece-by-piece, the presence of a lawyer in this process is also critical since personal information may be accessed or revealed contrary to the rules on data protection. Moreover, participating in the actual examination affords the investigated business the advantage of anticipating the course of action likely to be taken by the authority and it may begin to prepare its lines of defense based on the types of data and information sought by the inspectors.
Given the intrusive nature of forensic examination, dedicated compliance programs, applied trainings, and 24-hour responsiveness on part of a competition professional are key for a company wishing to avoid feeling threatened by an inspection and forensic examination of its dealings.
By Razvan Pele, Partner, Maravela | Asociatii
This Article was originally published in Issue 5.9 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.