Data Deletion During On-Site Inspections: Departure from the Principle of Zero Tolerance?

The power to conduct unannounced on-site inspections, commonly known as dawn raids, remains one of the most effective tools available to competition authorities in detecting anti-competitive practices. However, the digital transformation of business operations has introduced new complexities to these on-site inspections, particularly regarding the handling and preservation of electronic evidence. Recent decisions by the Turkish Competition Authority (the “TCA“) highlight the evolving challenges and approaches to managing violations encountered during the on-site inspections in the digital age.

Traditionally, the TCA has maintained a strict stance regarding any interference with on-site inspections, typically imposing significant penalties for actions that could be interpreted as hindrance or complication. However, the Balsu Decision represents a notable deviation from this established approach, marking a potential shift in its interpretation of hindrance or complication of on-site inspections. The contrast between recent decisions from the TCA presents an opportunity to examine approaches to handling data deletion during on-site inspections. This article explores the implications of the Balsu Decision in light of the TCA’s established precedent, analysing whether it signals a departure from the principle of zero tolerance for hindrance and/or complication of on-site inspections or constitutes an isolated exception.

Legal Background

The TCA possesses extensive powers under Law No. 4054 on the Protection of Competition (“Competition Law“), with on-site inspections being one of its most crucial enforcement tools. These unannounced on-site inspections allow the TCA to collect evidence of potential Competition Law violations directly from business premises.

Article 15 of the Competition Law empowers the TCA’s case handlers to conduct comprehensive examinations during on-site inspections. This includes examining notes, books, documents, and data stored in both physical and electronic formats, requesting written or verbal statements on specific matters, and conducting on-site inspections of undertakings’ premises. It should be noted that, it is also possible for the TCA to conduct on-site inspections at the premises of third-party undertakings which are not directly subject to investigation without prior notice.

The legal framework establishes serious consequences for non-compliance with the TCA’s on-site inspection powers. If an undertaking complicates or hinders an on-site inspection, Article 16(1)(d) of the Competition Law stipulates that the TCA is authorized to impose administrative fines of up to 0.5% of the undertaking’s turnover generated in the financial year preceding the date of the decision. Additionally, Article 17(1)(b) allows the TCA to impose daily fines of 0.05% of the undertaking’s turnover for each day the violation continues.

In the digital age, the TCA’s investigatory powers have evolved to encompass electronic data and devices. The Guidelines on the Examination of Digital Data specifically addresses the inspection of portable communication devices (such as phones, tablets, etc.) and electronic storage tools (such as clouds, back-up logs, hard discs, etc.). While devices used solely for personal purposes are exempt from inspection, case handlers are allowed to have a ‘quick look’ at the devices and skim through its data in order to determine whether they contain business-related data. If it is determined that the personal device in question contains business related data, forensic IT tools may be utilized to extract the relevant files.

The TCA has consistently maintained a strict approach regarding the deletion of data during on-site inspections. As explained below in detail, administrative fines are imposed when data is deleted during an inspection, regardless of whether the data was for personal or professional use, and irrespective of whether it could be recovered through other means or regardless of whether it could be used as an indicator of an infringement. This stringent stance is evidenced by numerous decisions where undertakings were fined despite arguments that deleted data was personal or recoverable through alternative methods. The TCA’s approach to hindering and/or complicating on-site inspections continues to evolve as demonstrated by its recent decisions.

The TCA’s Established Precedent on Hindering and Complicating On-Site Inspections

The TCA’s precedent regarding practices of hindering and complicating on-site inspections shows a stringent approach, especially in cases relating to deletion of data.

The TCA has imposed an administrative fine on Sirma Grup Icecek Sanayi ve Ticaret AS (“Sirma“) for hindering and/or complicating the on-site inspection carried out at the premises of Sirma on August 17th, 2023, within the scope of a preliminary inspection with its Sirma Decision. During the relevant on-site inspection, through cross referencing certain WhatsApp group chats of the employees subject to the inspection, it was determined by the case handlers that an employee had deleted all their chats on WhatsApp after the commencement of the on-site inspection. After the detection of the deletion, the relevant employee indicated that they were entitled to a new mobile device to be provided by the undertaking, that they were going to deliver their mobile device to Sirma’s IT department and receive the new mobile device in exchange, that they were going on vacation on the day of the on-site inspection and had deleted all chats on their current mobile device for these reasons. It was also indicated by Sirma that the relevant employee was not aware of the on-site inspection, as they were in a meeting during the time an e-mail regarding the ongoing on-site inspection was circulated amongst Sirma employees. The TCA evaluated that even if the relevant employee had not seen the e-mail announcing the on-site inspection, it was highly unlikely for the relevant employee to not have been made aware of the on-site inspection by other Sirma employees. The TCA further assessed that the fact that the relevant employee holding an executive position within Sirma, chose to delete all chats on their mobile device and explicitly chose to not to transfer the data to the new mobile device reinforced the suspicion that the employee was aware of the on-site inspection. Accordingly, the TCA determined that the relevant conduct was considered as hindering and/or complicating the on-site inspection and imposed an administrative fine on the undertaking.

Similarly, in its Epson Decision, the TCA evaluated whether the actions that took place during the on-site inspection carried out at the premises of Epson Italia Spa. Istanbul Branch (“Epson“) on September 5th, 2023, within the scope of a preliminary inquiry constituted hinderance and/or complication of the on-site inspection. During the relevant on-site inspection, the case handlers determined that certain e-mail correspondences were subjected to ‘softdelete’ after the commencement of the on-site inspection. Softdelete is the process of deleting e-mails in the Microsoft Outlook application in such a way that they are not permanently deleted and are able to be recovered by the “Recover Deleted Items” method. In the Epson Decision the TCA assessed that deleting data such as folders, e-mails, and messages after the commencement of an on-site inspection is considered as an act to obscure evidence and the relevant conduct has hindered the relevant on-site inspection through making it difficult for the case handlers to access potential evidence. The TCA further evaluated that the relevant conduct constituted hindering of the on-site inspection regardless of the fact that the relevant documents have been restored and did not show any indication of a Competition Law violation, accordingly the TCA decided to impose an administrative fine on Epson.

A similar assessment has been made by the TCA in its AbbVie Decision. An on-site inspection has been carried out at the premises of AbbVie Tibbi Ilaclar Sanayi ve Ticaret Limited Sirketi (“AbbVie“) on September 21st, 2023, at 10:10 within the scope of a preliminary inspection. An e-mail message announcing the ongoing on-site inspection was circulated amongst AbbVie employees at 10.20. It was determined by the case handlers that a certain AbbVie employee had deleted several WhatsApp group chats at 10:20 and 10:21, and certain chats with an individual called AbbVie (…) at 11:05. AbbVie’s counsel indicated that the relevant employee had a significant amount of personal data on their mobile device and deleted such data regularly, that the relevant employee had not seen the e-mail announcing the on-site inspection and the relevant deletion was not carried out with the intent to destroy any data and that the correspondence deleted on 11:05 was related to a region other than Turkiye and accordingly was thought to have been outside the scope of the on-site inspection. The TCA evaluated that the relevant deletion in question was confirmed with screenshots and constituted an act of destroying of evidence and disrupted the data integrity of the undertaking. The TCA further assessed that taking into account the fact that the employees were warned not to delete any data, the relevant deletion conduct would be considered as hindering and/or complicating the on-site inspection regardless of the purpose of the conduct and decided to impose an administrative fine on the undertaking.

Similarly, while assessing the conduct that took place during the on-site inspection carried out at the premises of Koyuncu Elektronik Bilgi Islem Sistemleri Sanayi ve Dis Ticaret AS (“Koyuncu Elektronik“) on September 6th, 2023, as part of an ongoing preliminary inspection in its Koyuncu Elektronik Decision the TCA maintained its stringent approach. During the on-site inspection, after the case handlers had warned the officials of Koyuncu Elektronik that any conduct of deletion would be subject to an administrative fine, it was determined that two employees had used the ‘subdelete’ feature on several e-mails. The TCA assessed that even though the relevant e-mails were recovered and examined by the case handlers, the relevant deletion resulted in the hindrance of carrying out an effective on-site inspection and decided to impose an administrative fine on the undertaking.

It should be noted that the Koyuncu Elektronik Decision included a dissenting opinion from three Board members, who discussed circumstances where the TCA might consider a more contextual evaluation of the violations encountered during on-site inspections (particularly in cases not involving cartel investigations) and refused to agree with the TCA’s decision. The dissenting opinion noted that in non-cartel cases, the TCA has previously exercised discretion when evaluating instances where employees deleted data for personal reasons or in panic, rather than with intent to destroy evidence. According to the dissenting opinion, the TCA should have considered factors such as the magnitude of the potential violation, the undertaking’s size and competition law history, the sequence of events, the rationale for deletion, and whether the deleted data was recovered.

The dissenting opinion referenced several elements that had been considered by the TCA in previous cases: the scope and nature of the suspected violation, particularly whether it involved cartel activity; characteristics of the undertaking including its size and previous interactions with competition law; contextual factors surrounding the deletion; and technical aspects such as data recovery it had previously exercised its discretionary power in cases involving data deletion.

As evaluated under the LG Decision, an on-site inspection was carried out at the premises of LG Electronics Ticaret AS (“LG“) on August 3rd, 2021, within the scope of a preliminary inquiry. During the on-site inspection, it was determined by the case handlers that some of the employees had deleted and reinstalled the WhatsApp application on their mobile devices. Since the devices were not backed up prior to the deletion, the correspondences could not be retrieved and assessed. Although the employees stated that it was a company policy to delete and reinstall the relevant application at the beginning of each month, the case handlers could not find any evidence that such practice was routinely performed every month. Afterwards, LG sent a letter to the TCA indicating that the company management did not have any information about or did not give instructions in relation to the deletion of the data, and acknowledged that that the deletion was carried out after the on-site inspection had begun and that this conduct was not the policy of the undertaking but was the result of the momentary uneasiness of the undertaking’s employees. Under the LG Decision, the TCA determined that the relevant conduct constituted hindering and/or complicating the on-site inspection and decided to impose an administrative fine on LG.

In contrast to its stringent approach regarding practices of deletion during on-site inspections, the TCA has adopted a much gentler approach in its Balsu Decision.

Departure from the Established Precedent: The Balsu Decision

On April 27th, 2023, the TCA conducted an on-site inspection at the premises of Balsu Gida Sanayi ve Ticaret AS (“Balsu“) within the scope of an investigation initiated against Ferrero Findik Ithalat Ihracat ve Ticaret AS (“Ferrero“) (“Ferrero Investigation“). The case handlers arrived at Balsu’s premises in Sakarya at 11:33, presenting their credentials and explaining the scope of their powers under Articles 14 and 15 of Competition Law.

After initial briefings, the case handlers requested Balsu’s organizational chart and identified the employees who would be subject to inspection. Balsu’s Productions Operations Officer was explicitly informed that no data should be deleted from the computers or mobile devices. The inspection covered computers and company-issued mobile devices belonging to five Balsu employees, including the Western Region Purchasing Manager, Western Purchasing Officer, Commercial Operations Committee Member, Purchasing Operations Committee Member, and Sales Manager.

During the on-site inspection, at approximately 12:18, the case handlers discovered that Balsu’s Sales Manager had deleted approximately 1,500 e-mails. The deletion was documented through screenshots and screen recordings. While the deleted e-mails were subsequently recovered using Microsoft Outlook’s “Recover Deleted Items” feature and reviewed by the case handlers, no findings were collected from these recovered e-mails as they were found to contain no evidence of violation.

However, in a notable departure from its established practice, the TCA decided not to impose an administrative fine on Balsu for hindering and/or complicating.

Taking into consideration that (i) the case handlers were able to successfully recover all deleted e-mails and examine them, (ii) that after examining the recovered data the case handlers assessed that they contained no evidence of violation of Competition Law, and (iii) the fact that Balsu was not a direct party to the investigation at hand but rather was a third party, from whom sector-related information was sought by the TCA, the TCA assessed that Balsu, as a mere source of market information in the Ferrero Investigation, would have no motivation to conceal information. Accordingly, the TCA decided not to impose an administrative fine on Balsu.

While the decision was unanimous in its outcome, a Board Member issued a dissenting opinion disagreeing with part of the majority’s reasoning. The dissenting opinion accepted the conclusion but questioned the validity of using the recovery of deleted e-mails and their non-violating content as justification for not imposing a fine.

The dissenting opinion emphasized that well-established case law and precedent of the TCA treat the deletion of data after the commencement of an inspection as hindrance, regardless of the content of the data or whether the deleted data was recovered. This approach stems from concerns that considering the recovery or content of deleted data would create undesirable incentives: undertakings might be encouraged to delete data, knowing they would face no consequences if the data was recovered or proved innocuous.

This view aligns with numerous previous decisions of the TCA and administrative court rulings that consistently held that the mere act of deletion constitutes hindrance, independent of recovery possibilities or content. The dissenting opinion referenced several TCA decisions and administrative court judgments that had previously addressed data deletion during on-site inspections. These precedents were cited to support the argument that historically, when evaluating potential hindrance, authorities have focused on the act of deletion itself rather than subsequent recovery of data or its content. The dissenting opinion particularly emphasized the established practice of viewing data deletion after the commencement of an inspection as potentially compromising the integrity of the investigation process.

The dissenting opinion in the Balsu Decision acknowledged agreement with the final decision not to impose an administrative fine but expressed concern about a certain part of the reasoning. Specifically, the dissenting opinion questioned whether the recovery of deleted e-mails and their non-violating content should factor into the evaluation of potential hindrance. Instead, it suggested that Balsu’s role as a third party from whom market information was sought could serve as sufficient basis for the decision.

Conclusion

As can be seen from the precedent referred to herein, the Balsu Decision marks a significant departure from the TCA’s typical stringent approach to evaluating acts of deletion conducted during on-site inspections as hindering and/or complicating the on-site inspection.

Chronologically, the Balsu Decision has been rendered prior to the Sirma, Epson, Abbvie, and Koyuncu decisions and after the LG Decision discussed above. All of these decisions determined that acts of deletion carried out by employees during on-site inspections constituted hindrance or complication of such inspections, regardless of whether the deleted data could be recovered or analysed to confirm that it contained no content violating Competition Law.

The Balsu Decision stands out as an anomaly in the TCA’s approach, as it relies on the fact that the case handlers successfully recovered and examined all deleted e-mails, concluding that they contained no evidence of a Competition Law violation, in its ruling that the relevant deletion carried out during an on-site inspection did not constitute hindrance or complication of the on-site inspection and there was no need to impose an administrative fine upon Balsu.

When analysing decisions of the TCA both rendered before and after of the Balsu Decision, it is seen that the TCA maintained its stringent approach and has not again determined that whether the deleted data was able to be recovered and concluded to not contain any Competition Law violations had any impact on determining whether an act of deletion is considered as hindrance or complication of on-site inspections. Therefore, it is assessed that the dissenting vote of the Balsu Decision is much more consistent with the TCA’s previous approach to deletion during on-site inspections.

Taking the above into account, it is considered that the TCA will continue to maintain its stringent approach to acts of deletion during on-site inspections, treating them as hindrance or complication irrespective of whether the deleted data can be recovered or found to lack content indicating a violation of Competition Law.

Therefore, companies should remain vigilant in ensuring full compliance during on-site inspections, as the Balsu Decision appears to be an isolated deviation rather than an indication of a broader shift in the TCA’s policy. Reliance on the specific reasoning employed in the Balsu Decision may not be a reliable defence in future proceedings, given the TCA’s historically stringent stance on acts of deletion during on-site inspections.

Moving forward, it remains to be seen whether the Balsu Decision will remain an isolated case or influence the TCA’s future assessments in similar circumstances.

Story originally seen here