Data Protection in the Context of Competition Law Investigations: An Overview of the Challenges

35 Pages Posted: 18 Oct 2013

See all articles by Monika Kuschewsky

Monika Kuschewsky

Covington & Burling LLP, Brussels

Damien Geradin

Tilburg Law and Economics Center (TILEC); University of East Anglia (UEA) - Centre for Competition Policy; Geradin Partners

Date Written: October 16, 2013

Abstract

The interface between data protection law and competition rules has become a growing area of interest for companies and lawyers. First, in the course of unannounced inspections (the so-called "dawnraids"), European Commission and national competition authority officials typically review company records and search employees’ e-mails and electronic files and records (including those which people thought had been deleted). They will make hard and/or soft copies of relevant documents and in certain cases may even seize entire hard discs. This raises the question of whether such intrusions are compatible with data protection rules and thus which restrictions such rules impose on the ability of competition officials to collect and process data seized during inspections. Another intersection between competition law and data protection law arises where companies need to collect and further process data from their employees to respond to a competition authority’s request for information or a statement of objections in the course of a pending competition law investigation. Companies may also wish to access and review e-mails and other employee records so as to uncover potential competition law infringements (e.g., in the context of a compliance programme) or to prepare a leniency application.

Against this background, this paper seeks to identify the limits that may be placed by data protection law on competition authorities, on the one hand, and companies, on the other hand, to collect and further process personal data in the context of competition law investigations.

This paper is divided into four sections. Section II briefly sets out the legal framework for data collection and processing in the EU. Section III explains the key data protection principles and Section IV identifies the key players in the context of EU data protection law. Section V elaborates on the key data protection principles and how they apply to competition authorities on the one hand and companies on the other hand. Section VI discusses the legal consequences of non-compliance with data protection rules. Section VII concludes.

Keywords: data privacy, data protection, EU law, competition law, antitrust, dawnraids, compliance programmes

JEL Classification: K20, K40, L40

Suggested Citation

Kuschewsky, Monika and Geradin, Damien, Data Protection in the Context of Competition Law Investigations: An Overview of the Challenges (October 16, 2013). Tilburg Law School Research Paper No. 020/2013, Available at SSRN: https://ssrn.com/abstract=2341232 or http://dx.doi.org/10.2139/ssrn.2341232

Monika Kuschewsky

Covington & Burling LLP, Brussels ( email )

Avenue des Arts 44
Brussels, 1040
Belgium

Damien Geradin (Contact Author)

Tilburg Law and Economics Center (TILEC) ( email )

Warandelaan 2
Tilburg, 5000 LE
Netherlands

University of East Anglia (UEA) - Centre for Competition Policy ( email )

UEA
Norwich Research Park
Norwich, Norfolk NR47TJ
United Kingdom

Geradin Partners ( email )

Avenue Louise 475
Brussels
Belgium

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
781
Abstract Views
3,217
Rank
59,049
PlumX Metrics