The Turkish Competition Authority (the “TCA”) issued a guideline in relation to inspection of digital data during dawn raids with the Decision of the Turkish Competition Board dated October 8, 2020 No. 20-45/617 (the “Guideline”). The Guideline has been issued to explain the procedures and principles in implementation of Article 15 (titled “On-Site Inspection”) of the Law No. 4054 on the Protection of Competition (“Competition Law”), which was recently amended along with certain other important amendments in the Competition Law in June 2020.
The Guideline adopts a parallel approach with EU Commission’s Explanatory Note on Commission Inspections
The Guideline adopts very similar principles and rules especially provided in paragraph 9 to 14 of the Explanatory note on Commission inspections pursuant to Article 20(4) of Council Regulation No 1/2003 as revised on September 11, 2015.
What is provided in the Guideline?
- All digital data will be subject to investigation
TCA’s investigation officials will be able to examine all kinds of data and documents of the undertakings stored in electronic media and information systems during the on-site inspection, and to take copies of these digital data.
Investigation officials will be authorized to examine information systems such as servers, desktops / laptops, portable devices, and storage devices such as CD, DVD, USB, external hard disks, backup records, cloud services. Officials can benefit from keyword search tools in the IT systems of the undertaking or forensic information software and hardware that allow qualified searches in digital data. These forensic tools will be qualified to make qualified searching, retrieving deleted data, as well as copying and deleting the relevant digital data, by ensuring that the authenticity and integrity of the undertaking’s data and systems are protected.
- TCA will be entitled to examine personal devices
As a result of a quick review, if the investigation officials determine that the personal portable communication devices (mobile phones, tablets, computers etc.) of the employees contain digital data relating to the undertaking that is being investigated, the investigation officials will be entitled to inspect and copy the data contained therein as well. Personal portable communication devices (mobile phones, tablets, computers etc.) of the employees that are determined to be for “personal use only”, and that do not contain any data about the undertaking that is being investigated, will not be subject to inspection. Personal portable communication devices that contain data relating to the undertaking, shall be examined through forensic information tools as well.
- Company employees will be obligated to provide active support
Employees of the undertaking that is being investigated will be obligated to provide full and active support in the matters requested by the TCA’s investigation officials regarding the information systems.
- Investigation officials will be entitled to access the IT system with administrator privileges
The undertaking’s personnel will be required to provide information and support relating to the information technologies used by the company. This will include provision of system administrator privileges, remote access to the e-mail accounts of the employees, isolation of computers and servers from the network environment, limitation of access of users to their corporate accounts, and restoration of backed up corporate data.
- Forensic methods will be used
The digital data to be analyzed can be partially, or as a whole be copied to separate data stores by forensic methods. The copies to be taken with the forensic methods will be duplicated copies obtained in a logical and physical way that ensures the authenticity of the data. The authenticity will be confirmed by calculating and comparing the “hash” values of the copies with the original data.
- TCA will be entitled to copy and transfer the digital data to forensic informatics laboratory
Copied digital data will be stored in the portable computers of the inspection officials which contain forensic software. These data will be indexed in such computer and will be examined by the inspection officials. At the end of such examination, the digital data that the inspection officials deem necessary to include in the minutes of the inspection, will be stored in two data storages. One copy of such data storage will be kept by the inspection officials and the other copy will be delivered to the relevant undertaking along with the minutes of the inspection. The minuets shall include the hash values of the data stored in both data storages. Digital data which is examined but not included in the minutes, shall be deleted from the computers of the investigation officials in a way that such deleted data cannot be retrieved again.
It is essential that the inspection be completed on the undertaking’s premises. However, if the inspection and examination of the digital data cannot be completed during the on-site inspection, examination of such data can be conducted in the forensic informatics laboratory within the TCA. The only exception to this rule is that the inspection of digital data obtained from mobile phones shall in any case be completed at the premises of the undertaking concerned.
Digital data to be examined within the headquarters of the TCA will be stored in three separate data storages after the “hash” values are calculated and compared, making sure that all copies are identical. One of the copies will be left to the undertaking. The other two copies will be placed in an envelope and be sealed by the investigation official and be physically secured. The undertaking concerned will be invited in writing by the TCA to be present by a representative while the investigation officials open the sealed envelope at the forensic informatics laboratory of the TCA, for examination of such data.
- Protection of Trade Secrets and Attorney-Client Privilege
If the relevant undertaking alleges that the digital data included within the scope of the file includes trade secrets, such trade secrets shall be protected pursuant to the Communiqué No. 2010/3 Concerning the Right to Entry into the Files and the Protection of Trade Secrets. Digital data copied during on-site inspection shall benefit from attorney- client privilege.
