Several changes have been introduced to Law No. 4054 on the Protection of Competition ("Law No. 4054") with Law Amending the Law on the Protection of Competition numbered 7246 ("Law No. 7246") which was published in the Official Gazette dated 24.06.2020 and numbered 31165.
One of these changes, regarding on-site inspections, set legal footing for the broad range of powers the Authority experts exercise during on-site inspections. As mentioned in previous newsletters, prior to the amendment, it could have been argued that the procedures adopted during on-site inspections were not entirely the same with the procedure set out in the legislation and to an extent were modelled during the on-site inspection depending on the attitudes of employees' and the extent of use of technological and cloud systems within the inspected undertaking. Pursuant to Article 15 of Law No. 4054, the Board was entitled "To examine the books, any paperwork and documents of undertakings and associations of undertakings, and take copies thereof if needed." Having said that and although it was not explicitly set out in the relevant Article, in practice and depending on the facts of the case, it was observed that the Authority experts examined personal phones, e-mail accounts, even WhatsApp messages of employees, and did not consider concerns regarding GDPR as legitimate, during on-site inspections. Therefore, as mentioned in previous newsletters, considering the rapid technological changes all around the world, the Authority experts were not able to adopt a literal reading of Law No. 4054 with regards to on-site inspections, which gave them a right to inspect books, any paperwork and documents. With the introduced change, it is specifically stated that the Board may "review undertakings' books, data and documents kept in physical and electronic form and in information systems, and make copies and printouts of them during on-site inspections," which was the practice adopted by the Authority experts in any event. Therefore, it can be argued that the relevant change establishes legal grounds for the already applied procedure during on-site inspections which was, to a certain extent, a much debated issue as observed in previous Board decisions.
Prior Board Decisions Regarding On-Site Inspections
Previous case law regarding on-site inspections and administrative fines given to undertakings also showed that such practice was already adopted. In the Groupe SEB decision,1 an on-site inspection was conducted at Groupe SEB Istanbul Ev Aletleri Ticaret A.Ş., where the Authority experts specifically requested employees that were to be examined to remain at the premises during the on-site inspection. When the computers of such employees were demanded, it was discovered that such employees had left the building and did not return, even though they were asked to. To that end, their e-mail accounts were examined by remote access, but their computers could not be examined. In addition, the Authority experts requested to review the ex-General Manager's e-mail account who, at the time, was acting as the Groupe SEB Senior Vice President Eurasia, in France. The undertaking claimed that she/he did not work at Groupe SEB Istanbul any longer and, therefore, there was no way to access his/her e-mails legally or technically, and such correspondences were within the scope of the General Data Protection Regulations, as well. In return, the Authority experts continued to demand access to his/her e-mail accounts, stating that his/her job as Senior Vice President Eurasia was closely related to Groupe SEB Istanbul, and his/her work-related correspondences during his/her term of office could not be considered as personal data. Since the Authority experts could not examine the VP's e-mail correspondences, Groupe SEB İstanbul Ev Aletleri Ticaret A.Ş. was assessed an administrative fine of five per thousand of its 2018 annual gross revenue.
In its Askaynak decision2, Kaynak Tekniği San. ve Tic. A.Ş. was assessed an administrative fine for hindering the on-site inspection. In this case, during the on-site inspection, Askaynak's General Manager ("GM") sent an e-mail from his/her personal mail account to another undertaking's employee, which was also a party to the preliminary investigation. The said e-mail contained phrases that suggested Askaynak's General Manager used his/her personal Yahoo e-mail account for work-related purposes and, therefore, was asked to provide access to his/her Yahoo account. The Authority experts also stated that refusal to grant such access could amount to hindering on-site inspection, which could result in an administrative fine. The GM refused to provide such access for a while and, when he/she finally gave permission, the Authority experts noticed that some e-mails had been deleted and could not be recovered. As a result, Kaynak Tekniği San. ve Tic. A.Ş. was assessed an administrative fine of five per thousand of its 2018 annual gross revenue for hindering on the site-inspection.
In Siemens Healthcare3, after examining certain employees' computers during an on-site inspection on 02.10.2019, the Authority experts requested to review certain dates and keywords that would include all of the Siemens Healthcare employees. After consulting with the global headquarters of Siemens Healthineers AG, it was stated that such a review could only be done through eDiscovery, which would mean accessing all employees' information within the European Union, and could not be limited to Siemens Healthcare users only. Accordingly, it was stated that such a review could create different types of risks in different jurisdictions and, therefore, could not be accepted by the company.
Through a later dated letter, Siemens Healthcare offered a procedure to facilitate the requested review which was accepted and, thus, the review was performed on 15.10.2019 in accordance with the offered procedure. The Board explicitly stated that not hindering an on-site inspection did not constitute providing solely the documents and information an undertaking deems fit, when they deem fit. To the contrary, documents, which are deemed to be relevant by the Authority, are to be provided within the timeframe provided by the Authority. To that end, the Board applied an administrative fine of five per thousand of Siemens Healthcare's 2018 annual gross revenue for hindering the on-site-inspection, along with another fine amounting to five per thousand of its 2018 annual gross revenue for each day Siemens Healthcare did not allow such inspection.
The changes introduced with Law No. 7246 regarding documents and information that may be obtained during an on-site inspection broadened the scope of documents and information to be obtained by the Authority experts. Having said that, it can be suggested that the said change only redacted the practice into Law No 4054, which was being explicitly followed or had to be followed by the Authority experts due to the fact that technology has evolved and according to employees' manners during on-site inspections. As observed from previous Board decisions, the Authority experts have been requesting access to personal e-mail accounts of employees and accounts stored in cloud systems, while they did not give any credence to undertakings' concerns regarding GDPR, although Law No. 4054 did not specifically give them such powers in writing to do so. Thus, the question of which documents or information the Authority experts could obtain during an on-site inspection has always been a debated issue. However, with Law No. 7246, the Authority experts are now given explicit and written power to "review undertakings' books, data and documents, kept in physical and electronic form and in information systems, and make copies and printouts of them during on-site inspections," which establishes legal grounds for the procedure adopted by the Authority experts during on-site inspections.
1 The Board's decision, No. 20-03/31-14, 09.01.2020.
2 The Board's decision, No. 19-46/793-346, 26.12.2019.
3 The Board's decision, No. 19-38/581-247, 07.11.2019.
Originally published 27 August, 2020
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.