On new paths: Record fine for deleting messages on a mobile phone

When conducting dawn raid trainings, you will already be pleased if participants leave the session remembering one key point: Do not destroy any documents or delete data after the dawn raid has started. Whilst the days of secretaries running to the shredder to destroy incriminating evidence might be over (not only for antitrust reasons), the issue remains highly topical as a recent decision by the European Commission demonstrates – leading to a fine of EUR 15.9 million.

As observed on this blog last year, antitrust regulators have been out for dawn raids again. Back in March 2023, the Commission, along with its counterparts from the US, the UK and Switzerland, raided several companies and associations active in the fragrance industry. Although the investigation is still ongoing, the Commission already imposed a significant fine of EUR 15.9 million on International Flavors & Fragrances (IFF) for obstructing the inspection last year.

The facts

The way dawn raids are carried out has evolved considerably in recent years. In the past, the Commission would spend days rummaging through (physical!!) filing cabinets. Nowadays, they quickly request access to the company’s IT system which is then searched and reviewed (usually) for the rest of the week. With changing communication methods, the Commission’s review now includes not only emails but also communication via mobile phones.

The same was true for the case at hand. The Commission asked to review the mobile phones of some key employees. During the review, it realized that one of the employees had deleted (apparently rather tried to…) WhatsApp messages with a competitor. This deletion occurred after the dawn raid had started and after the employee had been explicitly instructed by IFF not to delete any data.

The fine

EUR 15.9 million for one employee deleting some WhatsApp messages might seem hefty. On the one hand, things could have been even worse: The Commission can impose a fine of up to 1% of the company’s turnover for intentionally or negligently obstructing an investigation. There are no guidelines similar to those for setting the fine for cartel infringements, but the Commission also takes various factors into consideration. Here, the Commission argued that the conduct was “very serious” considering that the deletion was done intentionally and took place after the employee had been informed about the inspection.

On the other hand, the Commission recognized that IFF was willing to cooperate by immediately acknowledging the fact and by helping to restore the deleted data. Maria Jaspers, head of the Commission’s cartel unit, even expressed that she “felt sorry” for IFF.

The learnings

Although this was the first time a company was fined for deleting messages on a phone, other cases from the past show that the Commission takes obstructions of investigations very seriously. In 2008, E.ON was fined EUR 38 million for breaching a Commission seal during an inspection (it has not to date been possible to clarify how the seal was actually damaged, but it is generally advisable to have the seal guarded at night for the duration of the inspection). Six years later, a Czech energy supplier was fined EUR 2.5 million for blocking certain email accounts and diverting incoming emails.  

Still, the case constitutes an illustrative (although expansive) new example for dawn raid trainings with the followings aspects worth highlighting:

• Data Restoration: The Commission has the tools to restore data even after deletion attempts. Expect that they are aware of and can access data beyond typical company files, including other social media channels beyond WhatsApp.
• Consequences: Fines for data deletion are not the only consequence. Such actions can also ruin a company’s chance to cooperate with the regulator and benefit from leniency regimes.
• Preventative Measures: Even well-behaved companies cannot control the misconduct of individuals. It’s worth considering technical and other options to prevent attempts to delete content in worst-case scenarios.
• Consider Cooperation: When things have gone wrong, it can still be worth being transparent and cooperative with the respective regulator. IFF’s fine would have been twice as high would it not have been for the company’s proactive cooperation with the Commission.

Photo from Keith Luke on Unsplash