The Netherlands - European Lawyer Reference Series 2014

The Netherlands - European Lawyer Reference Series 2014

The Netherlands - European Lawyer Reference Series 2014

01.12.2014 NL law


In the past 10 years, more and more attention has been focused on corporate integrity. On a global scale, massive bankruptcies such as Enron have contributed to throwing the subject into the spotlight, while in the Netherlands, accountancy scandals such as Ahold have occurred.

These events, and more occasional infringements of competition law, have had a significant impact on regulation and have lead to the development and implementation of legislation (e.g. the US Sarbanes-Oxley Act of 2002) and a general increased interest in corporate governance (e.g. in the Netherlands the development and implementation of the Corporate Governance Code).

As a knock-on effect, individual enterprises have themselves become more focused on their corporate integrity and as a consequence, the role of compliance offer has become increasingly important, inter alia because of the increasingly detailed legislation and supervision required. Following on from that, there has been an increase in internal or corporate investigations, which many companies see as a means of internal risk control. A corporate investigation will most likely be commenced if any trouble (or indication of it) arises and such investigation has the purpose of mapping the issue and making an assessment of the risks contained in it. The results of it can be instrumental for the determination of future strategy. In addition, the results of the investigation can be used to ensure adequate internal reporting, e.g. to the supervisory board.

When commencing a corporate investigation, or when designing and setting up procedures for such corporate investigation to be commenced later, one should keep in mind that the investigation itself must be incorruptible, both with regard to the design and the execution. Errors in these areas could lead to the results of the investigation being unusable, and could even damage the enterprise, for instance, if the impression arises that there is a cover-up being put in place. Below, we will explore a number of relevant issues of both a legal and practical nature and we will address what measures a company can take in the event that the investigation brings a fraud by (for example) employees to light.

The Dutch context: legal framework

First of all, it should be noted that Dutch labour law provides strong protection for employees. It speaks for itself that an employee does not have the same freedoms during working hours as outside them, but fundamental rights such as the right to privacy, and the right to confidentiality of mail and telephone conversations (in principle) also apply during working hours. These rights are laid down in statute, but can also be vested in individual or collective labour agreements.

Further, it should be noted that employees also have a say in the development of policies within their company. This right also applies when the company seeks to implement a plan to install mechanisms that can be used for observing or controlling the presence, behaviour and performance of employees. Examples include the installation of cameras and the checking of email and the use of the internet. The works council must endorse such policies before they can be put in place (but only in general, not specific circumstances).

As a general rule, the following can be observed. The company may not infringe the employee’s privacy any more than necessary. The measure taken must meet the requirements of proportionality (being in proportion to the envisaged goal) and subsidiarity (a lighter measure is not available). In addition, a reasonable expectation of privacy might play a role (see EHRM 25 June 1997, NJ 1998, 506 (Halford)). How these (relatively vague) standards should be applied, depends on the circumstances of the case. It is clear, however, that, for instance, permanent camera surveillance is not allowed, while camera surveillance in the event of concrete suspicions of fraud will be allowed. (See Court of Appeals – Hertogenbosch, 2 July 1986, NJ 1987, 451 (Koma/Industriebond FNV) and Dutch Supreme Court, 27 April 2001, NJ 2001, 421 (Wennekes Lederwaren).

Dutch law does not provide for statutory laws specifically regulating investigations. This does not mean, however, that the fundamental rights as described above have not sunk into almost every relevant aspect of the Dutch legal landscape. There is one statutory law that provides specific and concrete rules that are relevant for an internal investigation that requires a deeper exploration here. The Dutch Data Protection Act (DDPA), or Wet bescherming persoonsgegevens (WBP), which is based on a European directive, contains standards for sound and prudent processing of personal data. The most important points in the DDPA are:

  • The scope of the DDPA is limited to the full or partial automated processing of personal data in the framework of the activities of a responsible superior (in this case, the employer). Both the term personal data and the term processing have broad definitions. Under ‘personal data’ falls not only written data or data contained in a database, but also visual material (such as video or photo images) and audio material (such as a recording of a telephone conversation).
  • It is decisive whether the data relate to a person that is identified or can potentially be identified, as anonymous or encoded data do not fall within the scope of the DDPA.
  • The term ‘processing’ comprises virtually all acting, as of the moment of acquiring the data up until the moment of destroying the data. This means that almost all a company’s investigation methods will fall within the scope of the DDPA.
  • If it is established that the DDPA applies, then the recording of the data must be registered with the board for the protection of personal data EUROPEAN LAWYER REFERENCE SERIES 273 The Netherlands (College bescherming persoonsgegevens or CPB). It must be noted that there is an exception in the event the data are collected for the purposes of legal proceedings against the relevant employee.
  • From relevant case law about the use of investigation methods by the employer, it appears that employees only in exceptional cases invoke the DDPA or the violation of their privacy. In addition, courts only in exceptional cases apply the DDPA ex officio. This can, however, play a significant role when weighing the interests in employment litigation.
  • The company can make the collection of personal data ‘DDPA-proof’ by compiling an internal code of conduct in which it is stipulated which kind of data will be processed and for what purpose.

Read full article here.

Related news

27.03.2020 NL law
Certain legal aspects of the corona crisis for the Dutch construction and rental industry

Short Reads - The spread of the coronavirus has developed into a severe crisis that is also affecting the construction and rental industry in the Netherlands. Catering operators and retailers are wondering (among other difficult questions) whether they can pause their rent payments while they have no or very little turnover.

Read more

25.03.2020 NL law
Key considerations for management and owners of Dutch privately held companies in distress due to COVID-19

Short Reads - The COVID-19 pandemic has a significant and immediate adverse effect on many companies in different industries. Many PE portfolio companies are particularly vulnerable given the typical high leverage finance structure and inherent need to maintain cash flow. To meet these challenges and mitigate liability risks, management and owners may need to take clear and immediate action (and refrain from certain other actions) in the interest of all stakeholders. The following sets out some key legal guidelines for management and owners when dealing with a Dutch subsidiary in distress.

Read more

27.03.2020 NL law
Actuele ontwikkelingen rondom de AVA’s van beursvennootschappen en corona

Short Reads - Op 23 maart 2020 heeft het Nederlandse kabinet aanvullende overheidsmaatregelen genomen in het kader van de bestrijding van het coronavirus. Deze maatregelen zijn onder meer gericht op evenementen en samenkomsten. In een nieuwsbericht van het kabinet van 24 maart 2020 zijn deze maatregelen nader geduid (zie ook de Q&A die eveneens door het kabinet is gepubliceerd).

Read more

24.03.2020 NL law
Job van Hooff and Daisy Nijkamp present webinar on The Dutch scheme (WHOA) – the upcoming new Dutch restructuring tool

Short Reads - Job van Hooff and Daisy Nijkamp, in collaboration with Lexology, will present a webinar on WHOA on 2 April 2020. During the webinar they will look at a new bill prepared by the Dutch legislature - the Act on the Confirmation of Private Restructuring Plans (Wet homologatie onder onderhand akkoord) - which introduces a framework that makes it possible for debtors to restructure their debts outside formal insolvency proceedings.

Read more

23.03.2020 LU law
Luxembourg adopts measures to facilitate holding of meetings in companies and other legal entities during “Covid-19”

Short Reads - Luxembourg adopted a Grand-Ducal Regulation on March 20th, 2020 introducing emergency measures relating to the holding of meetings in companies and other legal entities. The relevant provisions, which are effective immediately, pertain to general meetings of shareholders and to other deliberating bodies of companies.

Read more

This website uses cookies. Some of these cookies are essential for the technical functioning of our website and you cannot disable these cookies if you want to read our website. We also use functional cookies to ensure the website functions properly and analytical cookies to personalise content and to analyse our traffic. You can either accept or refuse these functional and analytical cookies.

Privacy – en cookieverklaring