Short Reads

Walking the tightrope between data protection and EU investigations

Walking the tightrope between data protection and EU investigations

Walking the tightrope between data protection and EU investigations

04.01.2019 NL law

Two recent publications confirm that it is possible for companies to cooperate with a European Commission investigation and still comply with the data protection rules. It is also possible for the Commission to deviate from certain data protection obligations in the interest of a competition law investigation. The tightrope between data protection and Commission investigations may not be as rigid as initially feared.

However, companies should still remain vigilant when dealing with information requests during investigations.

Several EU institutions, including the European Commission's Directorate-General for Competition, voiced concerns to the European Data Protection Supervisor (EDPS) about companies claiming the General Data Protection Regulation (GDPR) prevents them from cooperating with EU investigations. In response to these concerns, the EDPS clarified that the GDPR does not prevent companies from submitting information containing personal data to EU institutions, either voluntarily or in response to a legal obligation, as long as the EU institutions act within their powers. In addition, the EDPS stated that companies do not have a legal obligation to inform people about the disclosure of their personal data to EU institutions if this data is submitted with a view to carrying out a particular inquiry within the powers of the EU institutions. In the context of EU antitrust investigations, companies can therefore still be GDPR compliant while submitting information - either voluntarily or under a legal obligation - to the European Commission that may include personal data, as long as they double-check whether:

  • the request for information falls with the scope of the Commission's investigative powers;
  • the disclosure of the information is necessary to comply with the legal obligation;
  • the requested information is provided within the framework of a particular inquiry, or
  • the information is provided in order for the Commission to carry out a particular inquiry.

Similar to the GDPR not preventing companies from cooperating with EU investigations, Regulation 2018/1725 - the EU institutions' version of the GDPR – does not prevent EU institutions from conducting investigations under certain specified conditions. In regard of antitrust investigations, this is further explained in a recent Decision which states that the Commission may restrict certain rights of data subjects if the full application of these rights would jeopardise the purpose of its investigation. For the same reason, the Commission may also restrict data subjects' rights in relation to personal data obtained from other EU institutions, Member State authorities, third countries or international organisations. When doing so, the Commission will have to record and register its reasons for restricting the data subjects' rights. The Commission will also need to assess whether these restrictions are indeed proportionate and necessary for the purpose of the Commission's investigation. The Data Protection Officer will have to be informed whenever data subjects' rights are restricted and can carry out an independent review of the application of the restrictions to check whether they are in line with the Decision.

Team

Related news

26.03.2020 BE law
​I am suffering significant financial losses as a result of the spread of the corona virus. Is there a possibility of State aid?

Short Reads - COVID-19 brings certain questions to centre stage regarding State aid. In this short read, Peter Wytinck, Sophie Van Besien and Michèle de Clerck discuss the possibility of State aid in case of significant financial losses as a result of the spread of the corona virus.

Read more

05.03.2020 NL law
Swifter merger clearance and shorter merger filings in Belgium

Short Reads - Companies can expect swifter merger clearance and simpler filing rules in Belgium. The Belgian Competition Authority has published a communication with additional rules concerning the simplified procedure for certain types of concentrations. As a result, a new category of concentrations will be eligible for a simplified merger filing, leading to swifter approval and lower costs. It will also allow the BCA to focus its resources on more problematic and complex files.

Read more

10.03.2020 NL law
De AVG staat niet in de weg aan de verwerking van persoonsgegevens door een toezichthouder tijdens een bedrijfsbezoek

Short Reads - Bedrijven die met toezicht worden geconfronteerd, zijn gehouden op verzoek van een toezichthouder in beginsel alle informatie te verstrekken. Met de komst van de Algemene verordening gegevensbescherming (AVG) is in de praktijk de vraag opgekomen of een toezichthouder bevoegd is om persoonsgegevens die onderdeel uitmaken van de gevraagde informatie te verwerken.

Read more

05.03.2020 NL law
ECJ confirms: gun jumping is double trouble

Short Reads - Companies beware: the European Court of Justice has confirmed the Commission’s practice of imposing two separate fines for gun jumping; one for failing to notify a concentration prior to its implementation, and another for implementing the concentration before obtaining clearance. The ruling underlines, once again, the increased focus of competition authorities on procedural merger control breaches – good reason for companies to keep a watchful eye on their gun jumping obligations and to take note of the possibility of two separate gun jumping fines. 

Read more

05.03.2020 NL law
CBb confirms: no cartel fine, still interest to appeal cartel decision

Short Reads - Companies can challenge a decision establishing that they committed a competition law violation, even if no fine was imposed on them. The CBb – the highest court for public enforcement of cartel cases – recently confirmed that the absence of a fine does not affect a company’s interest to appeal. Consequently, parent companies held liable for a subsidiary’s cartel infringement can still challenge a cartel decision, irrespective of whether fines were imposed on them separately.

Read more

05.03.2020 NL law
Commission continues cross-border trade crusade

Short Reads - The European Commission is on a roll in its fight against territorial sales restrictions. Just one month after fining broadcast network company NBCUniversal for restricting cross-border sales, it has also imposed a fine on hotel group Meliá for discriminating between customers based on nationality or place of residence. Meanwhile, the Commission is urging national consumer protection authorities to tackle cross-border issues, after an EU-wide screening of nearly 500 e-shops showed that one fifth of the flagged websites did not respect the Geo-blocking Regulation. 

Read more

This website uses cookies. Some of these cookies are essential for the technical functioning of our website and you cannot disable these cookies if you want to read our website. We also use functional cookies to ensure the website functions properly and analytical cookies to personalise content and to analyse our traffic. You can either accept or refuse these functional and analytical cookies.

Privacy – en cookieverklaring