A lot of corporate data is digital, for example information on internal servers, laptops, telephones, email inboxes, cloud environments, etc. Government agencies will therefore mainly want to examine and copy digital data when conducting a dawn raid. They will then use it for their investigation. In principle, the government agency is authorised to examine and copy digital data. No data may be deleted. Depending on the situation, the government agency will either be permitted to conduct its own search or will have to rely on the company’s cooperation. See also Allowing the search or cooperating.
Criminal investigation agencies
- Criminal investigation agencies are permitted to actually carry out their own search during a raid. Examples include the examining judge, the Public Prosecution Service, the Fiscal Intelligence and Investigation Service (FIOD) and the police. They can confiscate, examine and copy all data carriers.
- In criminal law, digital data is usually collected by making a complete copy of the data carrier, cloud environment, email inbox, etc.
- The company must allow this, but does not need to cooperate and does not need to give permission.
- If the criminal investigation agency asks for data locations or passwords, the company does not need to answer. However, this may prompt the agency to independently search more areas/digital environments and confiscate/copy digital carriers, which may prolong the process. Check with the lawyer whether this justifies cooperation.
- Information exchanged between the company and its lawyer is protected by legal privilege. The criminal investigation agency is not allowed to examine or copy this information. It is important to point this out and to object to this information being searched. See Legal privilege.
Administrative investigation agencies
- If an administrative investigation agency has launched a dawn raid, the company is, in principle, obliged to cooperate regarding the agency’s questions.
- Cooperation: the obligation to cooperate entails the following for digital data: (i) employees must be instructed not to delete any data; (ii) laptops and telephones must be made available; (iii) passwords must be provided; and (iv) the company’s ICT department must provide support in providing digital data and registering exactly which digital data has been examined and copied.
- Limitations: the authority to examine and copy digital data is limited by the purpose of the investigation [@Out of scope], legal privilege [@Legal privilege] and privacy.
- Legal privilege: information exchanged between the company and its lawyer is protected by legal privilege. The government agency is not allowed to examine or copy this information. It is important to point this out to the administrative supervisory authority and to object to the provision of this information. See Legal privilege.
- Purpose of the investigation: all data that is examined and copied must fall within the scope of the investigation’s purpose description. The purpose of the investigation must be evident from a letter provided by the government agency at the start of the dawn raid. For example, if the purpose description only covers the sale of a particular product, the supervisory authority will generally not be permitted to examine any digital or other data from an employee dealing with the purchase of a different product altogether. See Out of scope.
- Privacy: the government agency is not allowed to examine or copy any private information. However, the agency can take digital data from a private telephone or laptop insofar as it is used for work purposes.
- Practical matters: digital data is provided as follows. The government agency selects data based on search criteria such as search terms, subjects, persons involved and/or time periods. Subsequently, either (i) the data meeting the selection criteria is examined immediately on site and only relevant data is copied, or (ii) all data meeting the selection criteria is copied and only examined in more detail at a later time.
– If the data is examined on site, the company and its lawyer are allowed to be present. This lets the company check what the government agency is examining and copying. It can then immediately object if the data (i) falls outside the scope of the investigation purpose, (ii) is privileged and/or (iii) is private. The government agency will subsequently use the data copied by it for its investigation.
– If all data meeting the selection criteria is copied without being examined on site, there is a risk of data being included that the government agency is not allowed to seize because it (i) falls outside the scope of the investigation purpose, (ii) is privileged or (iii) is private. Object immediately if this is the case. This is particularly important for privileged data: legally, the government agency is not permitted to examine or copy it. If the government agency rejects the objection, the company can inform the agency that it will subsequently specify which data the agency was not allowed to examine or copy. In that case, the dawn raid is followed by a phase of correspondence about which data the government agency is or is not allowed to use. - It is advisable to write down as precisely as possible: (i) the selection criteria used, (ii) the specific data being examined/copied, (iii) the objections raised by the company, (iv) the government agency’s response to the objections and (v) the arrangements made with the government agency.
