SlideShare a Scribd company logo

Investigative powers in practice – PORTUGAL – November 2018 OECD GFC

OECD Directorate for Financial and Enterprise Affairs
OECD Directorate for Financial and Enterprise Affairs

This presentation by the Portuguese Delegation was made during Break-out session 1: Unannounced Inspections in the Digital Age, of the discussion on “Investigative Powers in Practice” held at the 17th meeting of the OECD Global Forum on Competition on 29 November 2018. More documents and presentations on this topic can be found at oe.cd/invpw.

Presentations & Public Speaking
1 of 13
Download to read offline
BOS1: Unannounced Inspections in the Digital Age AdC dawn raids A New (Digital) Model 2018 OECD Global Competition Forum 30 November 2018 Nuno Rocha de Carvalho Member of the Board
1 AdC’s investigative powers • Comprehensive inspection powers (undertakings, private homes, vehicles; shareholders, managers, staff) • Including for digital evidence: “regardless of the respective storage medium” • Exceptions: (i) unread emails (ii) some mobile phone data (?) (iii) legal professional privilege (LPP) • Judicial warrant defines scope (undertakings, infringement, time limit)
2 AdC’s dawn raids (2004-2017) 3 1 3 3 0 1 1 1 0 2 2 2 2 16 0 2 4 6 8 10 12 14 16 18 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017
3 2013 dawn raid • 1 case, 10/15 companies • 1 day inspection • 5m documents seized vs 2,000 documents used to prove infringement • Strong litigation as regards access to file and confidentialities • Long and very difficult data review process • Circa 3 years before the SO
4 New dawn raid model • Training / investment in people • Longer duration of dawn raids (1 to 2 weeks) • More people involved per team / minimum of 5 people per target • 1 team leader / real-time communication between team leaders • Mix of staff (lawyers, economists and IT experts) • Dedicated team conducting all dawn raids (experience / know-how) • Strong back office coordination and support and Advanced forensic IT software + (longer) on-site preliminary review
5 Why (longer) on-site preliminary review? • Unread e-mails cannot be seized: must be excluded on site before review • LPP data must be excluded too (includes in-house lawyers) • Judicial warrant with limited scope (seizing data beyond scope needs validation within 72 hours) • Strong litigation regarding confidential information and access to file
6 New “digitized” procedure • Dawn raid preparation - email systems used, email archiving, backups, file systems, encryption, selection of targets, etc. • Dawn raid execution - interview with IT manager, collect files, index, search, tag, seize • Internal forensic IT procedures: relevant (digital) data identification, preservation, collection, processing, review, seizing • Document review (forensic IT): threads/clusters (group items by thread and similarity), metadata (item number, item origin, job title), filters, tags
7 AdC dawn raids - 2017 Retail / large retail 21 premises First SO August 2018 Insurance 5 premises SO in August 2018 River cruises 1 premises Case closed in 2017 Driving schools 1 premises SO and infringement decision in 2017 Railway maintenance 7 premises SO in September 2018 35 COMPANY PREMISES DAWNRAIDED
8 Statistics 2017 Statistics Companies dawnraided 44 (35 premises) Computers/mailboxes searched 439 Data processed (forensic IT) ~40 million documents Duration Average 9 days per target (indexing may take 2 days) Files copied & seized ~40,000 Volume of data collected 13.5 GB
9 Does it work? Old model 2013 example New model 2017 example • 1 case, 10/15 companies  16 cases, 35 company premises • 1 day inspection  1 or 2 weeks inspection per target • Five million documents seized  ~40,000 relevant documents seized • Strong litigation as regards access to file and confidentialities • Long and very difficult data review process  Preliminary assessment on-site  Speedier data review after inspection (4,000 docs per week with forensic IT software; circa 3 months in total) • Only 2,000 documents used to prove the infringement  Low percentage of irrelevant data • Circa 3 years before the SO  SO was issued during the first 12 months
10 Final remarks (1) Challenges • Legal: unread emails, LPP, privacy, mobile phones… • Technical: digital’s fast-pace evolution • Resources: • Investment in forensic IT software: high costs vs speed / efficiency / structural changes • Capacity building
11 Final remarks (2) Lessons learned Investment in high-tech tools is essential, but…. • Staff training is key • Planning • Procedures: everything should be documented and all cases should be “managed” in the same way • Challenge: strategic decisions today that further investigations and enhance results in the long term
Investigative powers in practice – PORTUGAL – November 2018 OECD GFC

Recommended

Investigative powers in practice – EUROPEAN UNION – November 2018 OECD GFC
Investigative powers in practice – EUROPEAN UNION – November 2018 OECD GFCInvestigative powers in practice – EUROPEAN UNION – November 2018 OECD GFC
Investigative powers in practice – EUROPEAN UNION – November 2018 OECD GFCOECD Directorate for Financial and Enterprise Affairs
 
Changing legislation – General Data Protection Regulation (GDPR) and librarie...
Changing legislation – General Data Protection Regulation (GDPR) and librarie...Changing legislation – General Data Protection Regulation (GDPR) and librarie...
Changing legislation – General Data Protection Regulation (GDPR) and librarie...CILIPScotland
 
iKnow Solutions Laura Eisenhardt
iKnow Solutions Laura EisenhardtiKnow Solutions Laura Eisenhardt
iKnow Solutions Laura EisenhardtBigDataExpo
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
Optimising Content Spending with Analytics
Optimising Content Spending with AnalyticsOptimising Content Spending with Analytics
Optimising Content Spending with AnalyticsDr. Haxel Consult
 
20140521 presentation ce de mv3
20140521 presentation ce de mv320140521 presentation ce de mv3
20140521 presentation ce de mv3Danube University Krems, Centre for E-Governance
 
Digital Representation of Privacy Terms
Digital Representation of Privacy TermsDigital Representation of Privacy Terms
Digital Representation of Privacy TermsBeatriz Esteves
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 

Recommended

Investigative powers in practice – EUROPEAN UNION – November 2018 OECD GFC
Investigative powers in practice – EUROPEAN UNION – November 2018 OECD GFCInvestigative powers in practice – EUROPEAN UNION – November 2018 OECD GFC
Investigative powers in practice – EUROPEAN UNION – November 2018 OECD GFCOECD Directorate for Financial and Enterprise Affairs
 
Changing legislation – General Data Protection Regulation (GDPR) and librarie...
Changing legislation – General Data Protection Regulation (GDPR) and librarie...Changing legislation – General Data Protection Regulation (GDPR) and librarie...
Changing legislation – General Data Protection Regulation (GDPR) and librarie...CILIPScotland
 
iKnow Solutions Laura Eisenhardt
iKnow Solutions Laura EisenhardtiKnow Solutions Laura Eisenhardt
iKnow Solutions Laura EisenhardtBigDataExpo
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
Optimising Content Spending with Analytics
Optimising Content Spending with AnalyticsOptimising Content Spending with Analytics
Optimising Content Spending with AnalyticsDr. Haxel Consult
 
20140521 presentation ce de mv3
20140521 presentation ce de mv320140521 presentation ce de mv3
20140521 presentation ce de mv3Danube University Krems, Centre for E-Governance
 
Digital Representation of Privacy Terms
Digital Representation of Privacy TermsDigital Representation of Privacy Terms
Digital Representation of Privacy TermsBeatriz Esteves
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
Brussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACKBrussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACKTrilateral Research
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
II-PIC 2017: Patent Information User Group PIUG
II-PIC 2017: Patent Information User Group PIUGII-PIC 2017: Patent Information User Group PIUG
II-PIC 2017: Patent Information User Group PIUGDr. Haxel Consult
 
II-PIC 2017: Porduct presentation minesoft
II-PIC 2017: Porduct presentation minesoftII-PIC 2017: Porduct presentation minesoft
II-PIC 2017: Porduct presentation minesoftDr. Haxel Consult
 
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...European Data Forum
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...Beatriz Esteves
 
Addressing non economical externalities
Addressing non economical externalitiesAddressing non economical externalities
Addressing non economical externalitiesBYTE Project
 
II-SDV 2016 GRIDLOGICS
II-SDV 2016 GRIDLOGICSII-SDV 2016 GRIDLOGICS
II-SDV 2016 GRIDLOGICSDr. Haxel Consult
 
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policy
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policyUX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policy
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policyMaria Santos
 
ICIC 2017: New product presentationsLighthouse IP
ICIC 2017: New product presentationsLighthouse IPICIC 2017: New product presentationsLighthouse IP
ICIC 2017: New product presentationsLighthouse IPDr. Haxel Consult
 
RightsDirekt
RightsDirektRightsDirekt
RightsDirektDr. Haxel Consult
 
Privacy policy information in data value chains
Privacy policy information in data value chainsPrivacy policy information in data value chains
Privacy policy information in data value chainsBig Data Value Association
 
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries Dr. Haxel Consult
 
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...European Data Forum
 
Adventures in linked open data June 2015
Adventures in linked open data June 2015Adventures in linked open data June 2015
Adventures in linked open data June 2015Monika Szunejko
 
Complying with the EC Open Data Directive
Complying with the EC Open Data DirectiveComplying with the EC Open Data Directive
Complying with the EC Open Data DirectiveDerilinx
 
Analyses and processing of big data in financial services
Analyses and processing of big data in financial servicesAnalyses and processing of big data in financial services
Analyses and processing of big data in financial servicesFisnik Doko
 
Policy Management: An Overview
Policy Management: An OverviewPolicy Management: An Overview
Policy Management: An OverviewMarco Casassa Mont
 
OpenAIRE-RDM@healthdata
OpenAIRE-RDM@healthdataOpenAIRE-RDM@healthdata
OpenAIRE-RDM@healthdataOpenAIRE
 
Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...
Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...
Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...ARMA International
 
Surviving an ODPC Audit - Ireland
Surviving an ODPC Audit - IrelandSurviving an ODPC Audit - Ireland
Surviving an ODPC Audit - IrelandThorntongroup
 

More Related Content

What's hot

Brussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACKBrussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACKTrilateral Research
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
II-PIC 2017: Patent Information User Group PIUG
II-PIC 2017: Patent Information User Group PIUGII-PIC 2017: Patent Information User Group PIUG
II-PIC 2017: Patent Information User Group PIUGDr. Haxel Consult
 
II-PIC 2017: Porduct presentation minesoft
II-PIC 2017: Porduct presentation minesoftII-PIC 2017: Porduct presentation minesoft
II-PIC 2017: Porduct presentation minesoftDr. Haxel Consult
 
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...European Data Forum
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...Beatriz Esteves
 
Addressing non economical externalities
Addressing non economical externalitiesAddressing non economical externalities
Addressing non economical externalitiesBYTE Project
 
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policy
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policyUX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policy
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policyMaria Santos
 
ICIC 2017: New product presentationsLighthouse IP
ICIC 2017: New product presentationsLighthouse IPICIC 2017: New product presentationsLighthouse IP
ICIC 2017: New product presentationsLighthouse IPDr. Haxel Consult
 
Privacy policy information in data value chains
Privacy policy information in data value chainsPrivacy policy information in data value chains
Privacy policy information in data value chainsBig Data Value Association
 
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries Dr. Haxel Consult
 
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...European Data Forum
 
Adventures in linked open data June 2015
Adventures in linked open data June 2015Adventures in linked open data June 2015
Adventures in linked open data June 2015Monika Szunejko
 
Complying with the EC Open Data Directive
Complying with the EC Open Data DirectiveComplying with the EC Open Data Directive
Complying with the EC Open Data DirectiveDerilinx
 
Analyses and processing of big data in financial services
Analyses and processing of big data in financial servicesAnalyses and processing of big data in financial services
Analyses and processing of big data in financial servicesFisnik Doko
 
Policy Management: An Overview
Policy Management: An OverviewPolicy Management: An Overview
Policy Management: An OverviewMarco Casassa Mont
 
OpenAIRE-RDM@healthdata
OpenAIRE-RDM@healthdataOpenAIRE-RDM@healthdata
OpenAIRE-RDM@healthdataOpenAIRE
 

What's hot (20)

Brussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACKBrussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACK
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in Nice
 
II-PIC 2017: Patent Information User Group PIUG
II-PIC 2017: Patent Information User Group PIUGII-PIC 2017: Patent Information User Group PIUG
II-PIC 2017: Patent Information User Group PIUG
 
II-PIC 2017: Porduct presentation minesoft
II-PIC 2017: Porduct presentation minesoftII-PIC 2017: Porduct presentation minesoft
II-PIC 2017: Porduct presentation minesoft
 
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...
EDF2014: Talk of Stefan Decker, Director, Insight Galway, Ireland & Anthony M...
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in Nice
 
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...
COnSeNT 2021 - ODRL Profile for Expressing Consent through Granular Access Co...
 
Addressing non economical externalities
Addressing non economical externalitiesAddressing non economical externalities
Addressing non economical externalities
 
II-SDV 2016 GRIDLOGICS
II-SDV 2016 GRIDLOGICSII-SDV 2016 GRIDLOGICS
II-SDV 2016 GRIDLOGICS
 
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policy
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policyUX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policy
UX Bristol 2019 Lightning talk - Tips to develop a user-centred GDPR policy
 
ICIC 2017: New product presentationsLighthouse IP
ICIC 2017: New product presentationsLighthouse IPICIC 2017: New product presentationsLighthouse IP
ICIC 2017: New product presentationsLighthouse IP
 
RightsDirekt
RightsDirektRightsDirekt
RightsDirekt
 
Privacy policy information in data value chains
Privacy policy information in data value chainsPrivacy policy information in data value chains
Privacy policy information in data value chains
 
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries
ICIC 2014 The Future of Pharmaceutical and Life Science Publishing Industries
 
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...
EDF2014: Christian Lindemann, Wolters Kluwer Germany & Christian Dirschl, Wol...
 
Adventures in linked open data June 2015
Adventures in linked open data June 2015Adventures in linked open data June 2015
Adventures in linked open data June 2015
 
Complying with the EC Open Data Directive
Complying with the EC Open Data DirectiveComplying with the EC Open Data Directive
Complying with the EC Open Data Directive
 
Analyses and processing of big data in financial services
Analyses and processing of big data in financial servicesAnalyses and processing of big data in financial services
Analyses and processing of big data in financial services
 
Policy Management: An Overview
Policy Management: An OverviewPolicy Management: An Overview
Policy Management: An Overview
 
OpenAIRE-RDM@healthdata
OpenAIRE-RDM@healthdataOpenAIRE-RDM@healthdata
OpenAIRE-RDM@healthdata
 

Similar to Investigative powers in practice – PORTUGAL – November 2018 OECD GFC

Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...
Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...
Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...ARMA International
 
Surviving an ODPC Audit - Ireland
Surviving an ODPC Audit - IrelandSurviving an ODPC Audit - Ireland
Surviving an ODPC Audit - IrelandThorntongroup
 
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...Everteam
 
Effective Internal Investigations
Effective Internal InvestigationsEffective Internal Investigations
Effective Internal InvestigationsDaegis
 
Big Data Evolution
Big Data EvolutionBig Data Evolution
Big Data Evolutionitnewsafrica
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practiceZoneFox
 
Introduction to Big Data
Introduction to Big DataIntroduction to Big Data
Introduction to Big DataSpringPeople
 
Criteria for a trusted institutional repository
Criteria for a trusted institutional repositoryCriteria for a trusted institutional repository
Criteria for a trusted institutional repositoryIna Smith
 
Practical Legacy Data Remediation - Redgrave LLP
Practical Legacy Data Remediation - Redgrave LLPPractical Legacy Data Remediation - Redgrave LLP
Practical Legacy Data Remediation - Redgrave LLPRedgrave LLP
 
Practical Legacy Data Remediation - Redgrave LLP
Practical Legacy Data Remediation - Redgrave LLPPractical Legacy Data Remediation - Redgrave LLP
Practical Legacy Data Remediation - Redgrave LLPRedgrave LLP
 
Why Most Migration Projects Fail – Don’t Be a Statistic Webinar
Why Most Migration Projects Fail – Don’t Be a Statistic WebinarWhy Most Migration Projects Fail – Don’t Be a Statistic Webinar
Why Most Migration Projects Fail – Don’t Be a Statistic WebinarConcept Searching, Inc
 
The Power Of The Paperless Office
The Power Of The Paperless OfficeThe Power Of The Paperless Office
The Power Of The Paperless OfficeSecureDocs
 
Digital Forensics Readiness - CommSec
Digital Forensics Readiness - CommSecDigital Forensics Readiness - CommSec
Digital Forensics Readiness - CommSecDarraghCommsec
 

Similar to Investigative powers in practice – PORTUGAL – November 2018 OECD GFC (20)

Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...
Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...
Randy Moeller - Mitigating Application Risk Upfront (Without Increased Hair L...
 
Surviving an ODPC Audit - Ireland
Surviving an ODPC Audit - IrelandSurviving an ODPC Audit - Ireland
Surviving an ODPC Audit - Ireland
 
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
 
What is big data
What is big dataWhat is big data
What is big data
 
Effective Internal Investigations
Effective Internal InvestigationsEffective Internal Investigations
Effective Internal Investigations
 
Big Data Evolution
Big Data EvolutionBig Data Evolution
Big Data Evolution
 
Where's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency ChallengeWhere's My Data? Managing the Data Residency Challenge
Where's My Data? Managing the Data Residency Challenge
 
Law Text (Nomura) 1
Law Text (Nomura) 1Law Text (Nomura) 1
Law Text (Nomura) 1
 
Data Residency: Challenges and the Need for Standards
Data Residency: Challenges and the Need for StandardsData Residency: Challenges and the Need for Standards
Data Residency: Challenges and the Need for Standards
 
SNW Fall 2009
SNW Fall 2009SNW Fall 2009
SNW Fall 2009
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practice
 
Introduction to Big Data
Introduction to Big DataIntroduction to Big Data
Introduction to Big Data
 
Criteria for a trusted institutional repository
Criteria for a trusted institutional repositoryCriteria for a trusted institutional repository
Criteria for a trusted institutional repository
 
Practical Legacy Data Remediation - Redgrave LLP
Practical Legacy Data Remediation - Redgrave LLPPractical Legacy Data Remediation - Redgrave LLP
Practical Legacy Data Remediation - Redgrave LLP
 
Practical Legacy Data Remediation - Redgrave LLP
Practical Legacy Data Remediation - Redgrave LLPPractical Legacy Data Remediation - Redgrave LLP
Practical Legacy Data Remediation - Redgrave LLP
 
Why Most Migration Projects Fail – Don’t Be a Statistic Webinar
Why Most Migration Projects Fail – Don’t Be a Statistic WebinarWhy Most Migration Projects Fail – Don’t Be a Statistic Webinar
Why Most Migration Projects Fail – Don’t Be a Statistic Webinar
 
DBMS
DBMSDBMS
DBMS
 
DHS HQ Day 2018 - Barry West
DHS HQ Day 2018 - Barry WestDHS HQ Day 2018 - Barry West
DHS HQ Day 2018 - Barry West
 
The Power Of The Paperless Office
The Power Of The Paperless OfficeThe Power Of The Paperless Office
The Power Of The Paperless Office
 
Digital Forensics Readiness - CommSec
Digital Forensics Readiness - CommSecDigital Forensics Readiness - CommSec
Digital Forensics Readiness - CommSec
 

More from OECD Directorate for Financial and Enterprise Affairs

More from OECD Directorate for Financial and Enterprise Affairs (20)

OECD Competition Trends 2024 - Highlights
OECD Competition Trends 2024 - HighlightsOECD Competition Trends 2024 - Highlights
OECD Competition Trends 2024 - Highlights
 
Use of Economic Evidence in Cartel Cases – CAMACHO – December 2023 OECD discu...
Use of Economic Evidence in Cartel Cases – CAMACHO – December 2023 OECD discu...Use of Economic Evidence in Cartel Cases – CAMACHO – December 2023 OECD discu...
Use of Economic Evidence in Cartel Cases – CAMACHO – December 2023 OECD discu...
 
Ex-post Assessment of Merger Remedies – KOVACIC – December 2023 OECD discussion
Ex-post Assessment of Merger Remedies – KOVACIC – December 2023 OECD discussionEx-post Assessment of Merger Remedies – KOVACIC – December 2023 OECD discussion
Ex-post Assessment of Merger Remedies – KOVACIC – December 2023 OECD discussion
 
Ex-post Assessment of Merger Remedies – KWOKA – December 2023 OECD discussion
Ex-post Assessment of Merger Remedies – KWOKA – December 2023 OECD discussionEx-post Assessment of Merger Remedies – KWOKA – December 2023 OECD discussion
Ex-post Assessment of Merger Remedies – KWOKA – December 2023 OECD discussion
 
Ex-post Assessment of Merger Remedies – FLETCHER – December 2023 OECD discussion
Ex-post Assessment of Merger Remedies – FLETCHER – December 2023 OECD discussionEx-post Assessment of Merger Remedies – FLETCHER – December 2023 OECD discussion
Ex-post Assessment of Merger Remedies – FLETCHER – December 2023 OECD discussion
 
Ex-post Assessment of Merger Remedies – OECD – December 2023 OECD discussion
Ex-post Assessment of Merger Remedies – OECD – December 2023 OECD discussionEx-post Assessment of Merger Remedies – OECD – December 2023 OECD discussion
Ex-post Assessment of Merger Remedies – OECD – December 2023 OECD discussion
 
Use of Economic Evidence in Cartel Cases – DAVIES – December 2023 OECD discus...
Use of Economic Evidence in Cartel Cases – DAVIES – December 2023 OECD discus...Use of Economic Evidence in Cartel Cases – DAVIES – December 2023 OECD discus...
Use of Economic Evidence in Cartel Cases – DAVIES – December 2023 OECD discus...
 
Use of Economic Evidence in Cartel Cases – ROBERTS – December 2023 OECD discu...
Use of Economic Evidence in Cartel Cases – ROBERTS – December 2023 OECD discu...Use of Economic Evidence in Cartel Cases – ROBERTS – December 2023 OECD discu...
Use of Economic Evidence in Cartel Cases – ROBERTS – December 2023 OECD discu...
 
Alternatives to Leniency Programmes – SERBIA – December 2023 OECD discussion
Alternatives to Leniency Programmes – SERBIA – December 2023 OECD discussionAlternatives to Leniency Programmes – SERBIA – December 2023 OECD discussion
Alternatives to Leniency Programmes – SERBIA – December 2023 OECD discussion
 
Alternatives to Leniency Programmes – ITALY – December 2023 OECD discussion
Alternatives to Leniency Programmes – ITALY – December 2023 OECD discussionAlternatives to Leniency Programmes – ITALY – December 2023 OECD discussion
Alternatives to Leniency Programmes – ITALY – December 2023 OECD discussion
 
Out-of-Market Efficiencies in Competition Enforcement – CRANE – December 2023...
Out-of-Market Efficiencies in Competition Enforcement – CRANE – December 2023...Out-of-Market Efficiencies in Competition Enforcement – CRANE – December 2023...
Out-of-Market Efficiencies in Competition Enforcement – CRANE – December 2023...
 
Out-of-Market Efficiencies in Competition Enforcement – DAVIES – December 202...
Out-of-Market Efficiencies in Competition Enforcement – DAVIES – December 202...Out-of-Market Efficiencies in Competition Enforcement – DAVIES – December 202...
Out-of-Market Efficiencies in Competition Enforcement – DAVIES – December 202...
 
Out-of-Market Efficiencies in Competition Enforcement – ROSE – December 2023 ...
Out-of-Market Efficiencies in Competition Enforcement – ROSE – December 2023 ...Out-of-Market Efficiencies in Competition Enforcement – ROSE – December 2023 ...
Out-of-Market Efficiencies in Competition Enforcement – ROSE – December 2023 ...
 
Out-of-Market Efficiencies in Competition Enforcement – ROSENBOOM – December ...
Out-of-Market Efficiencies in Competition Enforcement – ROSENBOOM – December ...Out-of-Market Efficiencies in Competition Enforcement – ROSENBOOM – December ...
Out-of-Market Efficiencies in Competition Enforcement – ROSENBOOM – December ...
 
Serial Acquisitions and Industry Roll-ups –TZANAKI – December 2023 OECD discu...
Serial Acquisitions and Industry Roll-ups –TZANAKI – December 2023 OECD discu...Serial Acquisitions and Industry Roll-ups –TZANAKI – December 2023 OECD discu...
Serial Acquisitions and Industry Roll-ups –TZANAKI – December 2023 OECD discu...
 
Serial Acquisitions and Industry Roll-ups – GOGA – December 2023 OECD discussion
Serial Acquisitions and Industry Roll-ups – GOGA – December 2023 OECD discussionSerial Acquisitions and Industry Roll-ups – GOGA – December 2023 OECD discussion
Serial Acquisitions and Industry Roll-ups – GOGA – December 2023 OECD discussion
 
Serial Acquisitions and Industry Roll-ups – KOKKORIS – December 2023 OECD dis...
Serial Acquisitions and Industry Roll-ups – KOKKORIS – December 2023 OECD dis...Serial Acquisitions and Industry Roll-ups – KOKKORIS – December 2023 OECD dis...
Serial Acquisitions and Industry Roll-ups – KOKKORIS – December 2023 OECD dis...
 
Serial Acquisitions and Industry Roll-ups – OECD – December 2023 OECD discussion
Serial Acquisitions and Industry Roll-ups – OECD – December 2023 OECD discussionSerial Acquisitions and Industry Roll-ups – OECD – December 2023 OECD discussion
Serial Acquisitions and Industry Roll-ups – OECD – December 2023 OECD discussion
 
Competition and Innovation - The Role of Innovation in Enforcement Cases – VE...
Competition and Innovation - The Role of Innovation in Enforcement Cases – VE...Competition and Innovation - The Role of Innovation in Enforcement Cases – VE...
Competition and Innovation - The Role of Innovation in Enforcement Cases – VE...
 
Competition and Innovation - The Role of Innovation in Enforcement Cases – OE...
Competition and Innovation - The Role of Innovation in Enforcement Cases – OE...Competition and Innovation - The Role of Innovation in Enforcement Cases – OE...
Competition and Innovation - The Role of Innovation in Enforcement Cases – OE...
 

Recently uploaded

RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRachelAnnTenibroAmaz
 
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptxEngaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptxAsifArshad8
 
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunityDon't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunityApp Ethena
 
General Elections Final Press Noteas per M
General Elections Final Press Noteas per MGeneral Elections Final Press Noteas per M
General Elections Final Press Noteas per MVidyaAdsule1
 
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...Sebastiano Panichella
 
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...Sebastiano Panichella
 
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptxerickamwana1
 
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08LloydHelferty
 
Scootsy Overview Deck - Pan City Delivery
Scootsy Overview Deck - Pan City DeliveryScootsy Overview Deck - Pan City Delivery
Scootsy Overview Deck - Pan City Deliveryrishi338139
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRsarwankumar4524
 
Application of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxApplication of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxRoquia Salam
 
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...soumyapottola
 
GESCO SE Press and Analyst Conference on Financial Results 2024
GESCO SE Press and Analyst Conference on Financial Results 2024GESCO SE Press and Analyst Conference on Financial Results 2024
GESCO SE Press and Analyst Conference on Financial Results 2024GESCO SE
 
cse-csp batch4 review-1.1.pptx cyber security
cse-csp batch4 review-1.1.pptx cyber securitycse-csp batch4 review-1.1.pptx cyber security
cse-csp batch4 review-1.1.pptx cyber securitysandeepnani2260
 

Recently uploaded (14)

RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
 
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptxEngaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
 
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunityDon't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
 
General Elections Final Press Noteas per M
General Elections Final Press Noteas per MGeneral Elections Final Press Noteas per M
General Elections Final Press Noteas per M
 
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
 
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...
 
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
 
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
 
Scootsy Overview Deck - Pan City Delivery
Scootsy Overview Deck - Pan City DeliveryScootsy Overview Deck - Pan City Delivery
Scootsy Overview Deck - Pan City Delivery
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
 
Application of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxApplication of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptx
 
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
 
GESCO SE Press and Analyst Conference on Financial Results 2024
GESCO SE Press and Analyst Conference on Financial Results 2024GESCO SE Press and Analyst Conference on Financial Results 2024
GESCO SE Press and Analyst Conference on Financial Results 2024
 
cse-csp batch4 review-1.1.pptx cyber security
cse-csp batch4 review-1.1.pptx cyber securitycse-csp batch4 review-1.1.pptx cyber security
cse-csp batch4 review-1.1.pptx cyber security
 

Investigative powers in practice – PORTUGAL – November 2018 OECD GFC

  • 1. BOS1: Unannounced Inspections in the Digital Age AdC dawn raids A New (Digital) Model 2018 OECD Global Competition Forum 30 November 2018 Nuno Rocha de Carvalho Member of the Board
  • 2. 1 AdC’s investigative powers • Comprehensive inspection powers (undertakings, private homes, vehicles; shareholders, managers, staff) • Including for digital evidence: “regardless of the respective storage medium” • Exceptions: (i) unread emails (ii) some mobile phone data (?) (iii) legal professional privilege (LPP) • Judicial warrant defines scope (undertakings, infringement, time limit)
  • 3. 2 AdC’s dawn raids (2004-2017) 3 1 3 3 0 1 1 1 0 2 2 2 2 16 0 2 4 6 8 10 12 14 16 18 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017
  • 4. 3 2013 dawn raid • 1 case, 10/15 companies • 1 day inspection • 5m documents seized vs 2,000 documents used to prove infringement • Strong litigation as regards access to file and confidentialities • Long and very difficult data review process • Circa 3 years before the SO
  • 5. 4 New dawn raid model • Training / investment in people • Longer duration of dawn raids (1 to 2 weeks) • More people involved per team / minimum of 5 people per target • 1 team leader / real-time communication between team leaders • Mix of staff (lawyers, economists and IT experts) • Dedicated team conducting all dawn raids (experience / know-how) • Strong back office coordination and support and Advanced forensic IT software + (longer) on-site preliminary review
  • 6. 5 Why (longer) on-site preliminary review? • Unread e-mails cannot be seized: must be excluded on site before review • LPP data must be excluded too (includes in-house lawyers) • Judicial warrant with limited scope (seizing data beyond scope needs validation within 72 hours) • Strong litigation regarding confidential information and access to file
  • 7. 6 New “digitized” procedure • Dawn raid preparation - email systems used, email archiving, backups, file systems, encryption, selection of targets, etc. • Dawn raid execution - interview with IT manager, collect files, index, search, tag, seize • Internal forensic IT procedures: relevant (digital) data identification, preservation, collection, processing, review, seizing • Document review (forensic IT): threads/clusters (group items by thread and similarity), metadata (item number, item origin, job title), filters, tags
  • 8. 7 AdC dawn raids - 2017 Retail / large retail 21 premises First SO August 2018 Insurance 5 premises SO in August 2018 River cruises 1 premises Case closed in 2017 Driving schools 1 premises SO and infringement decision in 2017 Railway maintenance 7 premises SO in September 2018 35 COMPANY PREMISES DAWNRAIDED
  • 9. 8 Statistics 2017 Statistics Companies dawnraided 44 (35 premises) Computers/mailboxes searched 439 Data processed (forensic IT) ~40 million documents Duration Average 9 days per target (indexing may take 2 days) Files copied & seized ~40,000 Volume of data collected 13.5 GB
  • 10. 9 Does it work? Old model 2013 example New model 2017 example • 1 case, 10/15 companies  16 cases, 35 company premises • 1 day inspection  1 or 2 weeks inspection per target • Five million documents seized  ~40,000 relevant documents seized • Strong litigation as regards access to file and confidentialities • Long and very difficult data review process  Preliminary assessment on-site  Speedier data review after inspection (4,000 docs per week with forensic IT software; circa 3 months in total) • Only 2,000 documents used to prove the infringement  Low percentage of irrelevant data • Circa 3 years before the SO  SO was issued during the first 12 months
  • 11. 10 Final remarks (1) Challenges • Legal: unread emails, LPP, privacy, mobile phones… • Technical: digital’s fast-pace evolution • Resources: • Investment in forensic IT software: high costs vs speed / efficiency / structural changes • Capacity building
  • 12. 11 Final remarks (2) Lessons learned Investment in high-tech tools is essential, but…. • Staff training is key • Planning • Procedures: everything should be documented and all cases should be “managed” in the same way • Challenge: strategic decisions today that further investigations and enhance results in the long term