Privacy & Cybersecurity Law Blog

On November 30, 2011, the French Court of Cassation upheld a decision that excluded the application of the French Data Protection Act (Loi relative à l’informatique, aux fichiers et aux libertés) to an investigation conducted by the French Competition Authority (Autorité de la Concurrence) on the grounds that the search and seizure was authorized by an “freedoms and custody judge” (juge des libertés et de la détention).

The French Commercial Code grants the French Competition Authority the power to inspect the premises of a company suspected of anti-competitive practices and to search and seize all company documents and information that may be relevant to an investigation. On February 19, 2010, the Court of Appeals of Versailles upheld the Commission Authority’s unlimited search and seizure of emails belonging to employees of the company, Janssen-Cilag. The Court of Appeals found that the agents of the Commission Authority were authorized by a “freedoms and custody judge” to inspect the emails as part of the Commission Authority’s investigation into an alleged abuse of the company’s dominant position in the pharmaceutical market.

Janssen-Cilag and several of its employees challenged the validity of the search on the grounds that the Competition Authority violated the individuals’ rights to privacy, right to secrecy of correspondence, and right to the protection of personal data by seizing all employee emails, including private emails of employees and certain third parties. The Court of Appeals held that the seizure of private emails and documents that were potentially irrelevant to the investigation did not invalidate the search because the investigation had been authorized by a judge, which excluded the application of the French Data Protection Act. The Court of Appeals also reasoned that the investigation was not disproportionate and employees were permitted to reclaim all emails and documents that were identified as private, confidential or irrelevant to the investigation.