Dawn Raids Part 2

Last time, we discussed the preparations a company can take to limit the damage from a dawn raid. This time, we discuss what to do during the actual raid itself.

DURING THE SEARCH

Seizing hard copy documents or electronic data

For some people, it is a natural reaction in such situations to want to hide or destroy potentially incriminating evidence. However, employees must be reminded that under no circumstances should they do so to any electronic or hard copy documents, as it could be seen as obstructing the investigation and this could lead to very serious penalties. In 2006, E.on was the subject of a dawn raid and documents of interest to the investigators were sealed in an office. When they returned to inspect the documents, they found the seal was broken. E.on was fined 38 million euros.

Investigators usually have the right to take copies of any documents relevant to their investigation; for certain agencies, the right exists to take originals. They may also seek to seize company computers to access documentation held on them. This could affect business continuity and the organisation may wish to arrange for the hard drives to be imaged rather than lose hardware for an unspecified length of time.

Privilege

It is likely that privileged documents will be on site when the investigators arrive. The investigators will, in all likelihood, not be aware of the privileged nature of documents and so it is important that a legal representative of the organisation or a member of the in-house legal team is on hand to determine which documents are privileged and which are not. Members of staff who are monitoring, accompanying or shadowing the investigators should be made aware of what they can and cannot do regarding privileged documentation.

Under English law, written communication with both in-house and external lawyers made for the purpose of either giving legal advice or of pending or anticipatory litigation falls under legal advice privilege and litigation privilege.

However, under EU law, privilege does not apply to advice given by in-house lawyers.

If an investigator wishes to inspect the entire hard drive of a computer, this may cause problems if it is either suspected or known that privileged documents are on it. The best option is to notify the investigators that the hard drive may contain privileged information and request a formal determination at a mutually convenient date.

Privileged documentation falling outside the scope of the investigation should not be read, copied or kept by the investigators. The terms ‘privilege’ and ‘scope’ are often subjective and if there is a dispute over whether a particular document falls inside or outside the terms, said document should be placed in an envelope, sealed to the satisfaction of both parties and the judgement on its privileged nature should be deputed to an agreed third party whose judgement is independent of both the organisation and investigators.

Monitoring the investigators

Members of staff who have been given the task of monitoring investigators should bear in mind the following whilst carrying out their role:

• They should at no point leave the investigator whom they are monitoring.

• Any document which has been copied by the investigators should be noted for future reference. This note should include the subject, author and date of creation. If a document has been seized by the investigators, a copy should be kept by the organisation.

• If the investigators enter any particular office, or access any files, a note should be made of this.

• Keep a note of each question asked and answered.

• Although it is unlikely, an investigator may attempt to inspect, copy or seize privileged documents or documents falling outside the scope of the investigation. This should be prevented with a firm but polite reminder to the investigator in question.

Answering questions

Investigators can ask employees questions but they should relate to the scope of the investigation, rather than be a fishing trip. Issues relating to the search for documents or other relevant information are valid areas of discussion.

Interviews or interrogation of employees are outside the remit of investigators.

Employees

There are several important points that should be made about the way that employees should behave around the investigators. It will most likely be impossible to predict which members of staff will encounter them, so a guide to behaviour and actions should be made available to all staff.

• Employees should ensure that they behave in a polite and non-confrontational way towards the investigators. However, they should not be inveigled into giving out any more information than is necessary. All staff should ask to have a legal representative present if questions are asked.

• Investigators should be allowed access to all offices and to all electronic and hard copy work files. Not permitting investigators access could be seen as obstructive and may raise unfounded concerns in their minds.

• No attempt should be made to delete e-mails, remove documents from the building or shred any hard copy documents. Again, this may cause the investigators to draw false conclusions and could create more problems than it solves.

• Employees should not discuss the investigation with anyone except legal representatives, senior management or individuals who have been authorised by the organisation. This is to prevent news of the investigation leaking out in a way that cannot be managed.

Reviewing the investigation

No sooner has the raid finished than the organisation should begin to review and catalogue exactly what has been taken by the investigators.

If the company has measures in place to deal with the demands of investigators, it is likely that a member (or members) of staff will have been assigned to monitor what is done and what is demanded by the investigators.

Detailed notes of every document, file or folder copied and taken should be kept.

When reviewing this, the organisation may be able to gain valuable insight into what the investigators were looking for and what the next step of the investigation might be. The outcome of this review should be shared at all times with the organisation’s legal representatives or in-house lawyers.

The repercussions

As can be imagined, the news that a dawn raid has been mounted on an organisation will spread quickly, given the conduits of social media. This can have a sizeable and serious effect on the organisation’s reputation and it is therefore important that there is a prepared strategy by the organisation to manage the fallout that will ensue.

Although a company may decide that it does not wish to deal with the press, the nature of the raid may mean that this is impossible. The media have an ability to arrive on the scene that is almost prescient and the best strategy is to deal with the inevitable. A statement should be prepared and quickly issued to prevent damaging speculation.