Case T-483/13, audit of Zenon, legality of FP6 external financial audits, personal data protection, overriding public interest
Dear Secretariat General (SG),
Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:
The application is submitted via the Secretariat-General because several Directorates-General of the Research DGs may be concerned.
I. APPLICATION CONTEXT
The application is based on the information that emerged from the Order of the President of the General Court of 27/11/2013 in the case T-483/13, Oikonomopoulos v Commission. For the present application the following passages of the Order are relevant:
- §10 “In November 2008, an audit was carried out at Zenon on behalf of the Commission in relation to several contracts under that programme”, ‘the Audit’
- §11 “According to the draft audit report”, ‘the draft Audit Report’
II. REQUEST FOR DOCUMENTS
Copies of the following documents are kindly requested:
R1. The letter announcing to Zenon the conduct of the Audit, including all annexes thereto.
R2. The letter(s) instructing the audit firm to carry out an audit to Zenon.
R3. The flash report(s) drawn up by the audit firm.
The documents proving that the audit firm carried out the financial audit of Zenon in accordance to the Law of Greece 2472/97 (as amended), specifically:
R4.a. The notification the audit firm ought to have provided to the data subjects (third parties to the audited projects, the personal data of which the audit firm collected from Zenon) in accordance to article 11(3) of Law 2472/97 on the occasion the audit firm transferred their personal data to the Commission services.
R4.b. The notification of the audit firm submitted to the Data Protection Authority pursuant to article 6 of Law 2472/97.
R4.c. The notification Zenon ought to have provided to the data subjects (third parties to the audited projects, the personal data of which Zenon disclosed to the audit firm and the Research DGs) in accordance to article 11(3 ) of Law 2472/97 on the occasion Zenon transferred their personal data to the audit firm.
R4.d. In the event the audit firm obtained personal data directly from Zenon employees, or service providers, the Privacy Statement the audit firm provided data subjects with. An example of such processing is an interview of a researcher-data subject.
R5. The draft Audit Report of the audit firm.
R6. The final audit of the audit firm.
R7. The correspondence between the Commission services and the audit firm regarding the audit of Zenon. This includes emails and notes to file.
R8. The audit report drawn up by the Research DGs reflecting the findings of the OLAF investigation of Comeng Computerised Engineering. Presumably, this report was drawn up in 2011 or even later, since in §3 of the Order it is stated “OLAF carried out an on-the-spot check at the premises of Comeng in Cyprus and in February 2011 issued the final audit report”.
R9. The recovery orders
R10. The debit notes
R10. The article 25 of Regulation 45/2001 prior notification that covered in November 2008 the audit of Zenon.
R11. The documents the Commission services drew up pursuant to article 23(1) of Regulation 45/2001 concerning the audit firm
R12. The documents the Commission services drew up pursuant to article 23(2) of Regulation 45/2001 concerning the audit firm.
R13. The documents with which the Commission services issued instructions to the audit firm to process personal data of individuals charged by Zenon to the audited projects.
R14. The documents duly authorising Commission officials to instruct the audit firm to process the personal data of individuals charged by Zenon to the audited projects.
R15. The Audit Manuals the Commission services provided directly to the audit firm, or caused, or tacitly accepted to be provided to the audit firm by another audit firm – signatory of a contract with the Commission, as the case may be.
R16. The documents with which the Commission services ensured that the audit firm did not exercise discretionary powers of judgments in the audit of Zenon, as expressly prohibited by article 57(2) of Regulation 1605/2002 (as amended).
R17. The internal administrative decision, or equivalent, concerning the ‘adoption’ and authorisation for publication of the ‘Guide to Financial Issues relating to Indirect Actions
of the Sixth Framework Programmes’.
R18. The document(s) duly authorising the official(s) who ‘adopted’ the Guide of request R17 and cause the publication thereof. It is expected that the authorisation ultimately stemmed from a Commission Decision adopted by the written procedure.
Because this application does not request the transfer of personal data, the parts of the documents allowing the identification of individuals are to be blanked out.
III. INFORMATION IN THE PUBLIC DOMAIN
This section argues that information in the public domain is not to be blanked out in the documents to be disclosed. Specifically, information about Zenon and the audit firm lawfully disclosed in the public domain may not be subject to the exceptions of article 4 of Regulation 1049/2001. Some important reasons are outlined below.
First, the Order has disclosed several important facts. It is also well known that the only member of the Polaris Group of independent auditors in Greece is the audit firm Kypris & Associates that has carried out dozens of FP6 and FP7 audits in Greece. The Commission services must not expunge parts of the documents information already lawfully in the public domain.
Second, both DG RTD and DG CNECT have recently released in applications under Regulation 1049/2001 letters announcing audits, GestDem 2013/3956, http://www.asktheeu.org/en/request/714/r... . Consequently, they cannot refuse to disclose the document under R1 and annexes thereto.
Finally and third, since DG RTD has also released partially three audit reports in GestDem 2013/3654, the Commission services are required to fully release the audit reports, except the parts containing personal data. Since a great deal of the structure and content of the audit reports is pubic information (for instance, it was published as an annex to a call for tenders in mid-2000s), the Commission services should not withhold those parts.
IV. OVERRIDING PUBLIC INTEREST
As the Commission services are aware, from their responses to the applications under Regulation 1049/2001 submitted via asktheeu.org it has emerged that the external financial audits of the Research DGs are tainted by grave illegalities, having reached the point of drawing up prior notifications with false statements and a non-existing legal basis (DG ENTR DPO-3334, DG INFSO DPO-3338, DG RTD DPO-3398, DG MOVE DPO-3420).
The response to the confirmatory application GetDem 2013-3822, http://www.asktheeu.org/en/request/627/r..., shows that the gravely illegal personal data processing in the external financial audits of the Research DGs was not a Commission policy. The inescapable conclusion is that the administrative departments had adopted an unathorised policy to disregard regulation 45/2001 and infringe it in a massive scale.
From the passage §2 of the Order “According to the draft audit report . . . Those costs were, however, disallowed in full, since they were not considered eligible either as personnel costs or subcontracting costs” it appears that the Research DGs have allowed the audit firm to exercise discriminatory powers of judgment in the Audit, which is a manifest infringement of article 57(2) of Regulation 1605/2002. All this has been taking place in a solely contractual context, where personal data processing of third parties to the Zenon audited research contracts is manifestly illegal, both according to Law 2472/97 and Regulation 45/2001.
It is also highly relevant to note what another applicant has very recently argued recently in a confirmatory application to OLAF, http://www.asktheeu.org/en/request/exter..., about the illegalities of the S.5 Unit of the former DG INFSO in 2008:
“The S.5 Unit illegalities were taking place as early as mid-2008. The European Data Protection Supervisor has partially released under Regulation 1049/2001 the documents about his investigation in the EDPS case 2008—622, http://www.asktheeu.org/en/request/forme....
From the DG INFSO document of 29/1/2009 D(2008) 103075, http://www.asktheeu.org/en/request/594/r... , it is evident that the S.5 Unit, first, had illegally transferred the complainant’s personal data to another legal person (the mother
company of her employer), and second, contravened article 339 TFEU. All personal data processing of the S.5 Unit has been flagrantly illegal, as such processing entailed many infringements of Regulation 45/2001. OLAF is referred to a confirmatory application
pursuant to Regulation 1049/2001 submitted to the Ombudsman, http://www.asktheeu.org/en/request/forme... , especially section 4.2 “FURTHER GRAVE BREACHES OF THE LAW BY THE DG INFSO RISK-BASED AUDITS” where the applicant has analysed the illegalities of the S.5 Unit.”
The applicant’s research shows that Zenon was a participant to at least 2 DG INFSO FP6 projects. The S.5 Unit was very closely associated with OLAF. Consequently, it is likely that the S.5 Unit was heavily involved in the Zenon audit and the ensuing OLAF external investigation. This argument lends extensive support to the overriding public interest argument of this application, especially for the request R8.
In view of the manifest illegalities in every single external financial audit, it is necessary to scrutinise the acts of the Research DGs in the audit of Zenon, where it appears that article 57(2) of Regulation 1605/2002 (as amended) was infringed upon.
Yours faithfully,
Mr. Akis NASTAS
Dear Secretariat General (SG),
Eleven working days after the submission of an application, according to the website of asktheeu.org the Transparency Unit has not yet acknowledged the registration of the application.
I would therefore expect that the registration would be acknowledged in the next few days.
Yours faithfully,
Mr. Akis NASTAS
Dear Secretariat General (SG),
I refer to the application of 30/11/2013 and the reminder of 17/12/2013, which are found at the links http://www.asktheeu.org/en/request/case_... & http://www.asktheeu.org/en/request/case_....
Eighteen working days since the lodging of the application the Transparency Unit has not acknowledged its registration.
It cannot escape one's attention that the application concerns the granting of access to documents about the darkest area of the compliance with legality of DG INFSO. It is obvious that the involvement of OLAF in that particular FP6 contractor and the action before the General Court makes the matter far more tricky to handle in an application under Regulation 1049/2001.
The action before the Court is bound to bring into the public all kinds of information about the DG INFSO risk-based audits and OLAF's investigations of FP6 contractors, two ares for which there are extremely serious doubts about adherence to legality. The disclosure of information to the public by the publishing of the Court's Order and future Judgement will likely deprive the usual excuses of DG INFSO and OLAF in refusing access to documents about risk-based audits and OLAF's investigations of research projects.
Nevertheless, DG INFSO and OLAF ought to have considered that their actions in that particular areas could not for ever escape public scrutiny. When OLAF investigates the FP6 projects of a company listed in a Stock Exchange, OLAF has taken on entities that are not a pushover like a tiny Small and Medium Enterprise (SME) that cannot afford good legal protection. Such kind of entities that were dragged into OLAF external investigations have resources to engage specialist counsels, who in turn would discover the huge holes in the legality DG INFSO risk-based audits and the closely linked OLAF's external investigations. This in turn implies that lots of information will come out in public in the wake of the legal action before the General Court.
The public's access to documents under Regulation 1049/2001 is an indirect way of restraining the Commission services in having a complete disregard of legality, particularly Regulation 45/2001 and Directive 95/46/EC. It is so because documents are to be released, and this thereby enables scrutiny.
I would be obliged if the Transparency Unit would promptly acknowledged the registration of the application.
Yours faithfully,
Mr. Akis NASTAS
Dear Nastas,
We hereby acknowledge receipt of your request for access to documents
dated 30/11/2013, registered on 27/01/2014 under the references GESTDEM
2014/442 (for DG CONNECT) and GESTDEM 2014/450 (for DG RTD).
In accordance with Regulation 1049/2001 regarding public access to
European Parliament, Council and Commission documents, you will receive a
response to your request within 15 working days (17/02/2014). In case this
time limit needs to be extended, you will be informed in due course.
Yours sincerely,
BLURIOT-PUEBLA Madeleine
Cellule 'Accès aux documents'
European Commission
SG/B/5 - Transparence
BERL 05/330
B-1049 Brussels/Belgium
+32 2 296 09 97
[1][email address]
Dear Mr Nastas,
We refer to your email of 30/11/2013 in which you submit a request for
access to documents, registered on 27/01/2014 under the above mentioned
reference number.
We would like to reassure you that your application is currently being
processed.
Your request concerns potentially a very large number of documents
possibly held by different services. A thorough research will thus be
required which cannot be carried our within the normal time limits set out
in Article 7 of Regulation 1049/2001.
Yet, the Regulation also provides for a possibility to confer with
applicants in order to find a fair solution in such circumstances. Article
6(3) provides that "in the event of an application relating to a very long
document or to very large number of documents, the institution concerned
may confer with the applicant informally, with a view to finding a fair
solution".
Based on this provision, we would kindly ask you whether you would agree
that we extend the deadline for handling your application until 30 March
2014. Needless to say, we will endeavour to finalise the handling of your
application for access to documents as promptly as possible, depending on
the final number of identified corresponding documents to be assessed.
If you have any questions concerning this proposal, you can contact us by
email to: [email address]
Thank you in advance for your understanding.
Yours faithfully,
Liliane DE WOLF
Head of Unit
[1]Description: cid:image001.gif@01CF0AE9.BBA1E200
European Commission
DG Research & Innovation
J1
ORBN 01/037
1049 Brussels/Belgium
+32 229-61073
[2][email address]
[3]http://ec.europa.eu/research
References
Visible links
2. mailto:[email address]
3. http://ec.europa.eu/research
Dear Secretariat General (SG),
Please forward this message to DG RTD J1 Unit.
***********
Dear Madam,
I refer to your email of 7/2/2014 concerning GestDem 2014/450 http://www.asktheeu.org/en/request/case_...
I. AGREEMENT WITH THE DG RTD PROPOSAL
The proposal to extend the time-limit to 30 March 2014 is accepted.
II. INFORMATION IN THE PUBLIC DOMAIN, DG INFSO AUDIT OF FP6-GNOSIS & FP6 ALLADIN
As a company quoted in the Athens Stock Exchange, Zenon had disclosed to the public information from the audit in a report dated 25/2/2010 http://www.avenir.gr/Uploads/offering_ci.... From pages 34 and 51 of that report it emerges that the audit was carried out in November 2008; the Commission requested for the FP6-Gnosis and FP6-Alladin the reimbursement of 168 and 130 thousand Euro respectively; according to Cordis, these two projects were managed by DG INFSO.
III. DETAILED COMMENTS ON THE REQUESTS
It appears that requests #1 - #10 and #10bis - #18 concern documents drawn up by DG INFSO and DG RTD respectively.
For several of the request #10bis - #18, comments are provided in order to speed up the release of documents. For the sake of completeness, both the request and the comment are given below; comments are preceded by ‘N.’.
R10bis. The article 25 of Regulation 45/2001 prior notification that covered in November 2008 the audit of Zenon.
N10bis. According to the DG RTD initial reply in GestDem 2013/3573 (under #8 and #9) http://www.asktheeu.org/en/request/610/r... no prior notification covered the DG RTD audits prior to mid-April 2011.
R15. The Audit Manuals the Commission services provided directly to the audit firm, or caused, or tacitly accepted to be provided to the audit firm by another audit firm – signatory of a contract with the Commission, as the case may be.
N15. The FP6 Audit Manual of 16/9/2006 is essentially public information – albeit in two fragments – in GestDem 2013/3349. http://www.asktheeu.org/en/request/finan.... Hopefully, access to a proper ‘copy’ will be granted in this application.
R16. The documents with which the Commission services ensured that the audit firm did not exercise discretionary powers of judgments in the audit of Zenon, as expressly prohibited by article 57(2) of Regulation 1605/2002 (as amended).
N16. In view of the reply to GestDem 2013/5714 http://www.asktheeu.org/en/request/1016/... it is probable that no documents are held.
Yours faithfully,
Mr. Akis NASTAS
Dear Mr Nastas,
We refer to your emails of 28 January 2014 in which you submitted three
requests for access to documents registered on the same day under the
above mentioned reference numbers.
We further refer to the letter signed by Ms Marianne Klingbeil from the
European Commission of 6 March 2014 registered under the following
reference number: Ares(2014) 607699, which was sent to you via email.
We regret to inform you that following your lack of response to this
letter within the prescribed deadline of 21 March 2014, we have to close
your three above mentioned pending applications for access to documents.
Yours sincerely,
Liliane DE WOLF
Head of Unit
[1]cid:image001.gif@01CF0AE9.BBA1E200
European Commission
DG Research & Innovation
J1
ORBN 01/037
1049 Brussels/Belgium
+32 229-61073
[2][email address]
[3]http://ec.europa.eu/research
References
Visible links
2. mailto:[email address]
3. http://ec.europa.eu/research
Dear Mr Nastas,
We refer to your emails of 28 January 2014 in which you submitted three
requests for access to documents registered on the same day under the
above mentioned reference numbers.
We further refer to the letter signed by Ms Marianne Klingbeil from the
European Commission of 6 March 2014 registered under the following
reference number: Ares(2014) 607699, which was sent to you via email.
We regret to inform you that following your lack of response to this
letter within the prescribed deadline of 21 March 2014, we have to close
your three above mentioned pending applications for access to documents.
Yours sincerely,
Liliane DE WOLF
Head of Unit
[1]cid:image001.gif@01CF0AE9.BBA1E200
European Commission
DG Research & Innovation
J1
ORBN 01/037
1049 Brussels/Belgium
+32 229-61073
[2][email address]
[3]http://ec.europa.eu/research
References
Visible links
2. mailto:[email address]
3. http://ec.europa.eu/research