In November 2024, the U.S. Department of Justice Antitrust Division (“Antitrust Division” or “Division”) updated its guidance on how it will evaluate Corporate Compliance Programs when conducting criminal antitrust investigations. The updated guidance demonstrates that when the Antitrust Division is evaluating a company’s compliance program as part of its investigation and charging-decision process, it will assess what the company has done to preserve electronic communications, such as ephemeral messages, and steps the company has taken to account for new technologies as well as its use of artificial intelligence (AI) and algorithmic revenue management software when conducting company business. Updating compliance programs in these areas will be helpful for companies seeking to detect and prevent criminal antitrust violations. And should a company become the subject of either a criminal or civil antitrust investigation, evidence that it has developed and implemented policies regarding new communications platforms and protocols concerning the use of AI and algorithmic software will make it easier for a company to effectively argue for credit for a robust and effective compliance program. Such steps may make a meaningful difference in influencing the Antitrust Division when it is making charging decisions.
Effective Compliance Programs Should Account for All Forms of Communication
The updated guidance indicates that the Antitrust Division will probe whether the company has instituted “clear guidelines regarding the use of ephemeral messaging or non-company methods of communication including the extent to which those communications are permitted and when employees must preserve those communications.” Ephemeral messaging tools allow messages to disappear without a backup or archiving function. The guidance reflects the Antitrust Division’s view that even when employees use personal devices and third-party messaging platforms that have not been formally approved for conducting company business, the Antitrust Division will seek those communications and expect clear guidance from the company to its employees about disclosing and preserving such communications and communication routes. The Antitrust Division will probe the retention and deletion settings that are available to employees, as well as the rationale the company used for establishing its directives. The guidance is consistent with recent updates to the DOJ’s standard preservation letters and subpoenas to include language regarding the preservation of ephemeral messages and other new methods of communications.
Companies face clear obstacles in monitoring the actions employees may take when violating company policies regarding ephemeral messaging and non-approved forms of communication to conduct company business. Yet it remains imperative to have clearly articulated policies in place with a sound rationale for the policies that are implemented. When a compliance program addresses these matters and employees are properly trained on the policies, the company can more effectively argue to Division officials that employees who failed to follow clearly stated directives were not acting on behalf of the company. The weight of these arguments will vary depending on the unique circumstances of each case, but having a clearly articulated policy in place will at least provide an avenue to present the argument to Division prosecutors.
Compliance Programs Should be Updated to Assess and Address Risk Relating to the Use of AI
One of the factors that DOJ prosecutors are instructed to consider when evaluating antitrust compliance programs is how the program handles risk assessment in a variety of categories. The updated guidance states that effective compliance programs must address how a company uses “technology, particularly new technologies such as artificial intelligence” and “algorithmic revenue management software” to conduct business. The DOJ’s guidance follows warnings earlier this year from the U.S. Federal Trade Commission that the use of algorithms to assist in determining prices may violate federal antitrust laws, regardless of the business or industry. Per the recent DOJ guidance, compliance programs should have mechanisms to mitigate risk in the deployment of such technology. At a minimum, these mechanisms should help compliance officers understand how AI and other technology tools are being used for pricing and marketing decisions and what the data inputs include. The risk assessment should evaluate what public, non-public, and non-company data are being used as well as what data the company may be sharing externally through technology. In turn, the compliance program should address how the company can detect and correct, when necessary, decisions made by AI or other technologies that may be problematic.
Deploying AI and other innovative technologies without proper safeguards increases the risk of lawsuits from civil litigants alleging antitrust violations based on the use of third-party platforms to share sensitive business information. An effective compliance program will evaluate the use of such platforms or third-party information and will require decision makers to document why certain technologies were adopted for business purposes and how those technologies are pro-competitive.
Conclusions and Recommendations
In 2019, the Antitrust Division announced a shift in its approach for evaluating compliance programs whereby it would credit effective antitrust compliance programs at both the charging and sentencing stages of its enforcement activities. The updated guidance provides insights on the Division’s priorities when considering credit for compliance programs and direction for companies and their compliance officers on how to reevaluate and improve their corporate compliance infrastructure. A robust antitrust compliance program should address each aspect of compliance as discussed in the Antitrust Division’s “Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations.” Two key areas of compliance program assessment should include an evaluation of communications policies for all employees as well as a deeper analysis of how the company is using AI and other technologies in pursuing its business objectives.