The Rise of Technology: Using Section 236 in the Digital Era (UK)

All insolvency professionals appreciate that Section 236 of the Insolvency Act 1986 (“s236”) grants significant investigatory powers to office-holders into a company’s business dealings, affairs and director conducts, including the power to obtain third-party records and information.

As technology now largely replaces a company’s paper-based records, and has become an integral part of business operations, the powers of office-holders under s236 has also evolved to match the new realities of this digital era. In this alert, we explore how the emergence of online instant messaging platforms, email accounts and data storage has transformed insolvency investigations, necessitating a more sophisticated approach that balances corporate transparency against the benefits of such technological advancements, with the imperative to protect individual rights and data protection.

Factual Background

To give a brief overview, the case explored in this alert concerned a group of over 30 companies (the “Group”), all controlled by an ultimate beneficial owner, who served as the founder and director of the Group (the “Director”). The Group’s purported purpose was to purchase, renovate and operate luxury care homes/hotels, in which all investors (“Investors”) purchased leasehold interests based on a fractional ownership structure. By the time of its collapse, the Group owned over 20 properties via various special purpose vehicles, with its books and records in significant disarray. Ultimately, it was concluded that the structure was nothing more than a sophisticated ‘Ponzi’ scheme, where later sales proceeds were utilised to pay the guaranteed return due to the early Investors.

The office-holders’ subsequent investigation revealed that, rather than via the Group’s email servers, the Director was in fact conducting the Group’s business and communicating with the Group employees and third-party advisors via an instant messaging platform (“On-line Messages”).

To re-constitute the Group’s business, affairs and dealings, the office-holders issued a s236 application against the tech company operating the instant messaging platform, seeking copies of the On-line Messages, initially without giving any notice to the Director due to the high risk of deletion (the “Application”).

Whilst the tech company remained neutral as to the Application, it became apparent during the proceedings that, because the On-line Messages were transmitted via the Director’s personal account(s), there was inevitable intermingling of his personal affairs and that of the Group’s business. This reality had significant legal ramifications because, if the office-holders were granted access to the On-line Messages, such access could potentially infringe upon the Director’s human rights, and rights to privacy and data protection.

Section 236 and the Court's Approach

In this instance, s236 played a pivotal role in balancing the need for corporate transparency with the protection of individual privacy rights. The importance of corporate transparency in unravelling the complexities of the Group’s business affairs was recognised by the Court, especially given the evidence of financial fraud. However, the Court also concluded that the privacy rights of the Director should also be protected.

The Court undertook a proactive approach by implementing robust mechanisms that protected individual privacy rights but also secured essential information for the office-holders’ investigation, without the need to appoint an independent solicitor to review the data. The initial step was for the On-line Messages to be downloaded to a secure site and ring-fenced to circumvent any risks of deletion by the Director, once the Director was notified of the Application.

In order to provide for adequate protection of the Director’s rights, the Court required written assurances (provided by way of solicitor’s undertakings to the Court) that all On-line Messages reviewed which did not relate to the business and affairs of the Group, would be separated, held confidentially and not to be used for any purpose without the permission of the Court and/or destroyed.

The Court's rationale for granting access to the office-holders to the On-line Messages under s236 was based upon the Court’s conclusion that such access was necessary for the office-holders to obtain comprehensive information that provided insights into the Group’s dealings, while also respecting the Director’s fundamental human rights of privacy.

Data Storage and Extraterritorial Considerations

With the global distribution of instant messaging platforms, the supporting data centres and underlying servers (as well as the legal entities owning or operating this technology) often spread across multiple jurisdictions. This modern technological reality presents unique hurdles when parties seek to enforce court orders outside of the relevant jurisdiction, as well as the need for operators of the technology to ensure compliance with various local laws and regulations.

In the present case, the Application needed to be brought against the tech company’s legal entity associated with the instant messaging platform’s UK account services, based in an EU member state. This required the Court’s permission to serve the proceedings outside of the Court’s jurisdiction. The office-holders also established that the EU Insolvency Regulation (Recast) (2015/848) applied to the Group’s insolvency proceedings as the main proceedings, since the action was commenced before the Brexit transition period ended, so the Court was conferred with extra-territorial jurisdiction to grant s236 orders against EU resident entities. Given the fact that new insolvency proceedings will have commenced after the Brexit transition, careful consideration needs to be given to the enforceability of s236 orders outside of its original UK jurisdiction.

Conclusion

Despite various obstacles, the Court’s decision in this case demonstrated that s236 could be used successfully to obtain a company’s essential information and documents from instant messaging platforms (and potentially, social media platforms) even when they are transmitted via an individual’s personal account and mixed with personal records. The Court successfully navigated the complexities and necessity of accessing key company records and communications whilst respecting individual rights, a crucial balancing act that allowed for transparency and accountability in corporate insolvency investigations, without compromising the personal privacy rights of individuals involved.

Furthermore, the case was a welcome step forward in providing needed clarity to office-holders on their ability to access online instant message / social media platforms or non-business email accounts, which should greatly assist future corporate insolvency investigations, and accrue benefits for the underlying creditors.