More Nuanced Procurement Transparency to Protect Competition: Has the Court of Justice Hit the Brakes on Open Procurement Data in Antea Polska (C-54/21)?

** This comment was first published as an Op-Ed for EU Law Live on 8 December 2022 (see formatted version). I am reposting it here in case of broader interest. **

In Antea Polska (C-54/21), the Court of Justice provided further clarification of the duties incumbent on contracting authorities to protect the confidentiality of different types of information disclosed by economic operators during tender procedures for the award of public contracts. Managing access to such information is challenging. On the one hand, some of the information will have commercial value and be sensitive from a market competition perspective, or for other reasons. On the other hand, disappointed tenderers can only scrutinise and challenge procurement decisions reliant on that information if they can access it as part of the duty to give reasons incumbent on the contracting authority. There is thus a clash of private interests that the public buyer needs to mediate as the holder of the information.

However, in recent times, procurement transparency has also gained a governance dimension that far exceeds the narrow confines of the tender procedures and related disputes. Open contracting approaches have focused on procurement transparency as a public governance tool, emphasising the public interest in the availability of such information. This creates two overlapping tracks for discussions on procurement transparency and its limitations: a track concerning private interests, and a track concerning the public interest. In this Op-Ed, I examine the judgment of Court of Justice in Antea Polska from both perspectives. I first consider the implications of the judgment for the public interest track, ie the open data context. I then focus on the specifics of the judgment in the private interest track, ie the narrower regulation of access to remedies in procurement. I conclude with some broader reflections on the need to develop the institutional mechanisms and guidance required by the nuanced approach to procurement transparency demanded by the Court of Justice, which is where both tracks converge.

Procurement Transparency and Public Interest

In the aftermath of the covid-19 pandemic, procurement transparency became a mainstream topic. Irregularities and corruption in the extremely urgent direct award of contracts could only be identified where information was made public, sometimes after extensive litigation to force disclosure. And the evidence that slowly emerged was concerning. The improper allocation of public funds through awards not subjected to most (or any) of the usual checks and balances renewed concerns about corruption and maladministration in procurement. This brought the spotlight back on proactive procurement transparency as a governance tool and sparked new interest in open data approaches. These would generate access to (until then) confidential procurement information without the need for an explicit request by the interested party.

A path towards ‘open by default’ procurement data has been plotted in the Open Data Directive, the Data Governance Act, and the new rules on Procurement eForms. Combined, these measures impose minimum open data requirements and allow for further ‘permissioned’ openness, including the granting of access to information subject to the rights of others—eg on grounds of commercial confidentiality, the protection of intellectual property (IP) or personal data (see here for discussion). In line with broader data strategies (notably, the 2020 Data Strategy), EU digital law seems to gear procurement towards encouraging ‘maximum transparency’—which would thus be expected to become the new norm soon (although I have my doubts, see here).

However, such ‘maximum transparency’ approach does not fit well the informational economics of procurement. Procurement is at its core an information or data-intensive exercise, as public buyers use tenders and negotiations to extract private information from willing economic operators to identify the contractor that can best satisfy the relevant needs. Subjecting the private information revealed in procurement procedures to maximum (or full) transparency would thus be problematic, as the risk of disclosure could have chilling and anticompetitive effects. This has long been established in principle in EU procurement law—and more generally in freedom of information law—although the limits to (on-demand and proactive) procurement transparency remain disputed and have generated wide variation across EU jurisdictions (for extensive discussion, see the contributions to Halonen, Caranta & Sanchez-Graells, Transparency in EU Procurements (2019)).

The Court’s Take

The Court of Justice’s case law has progressively made a dent on ‘maximum transparency’ approaches to confidential procurement information. Following its earlier Judgment in Klaipėdos regiono atliekų tvarkymo centras (C-927/19), the Court of Justice has now provided additional clarification on the limits to disclosure of information submitted by tenderers in public procurement procedures in its Judgment in Antea Polska. From the open data perspective, the Court’s approach to the protection of public interests in the opacity of confidential information are relevant.

Firstly, the Court of Justice has clearly endorsed limitations to procurement transparency justified by the informational economics of procurement. The Court has been clear that ‘the principal objective of the EU rules on public procurement is to ensure undistorted competition, and that, in order to achieve that objective, it is important that the contracting authorities do not release information relating to public procurement procedures which could be used to distort competition, whether in an ongoing procurement procedure or in subsequent procedures. Since public procurement procedures are founded on a relationship of trust between the contracting authorities and participating economic operators, those operators must be able to communicate any relevant information to the contracting authorities in such a procedure, without fear that the authorities will communicate to third parties items of information whose disclosure could be damaging to those operators’; Antea Polska (C-54/21, para 49). Without perhaps explicitly saying it, the Court has established the protection of competition and the fostering of trust in procurement procedures as elements inherently placed within the broader public interest in the proper functioning of public procurement mechanisms.

Second, the Court has recognised that ‘it is permissible for each Member State to strike a balance between the confidentiality [of procurement information] and the rules of national law pursuing other legitimate interests, including that … of ensuring “access to information”, in order to ensure the greatest possible transparency in public procurement procedures’; Antea Polska (C-54/21, para 57). However, in that regard, the exercise of such discretion cannot impinge on the effectiveness of the EU procurement rules seeking to align practice with the informational economics of procurement (ie to protect competition and the trust required to facilitate the revelation of private information, as above) to the extent that they also protect public interests (or private interests with a clear impact on the broader public interest, as above). Consequently, the Court stressed that ‘[n]ational legislation which requires publicising of any information which has been communicated to the contracting authority by all tenderers, including the successful tenderer, with the sole exception of information covered by the [narrowly defined] concept of trade secrets [in the Trade Secrets Directive], is liable to prevent the contracting authority … from deciding not to disclose certain information pursuant to interests or objectives [such as the protection of competition or commercial interests, but also the preservation of law enforcement procedures or the public interest], where that information does not fall within that concept of a trade secret’; Antea Polska (C-54/21, para 62).

In my view, the Court is clear that a ‘maximum transparency’ approach is not permissible and has stressed the duties incumbent on contracting authorities to protect public and private interests opposed to transparency. This is very much in line with the nuanced approach it has taken in another notable recent Judgment concerning open beneficial ownership data: Luxembourg Business Registers (C‑37/20 and C‑601/20) (see here for discussion). In Antea Polska, the Court has emphasised the need for case-by-case analysis of the competing interests in the confidentiality or disclosure of certain information.

This could have a significant impact on open data initiatives. First, it comes to severely limit ‘open by default’ approaches. Second, if contracting authorities find themselves unable to engage with nuanced analysis of the implications of information disclosure, they may easily ‘clam up’ and perpetuate (or resort back to) generally opaque approaches to procurement disclosure. Developing adequate institutional mechanisms and guidance will thus be paramount (as below).

Procurement Transparency and Private Interest

In its more detailed analysis of the specific information that contracting authorities need to preserve in order to align their practice with the informational economics of procurement (ie to promote trust and to protect market competition), the Court’s views in Antea Polska are also interesting but more problematic. The starting point is that the contracting authority cannot simply take an economic operator’s claim that a specific piece of information has commercial value or is protected by IP rights and must thus be kept confidential (Antea Polska, C-54/21, para 65), as that could generate excessive opacity and impinge of the procedural rights of competing tenderers. Moving beyond this blanket approach requires case-by-case analysis.

Concerning information over which confidentiality is claimed on the basis of its commercial value, the Court has stressed that ‘[t]he disclosure of information sent to the contracting authority in the context of a public procurement procedure cannot be refused if that information, although relevant to the procurement procedure in question, has no commercial value in the wider context of the activities of those economic operators’; Antea Polska (C-54/21, para 78). This requires the contracting authority to be able to assess the commercial value of the information. In the case, the dispute concerned whether the names of employees and subcontractors of the winning tenderer should be disclosed or not. The Court found that ‘in so far as it is plausible that the tenderer and the experts or subcontractors proposed by it have created a synergy with commercial value, it cannot be ruled out that access to the name-specific data relating to those commitments must be refused on the basis of the prohibition on disclosure’; Antea Polska (C-54/21, para 79). This points to the emergence of a sort of rebuttable presumption of commercial value that will be in practice very difficult to overcome by a contracting authority seeking to disclose information—either motu proprio, or on the request of a disappointed tenderer.

Concerning information over which confidentiality is claimed on the basis that it is protected by an IP right, in particular by copyright, the Court stressed that it is unlikely that copyright protection will apply to ‘technical or methodological solutions’ of procurement relevance (Antea Polska, C-54/21, para 82). Furthermore, ‘irrespective of whether they constitute or contain elements protected by an intellectual property right, the design of the projects planned to be carried out under the public contract and the description of the manner of performance of the relevant works or services may … have a commercial value which would be unduly undermined if that design and that description were disclosed as they stand. Their publication may, in such a case, be liable to distort competition, in particular by reducing the ability of the economic operator concerned to distinguish itself using the same design and description in future public procurement procedures’; Antea Polska (C-54/21, para 83). Again, this points to the emergence of a rebuttable presumption of commercial value and anticompetitive potential that will also be very difficult to rebut in practice.

The Court has also stressed that keeping this type of information confidential does not entirely bar disclosure. To discharge their duty to give reasons and facilitate access to remedies by disappointed tenderers, contracting authorities are under an obligation to disclose, to the extent possible, the ‘essential content’ of the protected information; Antea Polska (C-54/21, paras 80 and 84). Determining such essential content and ensuring that the relevant underlying (competing) rights are adequately protected will also pose a challenge to contracting authorities.

In sum, the Court has stressed that preserving competing interests related to the disclosure of confidential information in procurement requires the contracting authority to ‘assess whether that information has a commercial value outside the scope of the public contract in question, where its disclosure might undermine legitimate commercial concerns or fair competition. The contracting authority may, moreover, refuse to grant access to that information where, even though it does not have such commercial value, its disclosure would impede law enforcement or would be contrary to the public interest. A contracting authority must, where full access to information is refused, grant that tenderer access to the essential content of that information, so that observance of the right to an effective remedy is ensured’; Antea Polska (C-54/21, para 85). Once again, developing adequate institutional mechanisms and guidance will thus be paramount (as below).

Investing in the Way Forward

As I have argued elsewhere, and the Antea Polska Judgment has made abundantly clear, under EU procurement (and digital) law, it is simply not possible to create a system that makes all procurement data open. Conversely, the Judgment also makes clear that it is not possible to operate a system that keeps all procurement data confidential (Antea Polska, C-54/21, para 68).

Procurement data governance therefore requires the careful management of a system of multi-tiered access to different types of information at different times, by different stakeholders and under different conditions. This will require investing in data and analysis capabilities by public buyers, which can no longer treat the regulation of confidentiality in procurement as an afterthought or secondary consideration. In the data economy, public buyers need to create the required institutional mechanisms to discharge their growing data governance obligations.

Moreover, and crucially, creating adequate data governance approaches requires the development of useful guidance by the European Commission and national competition authorities, as well as procurement oversight bodies. The Court of Justice’s growing case law points to the potential emergence of (difficult to challenge) rebuttable presumptions of justified confidentiality that could easily result in high levels of procurement opacity. To promote a better balance of the competing public and private interests, a more nuanced approach needs to be supported by actionable guidance. This will be very important across all EU jurisdictions, as it is not only jurisdictions that had embraced ‘maximum transparency’ that now need to correct course—but also those that continue to lag in the disclosure of procurement information. Ensuring a level playing field in procurement data governance depends on the harmonisation of currently widely diverging practices. Procurement digitalisation thus offers an opportunity that needs to be pursued.

New CJEU case law against excessive disclosure: quid de open data? (C‑54/21, and joined C‑37/20 and C‑601/20)

In the last few days, the Court of Justice of the European Union (CJEU) has delivered two judgments imposing significant limitations on the systematic, unlimited disclosure of procurement information with commercial value, such as the identity of experts and subcontractors engaged by tenderers for public contracts; and beneficial ownership information. In imposing a nuanced approach to the disclosure of such information, the CJEU may have torpedoed ‘full transparency’ approaches to procurement and beneficial ownership open data.

Indeed, these are two classes of information at the core of current open data efforts, and they are relevant for (digital) procurement governance—in particular in relation to the prevention of corruption and collusion, which automated screening requires establishing relationships and assessing patterns of interaction reliant on such data [for discussion, see A Sanchez-Graells, ‘Procurement Corruption and Artificial Intelligence: Between the Potential of Enabling Data Architectures and the Constraints of Due Process Requirements’ in S Williams & J Tillipman (eds), Routledge Handbook of Public Procurement Corruption (forthcoming)]. The judgments can thus have important implications.

In Antea Polska, the CJEU held that EU procurement rules prevent national legislation mandating all information sent by the tenderers to the contracting authorities to be published in its entirety or communicated to the other tenderers, with the sole exception of trade secrets. The CJEU reiterated that the scope of non-disclosable information is much broader and requires a case-by-case analysis by the contracting authority, in particular with a view to avoiding the release of information that could be used to distort competition. Disclosure of information needs to strike an adequate balance between meeting good administration duties to enable the right to the effective review of procurement decisions, on the one hand, and the protection of information with commercial value or with potential competition implications, on the other.

In a related fashion, in Luxembourg Business Registers, the CJEU declared invalid the provision of the Anti-Money Laundering Directive whereby Member States had to ensure that the information on the beneficial ownership of corporate and other legal entities incorporated within their territory was accessible in all cases to any member of the general public—without the need to demonstrate having a legitimate interest in accessing it. The CJEU considered that the disclosure of the information to undefined members of the public created an excessive interference with the fundamental rights to respect for private life and to the protection of personal data.

In this blog post, I analyse these two cases and reflect on their implications for the management of (big) open data for procurement governance purposes, in particular from an anti-corruption perspective and in relation to the EU law data governance obligations incumbent on public buyers.

There is more than trade secrets to procurement confidentiality

In Antea Polska and Others (C-54/21, EU:C:2022:888), among other questions, the CJEU was asked whether Directive 2014/24/EU precludes national legislation on public procurement which required that, with the sole exception of trade secrets, information sent by the tenderers to the contracting authorities be published in its entirety or communicated to the other tenderers, and a practice on the part of contracting authorities whereby requests for confidential treatment in respect of trade secrets were accepted as a matter of course.

I will concentrate on the first part of the question on full transparency solely constrained by trade secrets—and leave the ‘countervailing’ practice aside for now (though it deserves some comment because it creates a requirement for the contracting authority to assess the commercial value of procurement information in the wider context of the activities of the participating economic operators, at paras 69-85). I will also not deal with the discrepancy between the concept of ‘trade secret’ under the Trade Secrets Directive and the concept of ‘confidential information’ in Directive 2014/24 (which the CJEU clarifies, again, at paras 51-55).

The issue of full transparency of procurement information subject only to trade secret protection raises an interesting question because it concerns the compatibility with EU law of a maximalistic approach to procurement transparency that is not peculiar to Poland (where the case originated) but shared by other Member States with a permissive tradition of access to public documents [for in-depth country-specific analyses and comparative considerations, see the contributions to K-M Halonen, R Caranta & A Sanchez-Graells, Transparency in EU Procurements. Disclosure Within Public Procurement and During Contract Execution (Edward Elgar 2019)].

The question concerns the interpretation of multiple provisions of Directive 2014/24/EU and, in particular, Art 21(1) on confidentiality and Arts 50(4) and 55(3) on the withholding of information [see my comments to Art 21 and 55 in R Caranta & A Sanchez-Graells, European Public Procurement. Commentary on Directive 2014/24/EU (Edward Elgar 2021)]. All of them are of course to be interpreted in line with the general principle of competition in Art 18(1) [see A Sanchez-Graells, Public Procurement and the EU Competition Rules (2nd edn, hart 2015) 444-445].

In addressing the question, the CJEU built on its recent judgment in Klaipėdos regiono atliekų tvarkymo centras (C‑927/19, EU:C:2021:700), and reiterated its general approach to the protection of confidential information in procurement procedures:

‘… the principal objective of the EU rules on public procurement is to ensure undistorted competition … to achieve that objective, it is important that the contracting authorities do not release information relating to public procurement procedures which could be used to distort competition, whether in an ongoing procurement procedure or in subsequent procedures. Since public procurement procedures are founded on a relationship of trust between the contracting authorities and participating economic operators, those operators must be able to communicate any relevant information to the contracting authorities in such a procedure, without fear that the authorities will communicate to third parties items of information whose disclosure could be damaging to those operators’ (C-54/21, para 49, reference omitted, emphasis added).

The CJEU linked this interpretation to the prohibition for contracting authorities to disclose information forwarded to it by economic operators which they have designated as confidential [Art 21(1) Dir 2014/24] and stressed that this had to be reconciled with the requirements of effective judicial protection and, in particular, the general principle of good administration, from which the obligation to state reasons stems because ‘in the absence of sufficient information enabling it to ascertain whether the decision of the contracting authority to award the contract is vitiated by errors or unlawfulness, an unsuccessful tenderer will not, in practice, be able to rely on its right .. to an effective review’ (C-54/21, para 50).

The Court also stressed that the Directive allows Member States to modulate the scope of the protection of confidential information in accordance with their national legislation, in particular legislation concerning access to information [Art 21(1) Dir 2014/24, C-54/21, para 56]. In that regard, however, the CJEU went on to stress that

‘… if the effectiveness of EU law is not to be undermined, the Member States, when exercising the discretion conferred on them by Article 21(1) of that directive, must refrain from introducing regimes … which undermine the balancing exercise [with the right to an effective review] or which alter the regime relating to the publicising of awarded contracts and the rules relating to information to candidates and tenderers set out in Article 50 and 55 of that directive … any regime relating to confidentiality must, as Article 21(1) of Directive 2014/24 expressly states, be without prejudice to the abovementioned regime and to those rules laid down in Articles 50 and 55 of that directive’ (C-54/21, para 58-59).

Focusing on Art 50(4) and Art 55(3) of Directive 2014/24/EU, the CJEU stressed that these provisions empower contracting authorities to withhold from general publication and from disclosure to other candidates and tenderers ‘certain information, where its release would impede law enforcement, would otherwise be contrary to the public interest or would prejudice the legitimate commercial interests of an economic operator or might prejudice fair competition’ (para 61 and, almost identically, para 60). This led the Court to the conclusion that

‘National legislation which requires publicising of any information which has been communicated to the contracting authority by all tenderers, including the successful tenderer, with the sole exception of information covered by the concept of trade secrets, is liable to prevent the contracting authority, contrary to what Articles 50(4) and 55(3) of Directive 2014/24 permit, from deciding not to disclose certain information pursuant to interests or objectives mentioned in those provisions, where that information does not fall within that concept of a trade secret.

Consequently, Article 21(1) of Directive 2014/24, read in conjunction with Articles 50 and 55 of that directive … precludes such a regime where it does not contain an adequate set of rules allowing contracting authorities, in circumstances where Articles 50 and 55 apply, exceptionally to refuse to disclose information which, while not covered by the concept of trade secrets, must remain inaccessible pursuant to an interest or objective referred to in Articles 50 and 55’ (paras 62-63).

In my view, this is the correct interpretation and an important application of the rules seeking to minimise the risk of distortions of competition due to excessive procurement transparency, on which I have been writing for a long time [see also K-M Halonen, ‘Disclosure rules in EU public procurement: balancing between competition and transparency’ (2016) 16(4) Journal of Public Procurement 528].

The Antea Polska judgment stresses the importance of developing a nuanced approach to the management, restricted disclosure and broader publication of information submitted to the contracting authority in a procurement procedure. Notably, this will create particular complications in the context of the design and rollout of procurement open data, especially in the context of the new eForms (see here, and below).

Transparency for what? Who really cares about beneficial ownership?

In Luxembourg Business Registers (joined cases C‑37/20 and C‑601/20, EU:C:2022:912, FR only—see EN press release on which I rely to avoid extensive own translations from French) the CJEU was asked to rule on the compatibility with the Charter of Fundamental Rights—and in particular Articles 7 (respect for private and family life) and 8 (protection of personal data)—of Article 30(5)(c) of the consolidated version of the Anti-Money Laundering Directive (AML Directive), which required Member States to ensure that information on the beneficial ownership of corporate and other legal entities incorporated within their territory is accessible in all cases to any member of the general public. In particular, members of the general public had to ‘be permitted to access at least the name, the month and year of birth and the country of residence and nationality of the beneficial owner as well as the nature and extent of the beneficial interest held.’

The CJEU has found that the general public’s access to information on beneficial ownership constitutes a serious interference with the fundamental rights to respect for private life and to the protection of personal data, which is exacerbated by the fact that, once those data have been made available to the general public, they can not only be freely consulted, but also retained and disseminated.

While the CJEU recognised that the AML Directive pursues an objective of general interest and that the general public’s access to information on beneficial ownership is appropriate for contributing to the attainment of that objective, the interference with individual fundamental rights is neither limited to what is strictly necessary nor proportionate to the objective pursued.

The Court paid special attention to the fact that the rules requiring unrestricted public access to the information result from a modification of the previous regime in the original AML Directive, which required, in addition to access by the competent authorities and certain entities, for access by any person or organisation capable of demonstrating a legitimate interest. The Court considered that the suppression of the requirement to demonstrate a legitimate interest in accessing the information did not generate sufficient benefits from the perspective of combating money laundering and terrorist financing to offset the significantly more serious interference with fundamental rights that open publication of the beneficial ownership data entails.

Here, the Court referred to its judgment in Vyriausioji tarnybinės etikos komisija (C‑184/20, EU:C:2022:601), where it carried out a functional comparison of the anti-corruption effects of a permissioned system of institutional access and control of relevant disclosures, versus public access to that information. The Court was clear that

‘… the publication online of the majority of the personal data contained in the declaration of private interests of any head of an establishment receiving public funds … does not meet the requirements of a proper balance. In comparison with an obligation to declare coupled with a check of the declaration’s content by the Chief Ethics Commission … such publication amounts to a considerably more serious interference with the fundamental rights guaranteed in Articles 7 and 8 of the Charter, without that increased interference being capable of being offset by any benefits which might result from publication of all those data for the purpose of preventing conflicts of interest and combating corruption’ (C-184/20, para 112).

In Luxembourg Business Registers, the CJEU also held that the optional provisions in Art 30 AML Directive that allowed Member States to make information on beneficial ownership available on condition of online registration and to provide, in exceptional circumstances, for an exemption from access to that information by the general public, were not, in themselves, capable of demonstrating either a proper balance between competing interests, or the existence of sufficient safeguards.

The implication of the Luxembourg Business Registers is that a different approach to facilitating access to beneficial ownership data is required, and that an element of case-by-case assessment (or at least of an assessment based on categories of organisations and individuals seeking access) will need to be brought back into the system. In other words, permissioned access to beneficial ownership data seems unavoidable.

Implications for open data and data governance

These recent CJEU judgments seem to me to clearly establish the general principle that unlimited transparency does not equate public interest, as there is also an interest in preserving the (relative) confidentiality of some information and data and an adequate, difficult balance needs to be struck. The interests in competition with transparency can be either individual (fundamental rights, or commercial value) or collective (avoidance of distortions of competition). Detailed and comprehensive assessment on a case-by-case basis is required.

As I advocated long ago, and recently reiterated in relation to the growing set of data governance obligations incumbent on public buyers, under EU law,

‘It is thus simply not possible to create a system that makes all procurement data open. Data governance requires the careful management of a system of multi-tiered access to different types of information at different times, by different stakeholders and under different conditions. While the need to balance procurement transparency and the protection of data subject to the rights of others and competition-sensitive data is not a new governance challenge, the digital management of this information creates heightened risks to the extent that the implementation of data management solutions is tendentially ‘open access’ (and could eg reverse presumptions of confidentiality), as well as in relation to system integrity risks (ie cybersecurity)’ (at 10, references omitted).

The CJEU judgments have (re)confirmed that unlimited ‘open access’ is not a viable strategy under EU law. It is perhaps clearer than ever that the capture, structuring, retention, and disclosure of governance-relevant procurement and related data (eg beneficial ownership) needs to be decoupled from its proactive publication. This requires a reconsideration of the open data model and, in particular, a careful assessment of the implementation of the new eForms that only just entered into force.