We’ve recently published guidance for in-house lawyers tackling data law issues on M&A and other deals. It covers: how to do due diligence on a data-rich target; how to ensure you acquire all rights to the data; what warranty protection to seek; and data integration issues (among other things).
Data law arises on almost all deals, but it’s become more important recently because:
- more businesses are looking to acquire valuable data sets;
- data laws around the world are proliferating;
- fines for breaches of those laws are increasing – most notably under the EU general data protection regulation; and
- the frequency, scale and cost of cyber-security breaches are increasing.
It’s important to flag up any data issues early on in a deal, as they can affect the price, or even be a deal-breaker. (Verizon shaved $350m off its offer for Yahoo! when two historic cyber attacks were revealed mid-transaction.)
Our guidance on ‘Data-driven M&A’ is attached below. It’s part of the GDR Insight Handbook 2020, which is available here.