We’ve recently published guidance for in-house lawyers tackling data law issues on M&A and other deals. It covers: how to do due diligence on a data-rich target; how to ensure you acquire all rights to the data; what warranty protection to seek; and data integration issues (among other things).

Data law arises on almost all deals, but it’s become more important recently because:

  • more businesses are looking to acquire valuable data sets;
  • data laws around the world are proliferating;
  • fines for breaches of those laws are increasing – most notably under the EU general data protection regulation; and
  • the frequency, scale and cost of cyber-security breaches are increasing.

It’s important to flag up any data issues early on in a deal, as they can affect the price, or even be a deal-breaker. (Verizon shaved $350m off its offer for Yahoo! when two historic cyber attacks were revealed mid-transaction.)

Our guidance on ‘Data-driven M&A’ is attached below. It’s part of the GDR Insight Handbook 2020, which is available here.