Managing Sensitive Data in M&A Transactions: Recent Trends, State Laws, and FTC/DOJ Enforcement
A Playbook for Managing Consumer, Location, and Health Data as Privacy Risks and Laws Continue to Evolve
Course Details
- smart_display Format
On-Demand
- signal_cellular_alt Difficulty Level
Intermediate
- work Practice Area
Commercial Law
- event Date
Wednesday, August 16, 2023
- schedule Time
1:00 p.m. ET./10:00 a.m. PT
- timer Program Length
90 minutes
-
This 90-minute webinar is eligible in most states for 1.5 CLE credits.
This CLE course will provide a holistic view of data protection aspects needed for successful M&A transactions. Increasingly, issues are being raised around risks relating to sensitive personal data, which can have a significant impact on current and future valuations and liabilities. The panel will discuss how the M&A landscape has changed and how privacy issues should be approached at various stages of the transaction in light of the evolving nature of state, federal, and international privacy laws.
An intellectual property transactions attorney, Ms. Cole also has expertise in digital transformation, data privacy, and cybersecurity strategy. She has extensive experience in a wide variety of complex technology and IP alliances and transactions. Ms. Cole’s practice also includes providing IP and data privacy and security assistance in connection with M&A, private equity and other corporate transactions. She advises clients on cybersecurity and incident response and compliance with the CCPA and GDPR. She is certified as an Information Privacy Professional (CIPP/E) by the International Association of Privacy Professionals. Ms. Cole advises clients across a wide range of industries including Technology, Media & Telecoms, Energy, Mining & Infrastructure, Healthcare & Life Sciences, and Industrials, Manufacturing & Transportation. She has deep experience in complex cross-border, IP, data-driven and digital transactions, creating bespoke agreements in novel technology fields. A recognized thought leader, Ms. Cole is a frequent author and speaker and is an adjunct Professor at Northwestern University Pritzker School of Law, where she teaches a course on information and data privacy.
Ms. Justice focuses her practice on global privacy and data protection. She provides advice to a wide range of clients on issues relating to domestic and global privacy, cross-border data transfers, behavioral advertising, and the preparation and implementation of broad-based privacy compliance. Ms. Justice also assists clients with the development of data privacy and security programs for compliance with the California Consumer Privacy Act and the California Privacy Rights Act, the EU General Data Protection Regulation, the Health Insurance Portability and Accountability Act of 1996, as well as sector-specific regulations. She also advises public and private company clients on IP, data privacy, and technology issues in acquisitions, divestitures, and strategic investments. Ms. Justice regularly counsels clients on complex domestic and global data security incidents, including investigations of potential compromise, determining federal and state and global breach notification requirements, as well as response to related inquiries from government agencies and other parties.
Consumer, health, and location data has become valuable in the marketplace, aiding in the rise of data brokers and analytics firms that collect, share, aggregate, and analyze data for insights they can provide to businesses, investors, or others. The desirability of consumer personal information and data will only increase, particularly as technologies and AI-powered solutions offer additional methods to gain insights and value from such information. This has led to increased scrutiny regarding the use of such sensitive data in the context of M&A deals.
In the M&A context, buyers often assume the liabilities of an acquired company, including past and future noncompliance with data protection laws. It can be challenging to balance "not changing" what made the target attractive in the first place with the risks to the buyer of integrating new people, products, and processes that may still be maturing on the data protection front.
As companies continue to acquire businesses that collect sensitive information, they will need to ensure there are adequate contractual restrictions in place to comply with the developing privacy laws and regulations that could alter the value and usefulness of such data. This will likely mean that privacy policies, terms of service, or even broad user agreements covering all company services, now and in the future, may need to be altered or restated to clarify how, when, and in what types of situations companies can use personal consumer data.
Listen as our authoritative panel discusses the privacy and data protection compliance pain points across the lifecycle of an M&A transaction. They will also outline strategies to address challenges such as data integration, notices, marketing, and state, federal and global compliance.
- Identifying the privacy-related risks in an M&A deal
- Current laws, regulations, and trends with respect to data protection and privacy
- Key issues to look for during the due diligence process
- Addressing privacy-related/data protection risks during negotiations
- Allocating privacy risks when drafting transaction documents
- Representations and warranties
- Indemnity provisions
- Insurance
- Other contractual measures that can be used to mitigate privacy risks
- Ensuring a successful privacy-related integration project after closing
The panel will review these and other key issues:
- What data protection risks may affect M&A transactions and how?
- What are common privacy-related/data protection issues that arise during the due diligence phase and how best to address them?
- What transaction documents, terms, or clauses are needed to protect both the buyer and seller?
- How to approach post-closing integration projects
Related Courses
Management Incentive Equity in Private M&A: Equity Arrangements, Vesting, Transferability, Tax Considerations
Wednesday, April 2, 2025
1:00 PM E.T.