Our panel at Doing Business Globally in Dallas today discussed how to maximize tech and data in cross-border M&A deals. Panelists included Baker McKenzie lawyers Roger Bivans, Carole Spink and Lindsay Martin.
The group’s discussion covered the key data-related considerations in Valuation, Due Diligence, Drafting and Negotiating, and Closing and Integration.
“How do you put a number on data privacy issues?” asked moderator and Baker McKenzie Partner Roger Bivans.
To assess the value, companies should determine the kind of data that may transfer as part of the transaction, and what the consequences would be if the data cannot be used. Also, businesses should consider cost and reputational risk of data security.
“This is the time to get your arms around the who, what, when, where and why,” said Baker McKenzie associate Lindsay Martin.
To assess a deal from the perspective of data protection, data privacy, and IT considerations, companies are encouraged to consider 1) data to be transferred in the deal; 2) jurisdictions at issue and applicable laws where possible; and 3) how to obtain factual information about IT resources, data security, data needs and compliance.
Drafting & Negotiating
During the pre-close time, the sharing of personal data between the parties may require a data transfer agreement.
Parties may also limit data sharing by, for example, redacting personal data, providing only general or high level information or allowing only limited individuals at the acquiring company to view the data.
“Getting the information can be challenging,” said Baker McKenzie partner Carole Spink.
Closing & Integration
Two main data areas to consider during closing are related to Human Resources and Customer information.
For HR data, companies should determine:
- Where works council consultations or other discussions with employees should occur.
- What notices of policies employees should receive post-close
- Whether amendments to employment agreements are required
For Customer/Third Party Data, companies should determine:
- What communications, if any, are required to consumers, customers, business
partners, vendors, suppliers and other third parties
- Whether privacy terms in contracts should be negotiated.