Impact of EU GDPR and New California Privacy Law on M&A: New Due Diligence and Other Challenges for Buyers and Sellers
Mitigating Risk With Reps and Warranties, Post-Closing Considerations
Recording of a 90-minute premium CLE webinar with Q&A
This CLE course will examine issues to consider when an M&A target company is subject to the California Consumer Privacy Act (CCPA) or the EU's General Data Privacy Regulation (GDPR), and best practices in conducting due diligence of such companies. The panel will discuss the complexities in determining if a company is subject to CCPA or GDPR, consequences if it has failed to comply with these new regulatory regimes, and how reps and warranties and insurance can be used to protect the buyer and seller.
- Overview of GDPR and CCPA - different types of M&A deals effected
- Early stage activities (sell-side perspective)
- Preparation of a business for sale
- Deal structuring
- Due diligence phase (buy-side perspective)
- Who should conduct diligence and who should respond
- Identifying key risks - specific CCPA and GDPR points to consider
- Doing the Deal
- Reps, warranties, indemnities; other data privacy provisions
- Ancillary documents (e.g. privacy notices)
- Post-deal considerations
- Managing use of data/databases post-deal / on-going controls
- Transitional services and post-deal integration activities
The panel will review these and other critical issues:
- How should a buyer or merger partner determine if a target company is (or the merged entity will be) subject to GDPR or CCPA?
- What steps should be followed in conducting due diligence on a target's data privacy and security profile?
- What representations and warranties should be included in the acquisition agreement to address data privacy and security?
- Can insurance adequately cover a violation of GDPR, CCPA and similar laws to come?
Davis Polk & Wardwell
Mr. Gesser is a partner in Davis Polk’s Litigation Department. He represents clients in a wide range of... | Read More
Mr. Gesser is a partner in Davis Polk’s Litigation Department. He represents clients in a wide range of cybersecurity issues, enforcement and investigation matters, and complex commercial litigation.Close
Scott T. Loughlin
Hogan Lovells US
When clients need innovative solutions for using and protecting valuable data assets, they turn to Mr. Loughlin. He... | Read More
When clients need innovative solutions for using and protecting valuable data assets, they turn to Mr. Loughlin. He helps clients unlock the value of data while managing cybersecurity, compliance, and third-party risks. He is known for identifying possibilities and risks others may miss.Close
Allen & Overy
Mr. Parker specializes in intellectual property, data protection and privacy, and commercial contracts. He works across... | Read More
Mr. Parker specializes in intellectual property, data protection and privacy, and commercial contracts. He works across a range of business sectors, including financial services, technology and life-sciences.Close