Consumer, health, and location data has become valuable in the marketplace, aiding in the rise of data brokers and analytics firms that collect, share, aggregate, and analyze data for insights they can provide to businesses, investors, or others. The desirability of consumer personal information and data will only increase, particularly as technologies and AI-powered solutions offer additional methods to gain insights and value from such information. This has led to increased scrutiny regarding the use of such sensitive data in the context of M&A deals.
In the M&A context, buyers often assume the liabilities of an acquired company, including past and future noncompliance with data protection laws. It can be challenging to balance "not changing" what made the target attractive in the first place with the risks to the buyer of integrating new people, products, and processes that may still be maturing on the data protection front.
As companies continue to acquire businesses that collect sensitive information, they will need to ensure there are adequate contractual restrictions in place to comply with the developing privacy laws and regulations that could alter the value and usefulness of such data. This will likely mean that privacy policies, terms of service, or even broad user agreements covering all company services, now and in the future, may need to be altered or restated to clarify how, when, and in what types of situations companies can use personal consumer data.
Listen as our authoritative panel discusses the privacy and data protection compliance pain points across the lifecycle of an M&A transaction. They will also outline strategies to address challenges such as data integration, notices, marketing, and state, federal and global compliance.
