Close
Enter your
text here

eDiscovery Daily Blog

Home » eDiscoveryDaily » Electronic Discovery » The Impact of Cybersecurity Concerns on M&A Activities is Growing: eDiscovery Trends

The Impact of Cybersecurity Concerns on M&A Activities is Growing: eDiscovery Trends

This is the second story that I’ve covered in the past several months where cybersecurity concerns impacted merger and acquisitions.  See below for more on the first one…

After Verizon Communications took a $350 million discount on its purchase of Yahoo based on the massive data breaches disclosed by the Internet company last year, it may be time for cybersecurity and data privacy lawyers to take a more active role in merger and acquisition discussions.

In Bloomberg Law (Are Cyber Lawyers Poised to Play Bigger Role in M&A?, written by Rebecca Beyer), the author notes that, in two attacks in 2013 and 2014, more than a billion Yahoo users’ personal account info was hacked.  Yes, that’s billion with a “b”.

The resulting acquisition of Yahoo by Verizon, negotiated over several months, may be the first time a merger price has been discounted because of a data breach, said Craig A. Newman, a global cybersecurity partner at Patterson Belknap Webb & Tyler in New York.  Yahoo tapped Hunton & Williams to handle the cyber issues in its amended agreement with Verizon, according to a company representative. The firm’s privacy and cybersecurity practice is led by Lisa J. Sotto, a noted expert who chairs the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee.

Sotto was quoted in the article observing: “Privacy and data security really had for years been on the back burner in M&A transactions…It’s only in the last few years that privacy and cyber security lawyers have been brought into the due diligence and document negotiation process.”

After Yahoo announced the hacks of its users’ data, many people asked whether Verizon would try to back out of the deal — or if it would be able to.

But walking away from a merger agreement is almost impossible, according to Steven Davidoff Solomon, a professor at UC Berkeley School of Law. To exit a deal, a company would need to prove that a data breach counts as a material adverse event or change as defined by so-called MAC clauses in merger agreements, he said.

Proving a material adverse event often requires battling in court over questions like whether an incident was “significant” and “durational,” said Solomon, who has written in the past that about the Yahoo/Verizon deal. He noted that it’s not at all clear whether data breaches — even of the size disclosed by Yahoo — would rise to that level.

As a result, buyers are asking their counsel to look long and hard at targets’ IT departments so they can at least be informed in advance about potential problems. According to a survey by West Monroe Partners, 80 percent of respondents said cybersecurity due diligence was highly important in reaching a deal (and 77 percent said that issue had “increased significantly” in importance in the past two years).

So, it may be a good idea to get your cyber lawyers involved in the early stages of M&A discussions.  And, make sure you’re on the same page when talking about mergers and acquisitions:o)

The first post I mentioned at the top of this post related to this merger of law firms where the lead attorney of one firm decided to merge with a larger law firm, at least in part over her concerns about cybersecurity.  Concerns about cybersecurity are not only impacting mergers, they are also causing them, at least in some instances.

So, what do you think?   Do concerns about cybersecurity and data privacy play a role in M&A discussions at your organization?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

print




WHAT CLIENTS ARE SAYING ABOUT CLOUDNINE

Great value product.

“Offers the major features we were looking for, at a fraction of pricing of other competitors.”

I used CloudNine as part of fraud investigation for email searches.

“…The tag function made it easy to flag the search results. I was impressed with the ease of use for a first-time user. The speed and ease of loading data and being able to review it immediately is a tremendous advantage over other Cloud-based platforms.”

Excellent tool with outstanding support

“CloudNine Review is excellent, it takes the best of the (market leader) review solution and leaves out all of the fiddly bits that make that product excruciating to use. Their upload and processing is automatic, and their pricing structure is the best I’ve seen.”

Great software that is easy to log on, user-friendly, has a great layout, and is easy to navigate.

“…CloudNine is great at searching documents, including tagging, and exporting. Software tailored to our business needs and streamlined the task at hand.

Discovery Production

This software is easy to use and allows us to upload and download documents as they become ready, saving us both time and money.

Stephanie Plake, Assistant to Attorney at Law Office

READY TO SEE THE SOFTWARE IN ACTION?

Request a CloudNine demo and see how easy eDiscovery can be!

REQUEST A DEMO