Save Preloader image

0%

Site Logotype Site Logotype Dark
https://optimistlegal.com/wp-content/uploads/2022/08/blog-header-bg-min-11.png

SaaS Business Blog

Expert insights into acquisitions and related issues.

Managing IP Risk in Acquisitions: Further Considerations

July 15, 2022
By Omeed Tabiei
Acquisitions
64

Last week, I posted about IP risk considerations when buying a business with significant IP considerations.

Here is a short continuation of IP related risk considerations when purchasing a business:

  1. IP: Data and data rights under agreements with customers, suppliers of target
    1. What data does the target store?
    2. How does the target store its data, e.g. customer data?
    3. What security practices do they have in place?
    4. Nature of data collected results in costly regulatory compliance obligations (e.g., GDPR, CCPA, HIPAA)
    5. Potential civil and regulatory liability from undisclosed cyber breaches or data privacy violations
    6. You as the buyer become liable for any data breaches that the target has covenanted to its customers in relation to post-acquisition.
    7. Geographic footprint (extent of operations in the EU and other jurisdictions / transfers abroad)
    8. Heavily regulated component of the target’s business (e.g., healthcare, financial services)
    9. Types of data collected or used (e.g., PCI, SSNs, highly sensitive information)
    10. Does the business model depend on practices that violate privacy and cybersecurity regulations (e.g., could the target’s business be regulated out of existence?)
  2. IP: Intertwined services.
    1. In the case of a carve-out, where the target is intertwined with, or best fit to continue receiving services from the seller’s remaining business, then a transition service agreement can be entered into.
  3. IP: Company’s reliance on data
    1. Importance of data (personal or otherwise) to the target’s business
    2. Again, where is this data stored?
    3. What employees have access to this data?
    4. Is this data secured now?
    5. Do past employees still have access to this data, and the permissions having not been changed?

These are important considerations to take into account during due diligence so as to account for these considerations as part of the deal and respective purchase agreement.

The more information you collect from the seller during due diligence, the better equipped you’ll be to get the best deal possible.

I’m curious – what’s your experience been working with deal lawyers in the past? What’s one thing you’ve loved about a lawyer you’ve worked with in the past?

Add Comment