The Technology M&A Review: USA

Overview

Overall M&A activity in the first half of 2020 fell dramatically from 2019 activity levels. This fall would be precipitous by any relative measure but is steeper still because 2019 M&A activity in North America in terms of deal value was the third-highest since 2008.2 In the United States there were 2,229 deals with an announced value of US$275.3 billion, compared with 3,176 and US$999.1 billion in 2019. Of those first half deals, a healthy majority came during the first quarter of 2020 before the full weight of covid-19 landed and slipped the market into its noose.

When looking at sector performance, technology, media and telecom (TMT) accounted for 26 per cent by volume and 29 per cent by value, a fall in both metrics but much more modest than other sectors.3 Moreover, the total number of companies for sale (a measure of future M&A activity) was 852 at the end of the first half of 2020; the next closest sector in terms of sale activity was life sciences and healthcare at 419. The TMT sector accounted for roughly half of worldwide deal volume and value for the first half of 2020. As has become more and more the case since 2008, there were 4,244 deals where the value was not announced compared with roughly 2,500 with announced values. By value and number, middle market deals with a value of US$251 million to US$500 million dominated. Although complete data is not at the time of writing verified, the third quarter in technology M&A was US$205 billion from July through September, almost six times the second quarter.

The technology sector has done remarkably well4 on a comparative and absolute basis. Its giants, Apple, Facebook, Microsoft, Amazon, Netflix and Google (FAANGM), among others, have all made significant acquisitions in 2020. The private equity segment too has been quite active despite rising target valuation metrics. The virtuous golden circle involving venture funding of startup companies to be eventually sold to large strategics or private equity funds, or to go public, continues with venture funds raising ever-larger funds in the technology sector.

If anything, covid-19 has accelerated the digital, online and virtual transformation of Western society, with software and its necessary hardware infrastructure enabling a continuation of business on a scale unimaginable 20 to 30 years ago. A very large portion of these businesses and their employees, markedly in the technology sector, have been able to continue functioning relatively unscathed by working remotely and remaining connected enough to pursue and achieve their business plans. Security, cybersecurity, remote access and virtual meeting companies have flourished during the covid-19 crisis, and these changes in behaviour are likely to be lasting. As of 11 September 2020, FAANGM accounted for 25.4 per cent of S&P 500's market capitalisation.5

It is not surprising that the telecom and media prongs of the TMT sector have also fared relatively well in 2020. A large portion of the digital world travels through telecom pipes and networks, and while the elixir of the melding of technology and content has never concluded its convergence into a separate business category, digital content streaming and content providers have all had an uptick as people get relief and entertainment at home, perhaps binge-watching while working remotely.

Although technology has its own vulnerabilities in terms of high valuations, security, governmental regulation and luddite-type attacks, as has been the case since the 1920s, it will continue to take on a larger share of GDP, transform society and be subject to physical and political attack given its predominant role in Western society,

Given its economic and social importance, the technology sector attracts political, activist and regulatory attention. In large part, the areas of interest or attack involve:

  1. relative size;
  2. privacy;
  3. importance of technology to the host country; and, related but separable from (b);
  4. cybersecurity (both from an offensive and defensive perspective).

The relative size area involves an age-old argument that large Company X either stifles competition or, less analytically, is too big. On the political side, this generally involves Congressional hearings where the main theme is, in effect, Facebook, Google, take your pick, is 'just too big – let's break them up'. This is akin to earlier arguments in the 1980s about breaking up AT&T, to those in the 1990s about breaking up Microsoft, to today's desire to break up Facebook. It is a particularly American habit to reflexively want to break up success stories.6

A second area of sector vulnerability on the political and social side has to do with the vast amount of pure data collected and stored in, and easily retrievable from,7 the cloud's exponential repository of structured and unstructured information. In the United States (see Section X) there are 50 separate privacy regimes as well as federal privacy controls. In a paper world, in order to have a data breach, a James Bond-type character had to steal a paper, or better yet (from the spy's perspective) copy it with a tiny camera hidden in a pen. Today, users of technology voluntarily share, publicise and give away vast amounts of information and expect it to remain private! The technology sector must navigate the maze of collecting the data it does, inform its users of its policies and at some level tell and assure users that 'their' data is safe. Given the inherent value of some of that information, this is impossible to achieve. Technology companies are always on the defence side of cybersecurity because, in effect, they have a treasure that others cherish, and invading the cloud does not generally involve taking or ruining someone's physical territory or assets.8 While this is why security software and cybersecurity companies are doing well, it does not mean that a shift to the defender will occur. Acting offensively has its own risks.9

In the summer of 2018, the United States' version of foreign investment control, the Committee on Foreign Investment in the United States (CFIUS), was updated and enhanced by the US foreign investment law, Foreign Investment Risk Review Modernization Act (FIRRMA).10 These updates gave the government a more pre-emptory review of acquisitions by foreign-controlled entities of critical industries, among those a wide swath of technology companies as well as those including critical infrastructure companies.11 Covid-19 has increased this protective trend, as has xenophobia, and given the wide discretion and black-box nature of the CFIUS review process, the US President and his or her administration has amplified authority to potentially block any sensitive foreign acquisition. These changes to the law, the Trump administration's tussle with China, covid-19 and uncertainty involving the interpretive scope of the implementing regulations12 virtually currently preclude a Chinese acquisition of a US company. Even European deals involving US targets fell over 50 per cent in the first half of 2020.

It is unlikely that this governmental focus on foreign investment involving control or indicia of control or influence will diminish in the near term. Fear usually means retrenchment.13 In addition, the very interconnectedness of the pre-covid-19 supply chain, manufacturing structure and just-in-time delivery has come under real question insofar as it relates to elusive critical components and industries. The United States as well as many other nations will rethink their supply chains and reliance on foreign sources, whether it be for ventilators, drug supply, pharmaceuticals or componentry. This will result in pure economic redundancy and somewhat slacken sales of the supply chain software business whose premise is eliminating redundancy.

Year in review

Consistent with the general decline in M&A activity, there were notably fewer mega deals in the first half of 2020. The largest, Xerox's aborted attempt to acquire HP, was withdrawn after the severity of covid-19 became fixed. In the technology sector, software acquisitions continue to dominate the mix with roughly 437 announced transactions with 56 per cent of technology deal volume.14 Covid-19 shifted value to online enterprise, software as a service, cloud and subscription-based models, and these sectors remained active and generally with higher valuations (see, e.g., Koch Equity's purchase of Infor, Intuit's acquisition of Credit Karma, and BMC Software's acquisition of Compuware). Security and identity protection and management benefited immensely from the covid-forced shift to remote work from home (see, e.g., Francisco Partners' acquisition of Logmein). IT services, streaming, social media and e-commerce also remained active, while transactions in the semiconductor space and hardware virtually came to a halt. The initial public offering window slammed 'open' in the technology sector as investors looked to benefit from increased relative demand for the sector and for fast-growing companies.

As mentioned below, Advent's February-announced acquisition of Forescout Technologies Inc almost came to a court ruling on the propriety of Advent's invocation of a material adverse effect (MAE) clause based on covid-19's effect on Forescout's business. While practitioners can argue whether Advent would have prevailed in its case, all agree that invoking a MAE clause is quite difficult in Delaware.15 What was somewhat novel about the Forescout dispute is that Advent invoked the MAE clause late in the deal's tenure and very close to the drop-dead date16 and, more importantly, the date at which the buyer's debt providers could terminate their obligation to lend.17 Given the proximity of Advent's action to the debt commitment letters' expiration, it appeared that Forescout could not force specific performance of Advent's obligations, and at best would get a reverse termination fee. Forescout eventually reached a lower revised deal with Advent. As a result of this exploitation of debt commitment timing, some sellers are demanding debt commitment letters that have a longer expiration than the anticipated closing date.

Legal and regulatory framework

In the United States, federal law is overlaid on the laws of each of the 50 states, so in any given transaction all 50 state laws could be relevant as well as federal law. The M&A market is further divided between companies that are publicly listed on the NYSE, Nasdaq or over-the-counter market,18 and those that are private.19 Though somewhat of a simplification, private companies are not generally subject to the bulk of US securities laws, which are the 1933 Securities Act (33 Act) and the 1934 Securities Exchange Act (34 Act). Both public and private companies are subject to the laws of their state of incorporation.

The vast majority of sizeable companies, both public and private, are incorporated in the state of Delaware.20 Delaware has developed a quite flexible and accommodating corporations code, and a very efficient and commercial court, known as the Chancery Court, that can hear and decide complicated business disputes in a timely manner. Over the past four decades Delaware has promulgated a number of decisions that set forth the principles that govern a company's and its board of directors' actions in the context of an acquisition.21

Although almost four decades old, the seminal Delaware case in the M&A context is Smith v. Van Gorkom.22 The basic holding in Van Gorkom is that the board of directors of a selling corporation is entitled to the protections of the business judgement rule absent gross negligence on the part of the board (known as a breach of the duty of care) or a breach of the duty of loyalty. The business judgement rule is actually a presumption that a plaintiff must overcome to make its case. To satisfy its duty of care, the board must show that it was reasonably informed of relevant facts, essentially a process check that functionally requires creating a record of factual awareness and discussion. The duty of loyalty focuses more on the absence of conflicts of interests by the selling company's directors. There are various sub-lines (a la Chess) of cases putting extra glosses on this general rule in the context of hostile transactions, defensive actions and interested party transactions, but the general rule of Van Gorkom is the starting layer of analysis.23 Unlike many other jurisdictions, the Delaware Code allows 51 per cent of the shareholders to generally decide the outcome of votes on an acquisition. There is an active plaintiff's bar in Delaware and other states that effectively polices compliance with the Delaware standards.

In transactions where the buyer is issuing securities to the shareholders of the seller, the 34 Act requires that a proxy statement be given to the shareholders of the selling company. The proxy rules generally require an extensive description of the transaction (including a detailed description of the board process followed in reaching the decision to sell). In general, the time frame to comply with these rules and to have a stockholders' meeting is three to four months. In friendly (non-contested) transactions involving public companies where a stock issuance is not exempt from the 33 Act, mergers are usually the chosen means of acquisition. It is also possible to do a public tender offer directly to the shareholders of the target, and this method is almost always used in hostile transactions. The 34 Act has a separate section of rules that apply to tender offerors that generally mirror the information required in a proxy statement.24 There is a slight potential timing advantage to a tender offer over a merger, but its main appeal is that it is an offer directly to the shareholders. These 33 Act, 34 Act and Delaware governance rules apply equally to technology and non-technology companies.

Under US federal law any business combination above a certain size cannot be closed until a filing is made by both the buyer and seller under the Hart-Scott-Rodino Antitrust Act (HSR).25 This filing is then reviewed by either the Department of Justice (DOJ) or the Federal Trade Commission (FTC) who can either functionally approve a combination by letting the 30-day waiting period lapse or granting early termination of that 30-day period, or make a second request for additional information or challenge the transaction in court or before an administrative judge. As a general matter, the standards used by the US antitrust authorities focus on the impact of a transaction on consumers, whereas the European Union and other countries add weight to competition (effects on competitors) as such. Given the worldwide proliferation of home regime antitrust laws and the presence of technology companies in many jurisdictions, a key portion of any technology acquisition agreement is what jurisdictions to condition a deal's closing on obtaining. The accepted current custom is to specify a list of antitrust regimes that will act as closing conditions, and the buyer takes the risk of non-approval elsewhere.

The US antitrust regulatory authorities have staff acquainted with each technology sub-sector, and generally understand innovation markets and competitive dynamics. Generally, in technology acquisitions absent a competitive product or service overlap that would tend to influence price or eliminate a substitute product, or where a dominant market player with a core technology is exercising market control and buying a competitor, the authorities will not apply extra scrutiny to a technology transaction just because the parties are technology companies. In a transaction with no competitive issues, HSR approval will generally be obtained within 30 days of filing. If the transaction is challenged, the authorities can make a second request or challenge the transaction in court, or both. Complying with either can add six months to more than a year to closing, which is usually too much time for either technology company to wait.26

In the summer of 2018 Congress passed amendments to FIRRMA, which amended what M&A practitioners still refer to as CFIUS.27 Although pre-dating covid-19, the changes made by FIRRMA put a heightened focus on the technology sector by giving broad definitions of what are, in effect, critical or emerging technologies. In addition, FIRRMA has made changes to the pre-existing CFIUS regime by making some transactions mandatorily subject to a filing, and has also included non-control transactions (e.g., minority investments) subject to restrictions and filings. The changes also touch upon the structure of private equity firms, requiring an analysis of the level of potential influence by foreign investors, and look-throughs to the composition of a fund's ownership structure to essentially validate that the fund is absolutely controlled by US citizens. Since the adoption of FIRRMA, and especially since covid-19, many countries have amended their foreign investment laws in a similar vein, and almost all sweep a potentially large portion of technology companies within their orbit. Especially, then, for technology companies, understanding the risks of CFIUS or other foreign company reviews and allocating that risk is a critical component of the M&A deal.28,29

Finally, absent the myriad of other potential state and federal laws,30 the basic underlying acquisition contract will be governed by state law. When indemnification is available, the remedies for breach of warranty, what constitutes a material adverse change, what level of effort must a party use to satisfy a covenant, etc., are all questions of state law generally. Most US state laws are a mixture of statute and common law, and they can differ in applicable standards. For example, the Delaware and New York treatment of sandbagging differ materially,31 which can be outcome-determinative. Transactions involving public companies generally have no indemnities, while private company deals vary from absolute indemnities to none.

Key transactional issues

i Company structures

Most publicly listed companies will be corporations, although some in the real estate industry may be structured as master limited partnerships (LPs). In the private M&A market most sellers and buyers will be corporations, but in this market more limited liability companies (LLCs) and LPs are seen. The primary difference between a corporate structure and a limited liability structure or LP structure is tax. LPs and LLCs are not taxed on income for federal and most state laws – they are pass-through entities with no entity level income tax. Corporations are taxed on income at the entity level. On the corporate, LLC and LP entity level, all three forms are fairly flexible in their use. Subject to any mandatory provisions imposed by the state of formation, these entities can provide for different classes of stock or equity interest in whatever manner, terms or priority as is desired by the parties. In the United States, then, the choice of entity is usually tax-driven, and not driven by the relative flexibility of a particular form of entity. For a publicly traded entity, subject to special industry issues, such as in real estate or oil and gas or energy, owners prefer a corporate structure because they do not have to be concerned about current income or loss associated with a security (which would be the case in a pass-through entity), but only the gain or loss from the sale of the security.32,33

ii Deal structures

Ignoring joint ventures, there are only four structures that are used to transact M&A: a merger; a stock purchase; in the public setting, tender offers; and asset sales.

Mergers

In public company acquisitions, the predominant form used is a statutory merger. In a transaction where the buyer is purchasing the seller company for cash, the predominant structure would be what is known as a reverse triangular merger. What this means is the buyer creates a new corporation (Newco), which then merges with and into the seller corporation. The end result is the seller company becomes a wholly-owned subsidiary of the buyer.34,35 Under Delaware law all that is required to approve a merger is a vote of 50.1 per cent or more of the outstanding shares, and all stockholders are then cashed out at the deal price subject to a right to demand appraisal. It is possible to do direct mergers (of seller into buyer) or forward triangular mergers (seller into Newco), but these are rare and, if done, are always done for tax reasons.36 In the private setting where the seller is a corporation, a reverse triangular merger will also usually be the choice of structure.

Stock purchase agreement

In the private setting, stock purchase agreements will sometimes be used in lieu of a merger, especially if the number of sellers is limited. A stock purchase agreement is a contract between the buyer and each of the owners of the target company. Obviously, in a situation where one enterprise owns a subsidiary it wishes to sell or carve out, a stock purchase would be chosen because there is only one seller shareholder. Similarly, in tightly held or venture-type companies, it may be possible through the compressed ownership to have all stockholders sign the stock purchase agreement. Often, however, the selling company has grown (whether through option exercise or other issuances of shares) and has a diverse and large number of equityholders, even if only a few own the majority of shares. In this situation, particular stress is put on the drag-along provisions in either the organisational documents or shareholders' agreement.37 Primarily for this reason, because mergers only require 50.1 per cent approval, a merger will usually be the preferred structure.

Tender offer

A tender offer is really just an offer to the public stock holders to enter into, in effect, a share purchase agreement. In the United States tender offers are typically used in hostile transactions (see Xerox, HP). This is because a tender offer is technically an offer by the buyer to each of the equityholders of the target corporation. Unlike a merger, a tender offer need not be statutorily approved by the board of the target, although the target board has ample defensive weapons at its disposal.38 The other situation where a tender offer might be seen is where there is a competitive situation, and the 'high' bidder in the auction perceives a timing advantage to using the tender offer, whether for regulatory reasons or otherwise.

Asset sales

Asset sales happen a fair amount in the technology space. Large technology buyers will often buy the intellectual property (IP) assets of smaller or failing businesses. Asset sales are also not unusual in a bankruptcy or dissolution setting. The other primary context where an asset sale might be seen is where the seller corporation is selling a business entity at a loss to what it bought it for or has enough tax attributes to offset any tax gain. Recall that corporations incur an entity level tax when they sell an asset, so any disposition of asset sales proceeds to the selling entities' shareholders would be taxed again.

iii Sale process structures

Any proposed technology company sale will involve a seller banker running a well-known process, although larger sellers may run the process directly. As the market for technology companies has evolved over the past 20 years, it has become extremely efficient. There are very few proprietary deals, and sellers and buyers are heavily covered by investment bankers of all brackets, as well as, inter alia, private equity specialists and venture capital. It is a very efficient market.

The typical process will start with a 'teaser' and outreach by a banker to a wide list of potential buyers. Any interested buyer then must sign a non-disclosure agreement if it wishes to participate in the auction. In a normal auction process, the interested parties will be invited to submit a first round bid, indicating proposed value, management equity and deal certainty terms. After this, the herd of potential bidders will be culled, and there may be a round two, or open data room, with the goal of choosing a finalist. Recently (in the past five years), a number of technology bidders have chosen to try to pre-empt the process timing and put bids in early in the process with a 'time fuse',39 and have succeeded in pre-empting the auction, gaining exclusivity and winning.

In the technology sector, players seem to all beware of each other, but can have drastically different views as to value that are generally not driven by synergies of combination. In this sense, sell-side bankers play a large role in gauging each potential bidder's appetite and ability to pay. Under Delaware law, at least in public transactions, bankers play an important process role on the sell side, as Smith v. Van Gorkom and its numerous progeny essentially dictate a fairness opinion by the sell-side banker. This fairness opinion has been the subject of intensive forensic dissection.40 Unlike the era before 2001, accountants rarely disagree on the base treatment of a transaction, but they play a large role in how the buyer's equity structure will be built, as, for example, in a private equity purchase. The seller and buyer's lawyers play a large part in the process, both by being able to engage with multiple bidders, dealing with seller counsel and, primarily in a public setting, understanding how the sale process will be viewed by the courts if challenged.

iv Acquisition agreement terms

Acquisition terms differ markedly between transactions involving publicity listed companies and those private companies being acquired by a public company.

Public transactions

Transactions between public companies can be for all stock of the buyer, a mix of stock and cash or cash only.41 In a merger between two public companies, the representations and warranties will roughly be symmetrical, although if the buyer is substantially larger than the target, the buyer will likely give only basic representations. Typically, both sides' representations and warrantees will be qualified by a MAE clause.42

The US-style MAE clause is typically structured to exclude any external financial market effect, acts of God, effects related to the announcement or pendency of the transaction, or any other event, save one that materially and adversely affects the business or financial performance of the target or the giver of the representation. The MAE clause is admittedly circular, and a recognised 'punt' by the parties to deal with an issue later if need be. Some agreements will be more specific in defining a MAE by stipulating that, for example, unknown liabilities in excess of US$XX million would constitute a MAE, but this type of provision is rare even in private deals, and rarer still in public transactions. Case law has put a gloss on the interpretation of the MAE clause beginning with the Tyson case layering on the interpretive side that an adverse effect needs to be durationally significant in addition to being material in the short term. Only one Delaware decision has found in favour of a buyer invoking a MAE clause to terminate a transaction.43 Because the representations and warranties in a public deal are MAE-qualified, they are stylised to a great degree, and the real action, as it were, is in making sure that the accompanying disclosure schedule (which is not made public) adequately discloses any risk that could give rise to a MAE.

Pre-closing covenants typically address primarily:

  1. any operating constraints between signing and closing;
  2. the level of effort needed to obtain regulatory approval;
  3. no-shop and go-shop provisions;
  4. a general effort level to get the deal done;
  5. any remedial actions required; and
  6. employee treatment.

Operating constraints referred to in (a) do not differ materially between technology and non-technology deals, though sometimes one would see restrictions on exclusive licensing on the extension of subscription periods – in general, these require each party to continue to operate in the ordinary course of business the level of efforts required to obtain regulatory approval and generally go to antitrust and CFIUS approvals.44 The level of efforts required can range from best efforts to commercially reasonable to reasonable.45 In any technology deal with a real risk (i.e., a foreign-controlled buyer), the standard would be effectively a best efforts clause accompanied by a meaningful reverse break-up fee if approval was not obtained. On the antitrust side, there is no real difference in approval versus non-technology deals; the parties will negotiate the relevant standard, which may include best efforts, hell or high water, a disposition or sale threshold or litigation covenant, together with a reverse termination antitrust fee.46 If anything, technology counterparties have anecdotally been more willing to litigate with the government in those deals involving a large cap buyer, otherwise they tend to be terminable if the government puts up meaningful resistance (either by contract or by setting the outside date 'short' so as to not allow a meaningful fight).

Under Delaware case law, the target board in a public transaction will have a fiduciary out that allows it to change its recommendation of the transaction or to accept a higher offer from a third party , or both. The general flow of these provisions is essentially the same among all public deals whether involving technology, oil and gas or services. In effect, if the target board reasonably concludes that its fiduciary duties require it to do so, it can generally respond to incoming proposals and, if it finds a third party proposal superior to the existing deal, terminate that deal and enter into the new deal, so long as it pays the termination fee.47

Where technology transactions sometimes differ from non-technology public company transactions is the treatment of equity incentive awards. Often a technology company will have a bewildering array of incentive equity, ranging from options, restricted stock units, phantom equity, long-term incentive plans that are tied to stock performance over some period of time, and other exotic forms of equity-based compensation triggered to, inter alia, the target stock price, returns on equity and multiples of capital thresholds. Each one of these often has a different tax treatment, must be dealt with in the acquisition agreement and often have formulas that, kindly put, may have been understood when implemented, but the passing of time has obscured how the particular incentive plan or unit is actually supposed to work. Because technology companies historically have a larger proportion of the capital structure in incentive equity than at base industrial companies, the complexities of dealing correctly with these securities in the acquisition agreement can be real.48

Although theoretically possible, no public company acquisition agreements between public companies have any indemnity agreements: essentially, the representations and warranties serve only as closing conditions, and then with the MAE overlay. It is possible to layer in an earnout structure, but this has traditionally only been done in the biotech and pharma area.49

Private transactions

Transactions between private companies, or with a public company as a buyer of a private company, differ materially from public to public transactions.

Indemnity

Private transactions can mirror public transactions in having no indemnification, a public-style deal, but most will have some degree of indemnification. The areas of focus tend to be around ownership and infringement of IP, taxes, export and import control, security and privacy. IP indemnities can last for a limited time, or up to the statute of limitations. Often this will have to do with issues related to ownership of the underlying technology, use of open-source software, whether employees have properly assigned inventions and whether that assignment works under local law.50

Also often seen are indemnities for pre-closing taxes, primary income or sales taxes, or related to the onshore or offshore structure of the ownership of the underlying IP. The proper accounting, for example, for multi-year software customer deals can affect both tax and generally accepted accounting principles (GAAP) accounting. Complicated licensing structures and transfer pricing arrangements are common in the technology sector and can be called into question by any number of national and international authorities. In the US, with its 50 sovereign states, the determination of whether an IP license, subscription or commercial arrangement gives rise to a sales tax in one or more states vexes.

US law restricts the export of certain types of technologies, ranging from certain blanket permitted types, types with restrictions (usually by prohibition to the 'exported to' country) or not permitted at all. The law is dynamic and complicated, and one will often find that a young technology company has not complied, perhaps, in all respects. Because the fines for non-compliance can be severe and press coverage adverse, technology buyers, particularly strategic buyers, have an intense focus on export and import issues.

In deals involving software companies, there will always be a question of whether the target company has complied with the open-source rules. Any sophisticated buyer will have done or have as a condition compliance with open-source requirements of use, and often a condition of remediation. This is also often accompanied by some type of post-closing indemnity.

Fiduciary outs

Although there are exceptions, the fiduciary outs that are ubiquitous in public company deals are virtually non-existent in private technology deals. This is so because following the Omnicare case, almost all private deals are structured such that the requisite number of stockholders (those having the required voting power) approve the transaction immediately after the agreement is signed.51 Under Delaware law, the board's fiduciary obligation to keep open the possibility of a better deal ends when the stockholders have approved the deal.52,53,54

IP

The IP reps (as to ownership, infringement, licensing, etc.) are highly negotiated in private deals, unlike in public deals where they tend to replicate themselves, and often also serve as the basis of a separate indemnity. Here one has to deal with the issue of forthright disclosure in the disclosure schedules versus known facts and, often, the desire of the owners to sell without any disclosure, and without the possibility of an indemnity claim – two business desires that conflict. This is often the most difficult task that the general counsel of the target will have to navigate.

Employees

Often in a big buyer, small target transaction, the buyer will insist on a closing condition to the effect that a certain number of senior management be employed at closing or a certain percentage of employees agree affirmatively to be employed by the buyer, or both. These should generally be resisted by the target seller because of the obvious moral hazard issue, but often some version of this is unavoidable.

MAE

Except as is referred below under 'Private equity' or for a 'hot' technology target, historically private targets have not been able to obtain a MAE overlay on all of its representations. In the majority (by number) of private technology transactions the target will not get a MAE overlay on the technology and compliance representations, or will do so only to have that overlay be discarded for the purposes of indemnity obligations.55 Moreover, in the context of the effect of the announcement of a transaction or its effects, private technology companies succeed to a greater degree from excluding these from any materiality standard. For example, in a transaction where the buyer and seller overlap on the sale or product side, the target should never suffer a closing condition or materiality hurdle that is measured by giving effect to customers delaying purchases to see how the deal plays out on the target side.

v Financing

Almost all private deals of any size will have an implicit financing component, as most will be for cash. It is extremely rare for any US deal to be actually conditioned on financing, and even rarer in the technology sector. As most technology deals are either a 'big' buying a 'small' or involve venture or private equity, historically these deals have been, and continue to be, financed off the balance sheet, with equity or from trusted ready-debt sources eager to lend to the tech industry, at least from the mid-nineties on.

vi Private equity

Starting from almost zero in the late 1990s, private equity buyout funds (as opposed to venture funds) have become a dominant player in the technology space. Initially inventing a growth (and negative accounting earnings) leverage buyout technology model, these funds have played a large part in the maturity, sophistication and efficiency of the technology M&A industry. Starting somewhat arbitrarily from the acquisition by Silverlake of Seagate in 2000,56 these funds have multiplied, and have been successful not only because of financial management skills, but because of their core belief in the ubiquity of technology to the success of the future and its productivity. These funds, occupying the area between public buyer and private seller, and being both, by definition, buyer and seller, act independently. When selling assets between themselves, they can do public style deals; when selling to large corporate buyers, they can accommodate some of the indemnity exposure of a private seller, and when competing for a hot asset, they can eliminate or be aggressive about taking a regulatory risk or financing risk. They generally do not have the horizontal merger risk that a straight-up merger between two direct competitors have, and although their deals almost always require debt financing, it is not at the levels that were required of classic 1980s Wall Street levels.

Because of the implicit nature of some level of debt financing in the acquisition agreement with a private equity buyer, there will usually be some minimum time period before closing where the fund buyer does not have to close to enable it to market the debt portion of the purchase price: rarely will the funding be a condition without an accompanying break-up fee.57

Private equity buyers concentrate more on third-party advisers for diligence (accounting, IP investigative firms, insurance and benefit providers, etc.) so their areas of focus tend to be on earnings, cash flow and down-size closing risks. They also tend to be much more focused on executive compensation, the degree of the incentive compensation pool and structuring the incentive pool to pay out only when return targets are achieved.58,59

vii Specific performance and damages

Since the early 2000s,60 Delaware counts have granted specific performance of merger agreements. The general remedy approach in acquisition agreements involving a private equity buyer (and cash deals) has been to obtain equity and debt commitment letters that match the gross purchase price plus transaction costs and have the acquisition agreement provide that if all conditions to closing are satisfied (but for those to be satisfied at closing such as payment and other ministerial deliverables), the seller can then bring an action in Delaware to specifically enforce the acquisition agreement. In a transaction where the equity commitment does not equal the purchase price, this means that the debt providers too need to be willing to lend. For this reason, US debt commitment letters have SunGard 61 provisions that match the MAE and other provisions of the acquisition agreement. These provisions are not as airtight, some have argued, as UK-style certain funds provisions, but the match of conditions ought to be sufficient to enable the seller to specifically enforce both the equity commitments (and hence the debt commitments functionally) and thereby the acquisition agreement in those cases where the would-be buyer has had a change of mind regarding a transaction.

Of course, most buyers will assert some breach by the seller or the occurrence of a MAE, or both, to bolster its claims that it does not have to close (see, e.g., Forescout). In those circumstances, the issue of breach would be dealt with in a Delaware trial over whether the buyer's allegations were valid. Assuming the lenders were still bound by their commitment letters, or there is an equity commitment letter for the entire purchase price, then if the seller prevailed, the court would order specific performance and the deal would close.62 The uncertainties of litigation often result in the seller accepting the reverse termination fee (or some lesser negotiated amount) or, as in Forescout, a renegotiated deal.

In a situation where the buyer is willing to fund its equity commitments but the lenders wrongfully refuse to fund, then the buyer would be required to pay the reverse termination fee. The drafting of these provisions and their interplay, although in use for over 20 years in the modern form, are not works of art or examples of clarity of exposition.63

One cannot get both specific performance and a reverse termination fee, and the reverse termination fee is the cap on damages.64

All of the fiduciary duty, damages, proxy disclosure, potential conflicts between types of investors (private equity and management), specific performance availability and pace of modern transactions require a high degree of familiarly with Delaware law and, in turn, have forced Delaware law to evolve. The past half decade has seen a shift in Delaware jurisprudence with likely far-reaching consequences.65 With this shift, the Delaware courts have placed protective signposts that offer companies, directors, stockholders and acquirers greater certainty. The Delaware courts have laid the groundwork for this certainty path to through two critical developments: greater judicial deference to deals where agency concerns have been mitigated; and further embracing the freedom to contract.

Greater judicial deference in stockholder litigation

The most significant development in Delaware law is the courts' concerted effort to give greater deference to transactions negotiated at arm's-length, provided that appropriate procedural safeguards are employed that militate against agency risks. These safeguards have a common core of good governance: director independence, disclosure and process. Whether public or private, transactions that comport with these principles can be confident that a heavily negotiated transaction will not be subject to years of litigation expense and distraction.

Restoring the business judgement rule to public company sales

Delaware law unequivocally states that the business and affairs of a corporation are managed by the board of directors, not the stockholders.66 Delaware law gives great deference to the decisions of independent directors.

Most US transactional lawyers are facially familiar with the Revlon duties: when a public company is put up for a sale that would lead to a change in control, the directors are to obtain the best price reasonably available for stockholders.67 While these Revlon duties do not change the fundamental duties of care and loyalty in the business judgement rule, they have impacted how Delaware courts reviewed an all-cash transaction resulting in a change in control. Instead of the deferential business judgement rule, whereby directors are presumed to act with due care and in the best interests of the corporation, Revlon arguably (but incorrectly in our view) required directors to prove they satisfied a duty to maximise stockholder value.68

The Revlon framework posed its own challenges. By inviting a court to enquire into the director decision process, Revlon deviated from Delaware's foundational principle of director primacy. And because directors were essentially required to prove they satisfied their duties, Revlon could make it difficult to obtain a pleading stage dismissal. The Delaware Supreme Court addressed this problem in Corwin v. KKR Financial Holdings, LLC.69

Corwin restores the business judgement rule for many transactions. First, Corwin generally applies outside of conflicted transactions with controlling stockholders.70 Second, Corwin provides that the informed and uncoerced vote of a majority of disinterested stockholders will restore the protection of the business judgement rule, protecting the directors' approval of the transaction from judicial review.71 Thus, unless a stockholder alleges at the pleading stage a material omission or misstatement in the relevant proxy materials or offering documents, Corwin requires the dismissal of a complaint.72

Corwin's effect has been significant. Corwin fully restores the pleading stage protection of the business judgement rule for mergers negotiated at arm's-length between disinterested boards. It also goes a step further. Even if a transaction is approved by interested directors (and without a controlling stockholder), Corwin extends business judgement rule protection upon the disclosure of the purported conflicts, which are often technically present in many technology deals because of tiered capital structures or cross-ownership or dual customer provider relationships.73

A path to deference for controlling stockholder transactions

For many years, controlling stockholder transactions presented a unique challenge. The reason is simple. A controlling stockholder standing on both sides of an interested transaction creates an ever-present spectre of undue influence over the process.74 Delaware courts have historically reviewed controlling stockholder transactions pursuant to the entire fairness rule, requiring directors to prove the fairness of both the process and the price of a transaction.75 However, because fairness is a fact-intensive question, these cases would not be subject to dismissal at the pleading stage and would require courts to engage in after-the-fact judicial second guessing – a task Delaware judges were reluctant to perform.76

In 2014, the Delaware Supreme Court stepped in to address this problem. In Kahn v. M&F Worldwide Corp (MFW), the Delaware Supreme Court established a process whereby, before any substantive economic negotiations take place, the transaction parties can agree that the transaction will be pre-conditioned on the uncoerced approval by an independent special committee of the board and a majority of the disinterested stockholders.77 Doing so would replicate the benefits of arm's-length negotiations and could subject any lawsuit challenging the transaction to dismissal pursuant to the business judgement rule.78 Since it was decided, Delaware courts have frequently addressed MFW's requirements and continue to offer guidance, including for non-merger transactions.79

While its requirements are rigorous, a conservative application of MFW should be considered going forward, particularly where corporations may have stockholders who, while not holding a majority of shares, have sufficient power to exercise actual control over the organisation. The certainty offered by MFW – an early dismissal avoiding the cost of further litigation – should be too compelling to ignore.80

De facto deference to transaction price in appraisal

Delaware law has a third layer of certainty for mergers, this time in appraisal actions. Appraisal litigation creates the same problems previously posed by Revlon and controlling stockholder transactions: a properly perfected appraisal case requires a judicial determination of the fair value of the sold company plus statutory interest, which is set at 5 per cent above the Federal Reserve discount rate and generally compounded quarterly. In most circumstances, an appraisal petition is not subject to a pleading stage dismissal.

While Delaware law has not changed to allow a pleading stage dismissal of an appraisal petition, both the Delaware legislature and the Delaware Supreme Court have taken steps to remove many of the economic incentives that have driven appraisal litigation in the past.

First, in 2016, the Delaware legislature amended the Delaware General Corporation Law to provide that the surviving corporation could prepay an appraisal award to the dissenting stockholders. By prepaying, the surviving corporation could avoid the statutory pre-judgment interest on the value of the prepaid amount, thereby removing a major economic incentive that had led to appraisal arbitrage.81

Second, starting in 2017, the Delaware Supreme Court issued a series of opinions that gave appraisal litigants an ex ante expectation of what a final appraisal award would likely be.82 While not recognising a presumption, the Delaware Supreme Court held that deal price, less synergies, is a strong indicator of fair value when a process in which interested buyers all had a fair and viable opportunity to bid.

The prepayment option combined with the predictability of deal price for appraisal valuation offers certainty for three reasons. First, by treating a fairly negotiated merger price as the strongest evidence of fair value, courts can eschew the judicial second-guessing inherent in a valuation conducted years after a merger closes. Second, to determine whether the merger price, less synergies, is a strong indicator of fair value, the Court of Chancery has signalled it will review a merger process similar to how it would conduct a Revlon analysis,83 thereby incentivising companies and their advisers to follow the same processes that have been developed over the past 35 years. Third, treating a fairly negotiated merger price as the best evidence of fair value gives the surviving corporation an easy loadstar for determining the prepayment amount.

Work that still needs to be done: curtailing frivolous merger litigation

With the adoption of Corwin and MFW, Delaware courts took an additional step to curtail stockholder litigation that could otherwise give rise to deal uncertainty. Since at least the Court of Chancery's decision in In re Transkaryotic Therapies, Inc,84 stockholder plaintiffs were incentivised to challenge merger transactions before the scheduled stockholder vote. The reasoning had been that the best way to address disclosure violations in merger proxy materials was to rule on the adequacy of those disclosures before the vote.85 Unfortunately, this well-intentioned reasoning led to a boom in needless merger litigation.

In the years after Transkaryotic was decided, almost every public company merger valued at more than US$200 million was challenged by a stockholder class action complaint alleging that proxy or information disclosure was deficient.

Chancellor Bouchard put an end to this practice in In re Trulia Stockholder Litigation.86 In Trulia, Chancellor Bouchard positioned Delaware courts so that they would no longer approve disclosure-only settlements.87 The effect was immediate: a sudden drop-off of less-than-meritorious disclosure complaints being filed in the Court of Chancery.

Where did these disclosure complaints go? First to state courts, until many companies adopted forum by-laws requiring state corporate law claims to be brought in the Court of Chancery.88 Now, these disclosure claims are brought on an individual basis in the United States district courts pursuant to Section 14 of the Securities Exchange Act of 1934, which forum by-laws are powerless to stop. In response, targets are incentivised to issue supplemental disclosures that moot the Section 14 claims and then pay a mootness fee to the stockholders' counsel.

Offering certainty through contracts

Delaware courts have also increasingly deferred to a freedom to contract regardless of the consequences that may be visited on a less-than-careful commercial party. A few examples from the past year amply demonstrate how Delaware courts adhere to this principle of contractual freedom.

The recent decision by the Court of Chancery in Vintage Rodeo Parent, LLC v. Rent-A-Center, Inc exemplifies how a Delaware court will hold a sophisticated party to a contract even if a mistake has been made.89 The issues in Vintage were elegantly simple:

  1. Vintage entered into a merger agreement to acquire Rent-A-Center;
  2. the merger agreement included an end date that could be extended by either party by three months if FTC permission was still pending;
  3. if the end date was reached without an extension, however, then either party could terminate the agreement;
  4. shortly before the end date, Rent-A-Center's board determined that it was no longer in the company's interest to close the transaction; and
  5. after Vintage mistakenly failed to extend the end date before the agreement's expiration, Rent-A-Center terminated the agreement.90

The Court held these sophisticated parties to their 'heavily negotiated' agreement and affirmed Rent-A-Center's termination of the agreement despite Vintage's clear mistake in failing to properly extend the end date.91

In addition, while Delaware is well known for having a firm public policy against fraud, '[i]t is equally true that Delaware prides itself on having and adhering to a body of efficient commercial laws and precedent in which sophisticated contracting parties' voluntary agreements are enforced as written'.92 Thus, Delaware courts routinely enforce a sophisticated party's contractual agreement that it did not rely on non-contractual statements when entering into an agreement even if enforcing such anti-reliance provisions requires the dismissal of fraud claims.93,94

Finally, of recent importance has been the high burden that Delaware courts impose on buyers attempting to terminate merger agreements because of a purported MAE suffered by the target.95 To date, only one Delaware case has permitted a buyer to exit a merger agreement based on the occurrence of a MAE.96 In that case, the target experienced a significant year-over-year 51 per cent decline of its adjusted EBITDA97 and had misled the Food and Drug Administration about data integrity issues.98 Outside of these extraordinary facts, Delaware courts have remained steadfast in denying buyers' attempts to terminate deals based on the purported existence of n MAE.99

Despite the difficulty of proving a MAE, however, there was an initial flurry of litigation in the months after the start of the covid-19 pandemic related to busted deals and the assertion of MAEs. The filing of such litigation has abated, with many of the cases filed being voluntarily dismissed.100

To date, only one of the covid-related busted deal cases has resulted in a judicial determination of the merits, albeit partially.101 Echoing the self-inflicted wound of Vintage (see above), Realogy attempted to force the closing of the sale of its Cartus Corporation subsidiary to SIRVA Worldwide. This attempt failed because of Realogy's unforced error. Specifically, Realogy filed suit not only against SIRVA, the purchaser of Cartus, but also against the funds that owned SIRVA. Vice Chancellor Zurn held that, pursuant to the unambiguous language of the transaction documents, the naming of the funds as defendants 'automatically and immediately' terminated the funding conditions that were a prerequisite to specific performance.102 Because of its mistake, Realogy could not force SIRVA to close the deal, once again demonstrating that Delaware courts will apply the unambiguous language of a contract notwithstanding the economic results that may follow.

viii Financing

Technology M&A transactions may be financed with debt or equity proceeds or a blend of both. If debt is used to fund an acquisition, lenders typically require an equity contribution equal to at least 35 to 50 per cent of the total capitalisation of the target company, which will be calculated to include the aggregate amount of debt and equity (including the value of rollover equity) used to fund the acquisition. This equity capital contribution requirement is typically higher in middle market transactions and has increased in 2020 during the covid-19 pandemic.

Debt financings usually include a term loan facility, the proceeds of which are used to fund the acquisition consideration and transaction expenses, and a revolving loan facility, which is typically available up to an agreed-upon amount at closing to fund transaction expenses and otherwise available after closing. These revolving credit facilities are customarily cash flow revolvers that are not subject to a collateral borrowing base (but, depending on the market, may be subject to a leverage governor, which will restrict borrowings to an amount that will not cause the borrower to exceed an agreed upon debt-to-EBITDA or annualised recurring revenue ratio. Credit facilities for technology companies may also include a delayed draw loan facility, which allows the borrower to borrow term loans during an agreed period post-closing (typically not longer than 24 months) that may be used to fund growth capital expenditures and permitted acquisitions.

Maintenance financial covenants are financial covenants that are tested as the end of the fiscal month or quarter, as applicable. A majority of larger syndicated deals in 2019 did not include a maintenance financial covenant, which are referred to as covenant-lite loans. However, a majority of middle market financings did have one or more maintenance financial covenants, and such covenants are typical in technology deals. Additionally, in 2020, more syndicated deals have included a maintenance covenant as lenders are becoming more weary of foregoing a means to monitor the financial health of borrowers during the covid-19 pandemic. Maintenance financial covenants may include a leverage covenant, interest covenant, fixed charge covenant and liquidity covenant. In technology deals, lenders may agree to test annualised recurring revenue to debt for purposes of the leverage financial covenant in lieu of testing EBITDA-to-debt, depending on the growth stage of the borrower.

Unless the loans are investment grade (i.e., assigned a credit rating of Baa3 or higher by Moody's), the debt financing will be secured by a lien on substantially all of the assets of the borrower and, subject to certain tax and other legal and cost considerations, its wholly-owned subsidiaries. The perfection of these liens at closing of the acquisition are customarily limited to liens that may be perfected solely by the filing of a financing statement under the Uniform Commercial Code, a pledge of the equity interests of the borrower and any guarantors located in the United States to the extent any certificates evidencing such equity interests are readily available and, in certain cases, the filing of short form IP security agreements with the United States Patent and Trademark Office (USPTO) and the United States Copyright Office.

In the event that a transaction will be funded with debt financing and is subject to an acquisition agreement that contemplates a separate signing and closing, the acquirer will need to obtain a debt commitment letter, an executed copy of which is typically required to be delivered to the seller at closing. The debt commitment letter should provide that the lender, or syndicate of lenders, commits to fund the debt financing at closing of the acquisition subject to the satisfaction of the expressly stated conditions precedent set forth in the letter. Further, if the acquisition agreement does not have a buyer financing condition (which excuses the buyer from consummating the transaction if debt financing is not available), then the debt commitment letter should include SunGard provisions, which is language that was developed in response to the removal of the buyer's financing condition in most acquisition agreements.103 SunGard language is common in acquisition debt commitment letters and should provide that:

  1. the satisfaction of the only representations and warranties at closing and funding will be limited to:
    • those representations and warranties relating to the target in the acquisition agreement that, if they cannot be satisfied on the closing date, would allow the buyer to terminate the acquisition agreement; and
    • certain specified representations and warranties set forth in the credit agreement that are in the control of the buyer (and typically do not relate to the operation of the target business); and
  2. the perfection of liens at closing will be limited to filings of financing statements under the Uniform Commercial Code, and perfection of equity pledges and all other perfection steps (such as execution and delivery of control agreements and mortgages) will be permitted to occur post-closing (typically within 30 to 60 days after closing).

To further limit conditionality of the debt financing, buyers should ask the arrangers of the debt financing to approve the form of acquisition agreement and related disclosure schedules. The debt arrangers' review of the acquisition agreement is customarily focused on the provisions relating to the financing, such as timing of closing, the obligations of the target to assist with obtaining the financing, and the definition of a material adverse change or effect (as this definition is typically used in the no material adverse change condition in the debt commitment letter). In addition, the debt arrangers will require that the acquisition agreement include certain lender protective provisions in the acquisition agreement. These provisions are commonly referred to as the Xerox provisions, as they were first publicly used in Xerox Corporation's 2009 merger with Affiliated Computer Services, Inc.104 The Xerox provisions are intended to protect the debt financing sources from becoming the subject of litigation by the seller in the event the acquisition does not close, and require that any actions against the debt financing sources relating to the acquisition will be brought in the venues agreed to by the debt financing sources in the debt commitment letter. The Xerox provisions were developed in response to claims that were brought by sellers against debt financing sources in the wake of the 2008 financial market crisis after some lenders refused to fund their debt commitments because the conditions to funding could not be met.

In addition to delivery of a debt commitment letter, an acquisition agreement that does not include a buyer financing condition should also require the seller and the target to cooperate with the buyer in connection with obtaining the financing contemplated by the debt commitment letter (including any syndication of such debt financing) and any acceptable replacement thereof. This covenant should require, among other things, the target's management to attend a lender meeting, and to assist with the preparation of any offering or confidential information memorandum and delivery of any financial statements required under the debt commitment letter. In most cases, the seller and target will have the right to be reimbursed with any reasonable out-of-pocket expenses incurred in connection with such financing assistance and will be indemnified by the buyer for any losses incurred as a result of providing such assistance. In sponsor-backed acquisitions, the commitment of the private equity fund to make the closing date equity contribution is typically evidenced by an equity commitment letter. The acquisition agreement will require delivery of an executed copy of this letter to the seller, but unlike the debt commitment, the seller and target are not required to covenant to assist with the equity financing because the funding is entirely within the private equity fund's control.

ix Tax and accounting

Tax considerations always influence the structuring of technology M&A transactions. These considerations include:

  1. the structure of the acquisition vehicle;
  2. whether to structure the transaction as an equity transaction or an asset transaction;
  3. the tax treatment of any equity or deferred consideration issued to the sellers in the transaction;
  4. whether the acquisition provides an opportunity to optimise the tax structure of the target and its subsidiaries;
  5. the placement of acquisition financing in the structure;
  6. monetisation any of the target's tax attributes;
  7. the indemnity package for the target's historical tax exposures;
  8. addressing tax exposures that are typically identified in due diligence; and
  9. structuring incentives for management.

A US strategic buyer buying a US target will typically not need to form a new acquisition vehicle to effect an acquisition, and will frequently use one of its existing US entities to act as the buyer in the transaction. The one exception is a transaction structured as a merger, in which case the buyer entity will typically form a transitory merger subsidiary that will merge into the target with the target shareholders receiving a mix of cash and other consideration and the target acting as the surviving entity in the merger.

In the case of a US private equity fund or other financial buyer, a structure will need to be created below the fund into which the financial buyer will make its investment. A threshold question with these structures is whether it will be a pass-through structure down to the operating company level or a structure where there is a corporation (or an entity treated as a corporation for US tax purposes) between the operating business and the investment by the financial buyer. In the US it is much more common to have operating businesses structured as pass-throughs in part because the US rules allow entities that have corporate characteristics such as limited liability to be treated as partnerships for income tax purposes. There are benefits and detriments to both kinds of structures and there is no unified view among financial buyers as to the preferred structure to use. The main advantage of a pass-through structure is a single level of tax on any operating income and the ability to delivery step-up in the tax basis of the target's assets to a future buyer that can then be depreciated and amortised for tax purposes. The main advantage of a corporate structure is simplicity and a lower tax rate on operating income. Practically, because companies in the technology space are frequently structured as corporations from inception, there may not be an opportunity to structure an investment as a pass-through structure because while a conversion of a pass-through structure to a corporate structure can typically be accomplished without a tax cost, a conversion from a corporate structure to a pass-through structure under most fact patterns results in a significant tax liability. Even if a pass-through structure all of the way down to the operating business is not desired or not possible, a pass-through vehicle such as an LLC or an LP may be used at the very top of the structure to facilitate a future exit and allow for tax-efficient management incentives.

From a buyer's perspective, structuring an M&A transaction as an asset purchase for income tax purposes is generally the most tax-efficient structure as it creates a step-up in the basis of the target's assets up to the enterprise value of the target adjusted for any tax-deferred rollover by the sellers. The majority of any such step-up is typically amortised for tax purposes over 15 years (i.e., the US amortisation for intangible assets acquired a part of an acquisition of a business) although allocation to some assets can create a full benefit in the year of the transaction. Even where the target is a foreign entity and, therefore, usually not subject to US taxation, structuring the acquisition as an asset purchase for income tax purposes should help from a US income tax perspective with reducing the buyer's global tax rate and also make US tax compliance with respect to the foreign target easier, and the sellers, especially if they are foreign, may be totally agnostic regarding the structuring required to achieve such asset sale treatment. For a buyer to obtain the tax benefits of an asset purchase, the actual M&A transaction does not have to be structured as an asset purchase from a corporate law perspective, and there are frequently a number of non-tax and even tax reasons for structuring a transaction as an equity purchase. Instead, the US tax rules provide that a number of equity transactions that can be treated as asset purchases for income tax purposes. Depending on the underlying transaction, such deemed asset purchase treatment can be automatic, or require the buyer or both the buyer and seller to make a specific tax election, or require the seller to engage in pre-closing restructuring. Such elections include elections under Sections 336(e), 338(g), 338(h)(10) and 754 of the US Internal Revenue Code. Because such elections and pre-closing restructuring of a target can create significant value for a buyer but can also be detrimental to sellers and require sellers' cooperation, it is key that the opportunity for any such elections or pre-closing restructuring is identified early in the M&A process, and that the parties affirmatively address the possibility of making such elections as early in the process as possible.

From a sellers' perspective, structuring an M&A transaction as an equity purchase (which is also treated as an equity purchase for income tax purposes) is generally the most tax-efficient structure as it typically results in any gain being taxed at favourable capital gains rates. Depending on the structure of the target and other facts, structuring a transaction as an asset purchase (or a transaction that is treated as an asset purchase for income tax purposes) can result in significant additional tax to the sellers. Although that is not always true, for that reason (and various non-tax reasons) sellers will typically want to structure their M&A transactions as a sale of equity.

In the case of financial buyers and to a lesser extent in the case of strategic buyers, the consideration for a target will frequently include non-cash consideration. Non-cash consideration can include rollover equity issued by the buyer or a buyer parent entity, seller notes and earnouts. From a seller's perspective, the main tax issue with receiving any non-cash consideration is deferring the recognition of the associated income until a future liquidity event to avoid creating a tax liability without corresponding liquidity to pay the tax. From a buyer's perspective, the main tax issue is that providing the seller with deferred consideration may make some or all of the transaction ineligible for step-up in the target's assets. That should not matter where step-up is otherwise not available. For example, where the target is a standalone US corporation (which is a typical structure for entities in the technology space) and the transaction is structured as a purchase of the equity of the target, step-up is generally not available, and therefore a buyer can provide sellers with rollover equity on a tax-deferred basis as part of the consideration for the target without a detriment to the buyer. The ability of a seller to receive buyer or parent equity on a tax-deferred basis depends on a number of factors, including the tax classification of the target, the tax classification on the buyer and the portion of the consideration consisting of equity. Generally, it is easier for financial buyers to issue rollover equity on a tax-deferred basis for a new portfolio investment because such investments provide for most flexibility in terms of designing the holding company structure to facilitate the issuance of rollover equity on a tax-deferred basis. Depending on how a portfolio investment is structured, it may be more difficult to structure tax-deferred rollover for add-on acquisitions; generally, a structure with an LLC or LP on top that is treated as a partnership for income tax purposes provides the most flexibility and is one reason that LLCs and LPs are even used on top of structures that do not provide for pass-through treatment all the way down to the operating business because of an intervening corporation in the structure.

Especially where the sellers are foreign or the target group includes entities in various jurisdictions, the acquisition of the target group may provide opportunities to optimise the target structure under the buyer's post-closing ownership period. Typically, these include pushing debt down into various geographies, which sometimes requires the separate acquisition of various members of the target group, adding foreign holding companies to facilitate efficient repatriation and eliminating ownership chains that do not make sense from the perspective of a US buyer. For example, while foreign parent corporations frequently will form US subsidiaries, it is typically inefficient for a US buyer of a foreign parent corporation to own a US subsidiary through the foreign parent. This is both because any dividends from the US subsidiary intended to eventually reach the US parent would need to leave the US and then return to the US as they are distributed up the ownership chain, potentially becoming subject to withholding tax twice in the process (and a direct US subsidiary to US parent dividends should not be subject to tax in the US), and because the US parent and its indirect US subsidiary cannot consolidate for US tax purposes whether there is an intervening foreign corporation in the ownership chain between the US parent and the indirect US subsidiary.

Another structuring consideration is the placement in the structure of any acquisition financing. Generally, in an all-US structure the placement of the acquisition financing in the target group does not have an impact from a US federal income tax perspective as the buyer and the target group will typically file a consolidated return that will allow the netting of income and expenses across the consolidated group. The answer may be different at a US state level if members of the group file in states that do not provide for the equivalent of consolidation. In those US states, absent additional planning, the interest expense may become stranded away from the operating income that it could otherwise reduce. The analysis becomes more complicated in cross-border structures where the cash flow that will be used to service the debt is generated in various geographies. In those structures it is often helpful to push debt down into the subsidiaries that are generating such cash flow. That can be done by either having third-party lenders lend directly to the foreign subsidiaries or with intercompany debt from the US parent of the group. Any such debt pushdown can reduce the overall effective tax rate of the group by providing for direct payments to foreign lenders, creating tax deductions in the foreign subsidiaries for interest expense, having interest (versus dividend) withholding rates to apply to any interest payments, and providing for the non-taxable return of any principal of the debt. Prior to the US 2017 tax reform, such debt pushdowns could also reduce the overall tax rate of the group by reducing the amount of dividend income from foreign subsidiaries either by having the foreign subsidiaries pay their debt directly or by structuring a portion of the repatriation of debt from the foreign subsidiaries as a repayment of debt principal. The US 2017 tax reform eliminated the need to do that for US corporate borrowers, but debt pushdowns to foreign subsidiaries remain beneficial for non-US tax reasons and for non-corporate US parent entities. A related structuring consideration that was also generally eliminated for US corporate borrowers as a result of the US 2017 tax reform (but remains valid for US non-corporate borrowers) was the tax-based limitations on the ability of US corporate borrowers to secure their US debt with pledges of the equity or assets of their foreign subsidiaries. As a result of these limitations, pledges of the voting shares of first-tier foreign subsidiaries were generally limited to 65 per cent, and no pledges or guarantees were permitted at the level of the first-tier foreign subsidiary or any of its subsidiaries. This was especially problematic in technology deals involving US parent companies where significant IP value was located outside the US in foreign subsidiaries and lenders wanted to utilise such IP as part of the collateral package.

Generally, target companies in the technology space will have tax attributes and an M&A transaction may create additional tax attributes. These are typically net operating losses (NOLs) and tax deductions resulting from the M&A transaction, which can offset the target's taxable income for the year of the transaction and create additional NOLs. Historically, sellers could monetise NOLs created as the result of a transaction by carrying them back to previous years and obtaining a refund of taxes paid in those years. The ability to do that with US federal NOLs was eliminated by the 2017 US tax reform but recently reinstated for a limited period of time pursuant to the 2020 CARES Act. Otherwise, any target NOLs (and other tax attributes) that are not utilised in pre-closing tax periods will remain with the target and be available for usage post-closing subject to limitations on their usage that result in the US from any change in control transaction.

The indemnity package for historical tax exposures range from traditional transactions with a pre-closing tax indemnity and an indemnity for breaches of the tax representations and warranties from the sellers in public style deals where the buyer has no recourse against the sellers. Generally, the larger the value of the transaction the more likely it is that it will have a public style deal indemnity construct for taxes (and other pre-closing liabilities). The big driver of the market in that direction over the past few years has been the growth of the representation and warranty insurance (RWI) market. The existence of RWI has bridged sellers' desire to walk away without any contingent exposures and buyers' desire to be protected for unknown liabilities. Under this indemnity construct, current income taxes that are known are typically included in indebtedness (which results in a dollar-for-dollar reduction to the purchase price) as buyers will not have any further opportunity to pursue sellers for such taxes once the debt and other customary post-closing adjustments are completed (and the RWI policy will not cover known liabilities).

There are two tax issues that are repeatedly identified in M&A deals in the technology space in the US: tax on deferred revenue accrued but not included in taxable income as of the closing date, and historical sales tax exposure.

Companies in the technology space frequently have deferred revenue for book purposes and the US tax rules allow a limited deferral of the associated income for tax purposes. Generally, under these rules, tax income and book income associated with deferred revenue match for the first year, and then any remaining amount deferred for book purposes is included in income for tax purposes in the second year irrespective of the remaining book deferral. That means that as of the time of closing, a target may have a future tax liability on revenue that was received prior to the closing and, but for the tax accounting rule described above that permits a limited deferral, would have been included in income of the target in a pre-closing tax period, with any tax imposed on such income being the responsibility of the sellers either through the accrual for current income taxes in indebtedness or the pre-closing tax indemnity. Ultimately this becomes a business issue, but it is relatively common in software transactions for buyers to agree to accept the responsibility for taxes on any such deferred revenue based on the argument that that tax-deferred revenue is created in the ordinary course of business.

Companies in the technology space also frequently have issues with their historical sales tax exposure. Generally, companies that sell certain goods and less often certain services are required to collect sales tax from their customers. The sales tax rules can be difficult to comply with in part because they are state-specific (and most but not all US states charge a sales tax) and generally require a company to determine where it is subject to sales tax (i.e., whether it has nexus in a particular jurisdiction) and whether its sales are subject to sales tax in those states. Historically, a company had to have a physical presence (e.g., employees or an office) in a state to be subject to sales tax, but that is no longer the case and a certain level of sales into a state is sufficient to trigger a sales tax liability. Sales of software and software services provide unique challenges for purposes of any sales tax analysis as it is often very fact-specific without uniformity among the states. If any sales tax issues are identified as part of the diligence process, they can be economically significant because sales taxes are typically a function of gross revenue (and not taxable income), any known issues identified in due diligence will be excluded from the RWI policy as noted above, and if any such issues are left un-remedied, any resulting indirect exposure for the buyer (as the new owner of the target) is theoretically open-ended, as in most of the instances where sales tax issues are identified the relevant statute of limitations applicable to the tax authorities' ability to collect such sales taxes (and impose interest and penalties) will never begin to run.

Once an acquisition is completed, a buyer will typically implement an incentive plan for management. Strategic buyers will typically include the target's employees in their own plan and financial buyers will create a new plan for their new portfolio company. The target's management may also be asked to rollover a portion of their existing management incentives into the buyer structure. Depending on the form of the existing management incentives and the buyer structure, such rollover can be accomplished on a tax-deferred basis. Generally, management incentives can include shares in a corporation, profits interests (which require that the issuer is an LP or LLC taxed as a partnership for US income tax purposes and are one driver of structures that include an LP or an LLC on the top of the structure), options, restricted stock units and phantom plans. Shares and profits interests afford management the opportunity to be taxed at favourable capital gains rates on exit, and profits interest can be granted to management without any current income event. Options, restricted stock units and phantom plans can also be structured to avoid a tax event to management on grant, but will typically result in management being taxed at ordinary income tax rates on exit and the issuing company having a comparable compensation deduction for income tax purposes.

Generally, US GAAP applies in the US.

x Cross-border issues

HSR notification process

Under the Hart-Scott-Rodino Antitrust Improvements Act (HSR Act),105 mergers, acquisitions and joint ventures must be notified if, as a result of a transaction, a party will hold at least US$94 million106 in voting securities, assets or noncorporate interests (an amount adjusted annually for inflation). This is referred to as the size of transaction test. Where the value of the transaction is below US$376 million,107 there is also an applicable size of person test requiring that one party to the deal has annual net sales or total assets of US$188 million108 or more, and the other party has annual net sales or total assets of US$18.8 million109 or more. If the thresholds are met, the parties may not consummate a transaction until they have complied with the waiting periods set forth in the HSR Act.110 Both the acquiring party and the acquired party are subject to the requirement to provide information under the HSR Act.

The first step in the HSR review process is the filing of an HSR notification and report form for certain mergers and acquisitions. This is a 10-page form that seeks basic information on each party's business, including its areas of operation, its sales, and its subsidiaries, affiliates, and shareholders. The form also requires attachment of documents, including annual reports, confidential information memoranda and certain documents analysing the transaction that are discussed in more detail below. The parties can make an HSR filing once they have executed a contract, agreement in principle, or letter of intent to merge or acquire. Along with the filing, each party must also submit an affidavit that attests to its good faith intention to complete the transaction described in the filing.

Under most circumstances, the reviewing agency has 30 calendar days from the date of the HSR filing to perform its preliminary review. This is referred to as the initial waiting period. If no action is taken by either agency (the FTC or DOJ) during the initial waiting period, the waiting period expires at midnight on the 30th day, and the parties are then free to close their deal. If it is clear that the transaction does not pose any antitrust concerns, the agencies can also agree to terminate the waiting period prior to the 30th day upon request from the parties.

If the FTC or DOJ have questions or concerns about a transaction during the initial waiting period, a member of agency staff will call counsel for the parties to notify them that a preliminary investigation is being opened. At this time, the parties may meet with the staff or provide documents to show that the transaction will not generate anticompetitive effects (e.g., higher prices, reduced output). The agency may also issue a voluntary request letter to each of the parties, which asks them to submit additional documents that may aid in assessing the competitive impact of the transaction.

At the conclusion of the initial waiting period, the reviewing agency must either allow the transaction to proceed or instead issue a request for additional information and documentary material, commonly referred to as a second request.111 Second requests require the parties to gather and produce large volumes of documents and data regarding their respective businesses, competition and the transaction.112 The issuance of a second request also holds the transaction open – the parties are prohibited from closing the transaction or otherwise combining operations while they respond. During this period, the agency may also conduct investigational hearings, similar to depositions, of certain key individuals in each company. All of these fact-gathering efforts are in support of the agency's attempt to predict whether the transaction will result in anticompetitive effects, such as higher prices or reduced output or innovation.

Once the parties both certify that they have complied with the second request, the agency has 30 additional calendar days (the final waiting period) to analyse the transaction. After the final 30-day waiting period expires, the reviewing agency must either allow the transaction to proceed or file an action in a US federal court seeking an injunction to block the transaction. If the reviewing agency seeks an injunction, the parties must litigate the legality of the merger or abandon the transaction unless a settlement can be reached. A full second request investigation generally ranges from four to eight months, not including litigation.113 Parties may attempt to allay concerns about anticompetitive effects through divestitures or behavioural restrictions. If a remedy is agreed to, it will be formalised in a consent decree with the investigating agency.

HSR trends in high-technology deals

In the US, technology companies have increasingly faced scrutiny on a number of fronts. Antitrust has been frequently referenced as a potential means of reining in perceived negative impacts from this sector on the economy, as well as on political and social trends. Indeed, several prominent members of Congress even advocated (ultimately unsuccessfully) for a moratorium on all mergers and acquisitions for the duration of the covid-19 emergency to blunt anticompetitive deals involving the acquisition of small, struggling companies. Meanwhile, the most prominent high-technology firms are being targeted by antitrust probes and inquiries in Congress, by state attorneys general and by the federal antitrust enforcement agencies. However, even smaller companies are facing increased scrutiny, particularly during merger review. At both the DOJ and the FTC, the staff attorneys are increasingly concerned with a perceived ability of technology companies to grow by acquiring smaller rivals, thereby reducing the overall competition and diversity in relevant markets.

FTC and DOJ attempts to address high technology through reorganisation

Both the FTC and DOJ have recently taken steps to reorganise internally to specifically target concerns in the high-technology space. In February 2019 the FTC announced the establishment of its Technology Task Force dedicated to 'monitoring competition in US technology markets, investigating any potential anticompetitive conduct in those markets and taking enforcement actions when warranted'.114 Now called the Technology Enforcement Division, it is composed of 17 members mainly made up of FTC staff attorneys chosen from across different divisions. Initial reports indicate that the FTC launched the review by visiting Silicon Valley and seeking out complaints of anticompetitive behaviour directly from industry participants.115 Relatedly, on 11 February 2020, the FTC announced it had issued orders under Section 6(b) of the FTC Act to Alphabet Inc, Amazon.com, Inc, Apple Inc, Google Inc and Microsoft Corp requiring them to provide information about prior consummated acquisitions not reported to the antitrust agencies under the HSR Act.116 FTC Chairman Joe Simons stated '[t]his initiative will enable the Commission to take a closer look at acquisitions in this important sector, and also to evaluate whether the federal agencies are getting adequate notice of transactions that might harm competition. This will help us continue to keep tech markets open and competitive, for the benefit of consumers'.117

The FTC has announced that it intends to review acquisitions consummated between 1 January 2010 and 31 December 2019, which will reportedly include hundreds of transactions among these five companies.118 The orders require the companies to disclose information similar to what is called for on the HSR Form, while also requiring the 'companies to provide information and documents on their corporate acquisition strategies, voting and board appointment agreements, agreements to hire key personnel from other companies, and post-employment covenants not to compete. Last, the orders ask for information related to post-acquisition product development and pricing, including whether and how acquired assets were integrated and how acquired data has been treated'.119

The DOJ has likewise opened an investigation into technology giants. On 23 July 2019, it announced the Antitrust Division would review 'whether and how market-leading online platforms have achieved market power and are engaging in practices that have reduced competition, stifled innovation, or otherwise harmed consumers'.120 The Justice Department has prioritised this effort, and while the Antitrust Chief Makan Delrahim recused himself with respect to the investigation into Google, both Attorney General William Barr and Deputy Attorney General Jeffrey Rosen have reportedly added antitrust lawyers to their respective offices to take an active role in the inquiries of big tech.121 Indeed, Attorney General Barr indicated the Department's intention to move quickly, touting the bipartisan support from Congress that something should be done in the form of enforcement action or legislative proposals.122

In August 2020, the Antitrust Division announced an internal reorganisation intended to 'recogni[ze] that technology has reshaped the competitive dynamics in several industries that the Antitrust Division analyzes on a regular basis'.123 Among other changes, the reorganisation results in shifting financial sector responsibilities away from the division previously known as Technology & Financial Services to make its entire focus 'technology markets and the competitive characteristics of platform business models'.124

New vertical merger guidelines

On 30 June 2020, the FTC and DOJ released new official guidelines for the antitrust review of vertical mergers. It had been more than 35 years since the last update, so many viewed this revision as highly important. Among other things, the guidelines provide detailed examples of the unilateral effects the regulators look for in investigations and also describe transactions involving companies at different stages of competing supply chains. They also adopt the existing analysis of efficiencies from the horizontal merger guidelines, along with the elimination of double marginalisation as a key issue for vertical deal analysis. We do not anticipate any dramatic changes in enforcement as a result of the vertical merger guidelines, but companies in the high-tech space in particular should see marginal benefits from added clarity around how the DOJ and FTC will evaluate potential upstream and downstream effects in future transactions.

Multi-sided market analysis an area of focus

The DOJ and FTC have been wrestling with the proper way of accounting for multi-sided platforms in high-technology sectors when conducting merger analysis. In a 2018 Supreme Court decision, the Court determined that efficiencies on both sides of the platform should be accounted for in an antitrust analysis. One of the most recent cases to deal with multi-sided platforms in a merger review context is Sabre/Farelogix, which was investigated by the DOJ during 2019 and early 2020.

Sabre/Farelogix concerned the two-sided platform for airline bookings. Traditionally, bookings have been managed through global distribution systems (GDS) that connect travel agents looking to make bookings with airlines offering available seats. Sabre is one of the largest GDS providers. The DOJ complaint alleged that the next-generation booking software developed by Farelogix was a threat to Sabre's legacy GDS. The DOJ argued that if the transaction went forward, Sabre would no longer be constrained in its negotiations, and would therefore be able to charge higher prices and have less incentive to innovate. In litigating the transaction, the parties emphasised the need to consider impacts on both sides of the GDS platform – airlines and travel agents. Adopting this approach, the district court concluded that while Sabre was indeed a multi-sided platform (selling services to both airlines and travel agents), Farelogix (a software developer for airlines) was only operating on one side of the platform. Based on this, the district court ruled out, as a matter of law, competition between single-market sellers and their multi-sided counterparts.

After winning in court, Sabre and Farelogix ultimately abandoned their deal due to opposition from the UK Competition and Markets Authority. The DOJ then asked the Third Circuit Court of Appeals to vacate the district court decision as moot, which it did on 20 July 2020. However, foreshadowing that more disputes over multi-sided platforms are to come, the Third Circuit panel noted that the decision to vacate 'should not be construed as detracting from the persuasive force of the district court's decision, should courts and litigants find its reasoning persuasive'.125

Pharmaceutical deals face increased scrutiny

Covid-19 has brought increasing focus on the pharmaceutical industry, but even before the entrance of covid-19 on the global stage, the FTC was gearing up for increased scrutiny of pharmaceutical tie-ups. One key area of focus is whether pharmaceutical deals should continue to be analysed based on individual product overlaps, as has historically been the case, or whether a broader view of potential anticompetitive effects is warranted. This was seen starkly in the dissenting opinions of the two Democratic commissioners to the FTC's decision to clear the acquisition of Celgene by Bristol-Myers Squibb in November 2019. For example, Commissioner Rohit Chopra stated plainly, 'I am deeply skeptical that this approach [focusing on product overlaps and foreclosure incentives] can unearth the complete set of harms to patients and innovation, based on the history of anticompetitive conduct of the firms seeking to merge and the characteristics of today's pharmaceutical industry when it comes to innovation'.126

Commissioner Chopra's statements echo sentiments from lawmakers urging greater scrutiny of large pharmaceutical deals. In September 2019, Senator Amy Klobuchar wrote to FTC Chairman Joe Simons on behalf of herself and eight other senators regarding antitrust enforcement in the pharmaceutical sector.127 Highlighting AbbVie/Allergan and Bristol-Myers/Celgene as two recent deals that 'raise significant antitrust issues', Senator Klobuchar asked the FTC to take note of the fact 'industry consolidation is occurring against a backdrop of ever rising prescription drug spending and reports that one in four people taking prescription drugs have difficulty affording their medication'. Accordingly, she urged the agency to 'take appropriate action to protect consumers,' adding that 'if the FTC's competitive concerns cannot be resolved by negotiated settlement, we urge the Commission to take appropriate action in district court to protect competition'.

Concerns over pharmaceutical industry consolidation are likely to be further elevated in the current environment, as the world scrutinises efforts to develop and distribute treatments to combat covid-19.

IP protection

i IP protections available under US law in technology M&A

Proprietary technology and IP rights protecting such technology are often some of the most important assets of a technology business. As a result, IP issues play a key role in technology M&A transactions. The following is a brief overview of IP protections available under the laws of the United States and key areas of focus during IP diligence in technology M&A.

In the US, a combination of federal and state laws is available to protect IP. In general, proprietary technology may be protected through copyrights, trade secret rights, trademark rights and, in some instances, patent rights.

Patents

A patent protects an invention. In the US, patent protection is provided under the United States Patent Act of 1952 (Patent Act).159 The US is also a party to the Paris Convention160 and Patent Cooperation Treaty.161 For an invention to be patentable under the Patent Act, the invention must be useful, novel and not obvious.162 To obtain a patent, an applicant must submit an application that describes and claims what the applicant purports to be the invention. A patent may issue after an examination by the USPTO if the claimed invention meets all of the requirements necessary for an invention to be patentable. Once a patent issues, an owner of the patent has the right to exclude others from making, using, offering to sell, selling or importing the patented invention.163 Unlike other countries, the US permits an application to be filed on a provisional basis to preserve the filing date.164 A provisional application need not include any claims describing what the applicant purports to be the invention and is not examined, but the provisional application must be converted into a utility application that includes the claims within one year of the filing date. Many applicants take advantage of the provisional filing regime in the US to get the earliest filing date. Patentable subject matter includes any new and useful process, machine, manufacture or composition of matter, or any new and useful improvement thereof.165 However, patenting a software invention is a bit more complicated in the US. In general, laws of nature, natural phenomena and abstract ideas are excluded from the subject matter that is eligible for patent protection. It is sometimes challenging to patent a software invention, because a software invention is often considered to be an abstract idea, and an abstract idea that is merely implemented on a generic computer is not patentable. However, some software inventions are patentable since novel and useful applications of an abstract idea are patentable.166

Copyrights

A copyright protects an original work of authorship fixed in a tangible medium of expression. In the US, copyright protection is generally provided under the United States Copyright Act of 1976 (Copyright Act).167 The US is a member of multiple treaties affecting copyrights, including the Berne Convention for the Protection of Literary and Artistic Works.168 The types of works protected under the Copyright Act include:

  1. literary works;
  2. musical works;
  3. dramatic works;
  4. pantomimes and choreographic works;
  5. pictorial, graphic and sculptural works;
  6. motion pictures and other audiovisual works;
  7. sound recordings; and
  8. architectural works.169

The Copyright Act has no specific reference to software, but in most instances, the source code and the graphical user interface of computer software are believed to qualify for copyright protection as a literary work.170 However, pending before the US Supreme Court is a dispute between Google and Oracle as to whether Oracle can claim copyright protection in Java application programming interfaces.171 The case is scheduled to be heard by the US Supreme Court during the 2020 to 2021 term. A copyright grants its owner the exclusive right to, and to authorise others to, reproduce, prepare derivative works of, distribute, publicly perform and publicly display the copyrighted work.172 A copyright arises automatically on fixation of the expression in a tangible medium and, although registration with the US Copyright Office is available, it is not necessary for the purpose of obtaining a copyright, and most software companies elect not to register as one of the registration requirements is to provide at least a portion of source code, which the software owner prefers to keep as a trade secret.173 However, registration is a prerequisite for enforcing a copyright against a third-party infringer. Unlike in many other countries, in the US, moral rights are limited to works of art only protected under the Visual Artists Rights Act of 1990.174 An author of a work of visual art has the right to claim authorship and to prevent intentional distortion, mutilation or other modification of that work which would be prejudicial, and to prevent destruction of work of recognised stature.175

Mask works

The Semiconductor Chip Protection Act of 1984 (SCPA) protects mask works that are fixed in semiconductor chips.176 To be protected under the SCPA, a mask work must be original and registration with the US Copyright Office is required to secure protection.177 An owner of a mask work has the exclusive right to reproduce the mask work by optical, electronic or other means, to import or distribute a semiconductor chip product in which the mask work is embodied, and to induce or knowingly cause another person to do any of the foregoing acts.178 Although mask work rights are available to semiconductor companies, registration and enforcement of mask work rights are not widespread due to limited protection afforded under the law.

Trade secrets

Trade secret law has traditionally been governed by state law, which in most states corresponds to the Uniform Trade Secrets Act, but today, trade secrets are also protected under the federal Defending Trade Secrets Act of 2016 (DTSA).179 Therefore, trade secret owners now have the option to enforce their trade secret rights in a state court or a federal court. Although there are some differences in the definition of trade secrets, if the information has value because it is not generally known to others and the owner has taken reasonable precautions to protect its secrecy, then the information is potentially protectable as a trade secret under both laws. However, there are additional protections provided under the DTSA. The DTSA provides a whistleblower immunity to protect individuals who disclose trade secrets to the government for the purpose of reporting or investigating a suspected violation of law, and an employer has an obligation to provide notice of such immunity in contracts with its employees.180 If an employer fails to do so, the employer may not be awarded exemplary damages or attorneys' fees against the employee who did not receive the notice.181 The DTSA also permits the court to issue an ex parte seizure order to prevent the propagation or dissemination of the trade secret in extraordinary circumstances.182 Trade secrets are typically protected through contractual nondisclosure obligations and by restricting access to the information.

Data

Although there are many federal and state laws regarding privacy and security aspects of data, there is no IP law in the US that is specific to data protection. Data collections may be protected as copyright, to the extent they are not functional and meet the requirements of the copyright law, and specific data may be protected as trade secret information, assuming that access to the information has been limited and the data otherwise satisfies the requirements of trade secrets.

Trademarks

A trademark, which generally refers to a word, name, logo or symbol that is used to identify the source of goods or services, may be protected under federal law, the Lanham Act183 and state law. A trademark may be registered with the USPTO or may be registered on a state-by-state basis through the applicable state's trademark office. An unregistered trademark may still be protected under common law based on usage in commerce. There are, however, certain advantages in registering the trademark with the USPTO, including nationwide trademark protection, prima facie evidence of validity, constructive notice184 and incontestability after five years of use.185 In the US, an applicant may file an intent to use (ITU) application for a trademark that has yet to be used.186 Once the application has been reviewed and approved by the USPTO and the applicant can show evidence of usage in commerce, then the trademark will be registered. Although an ITU application cannot be assigned until a verified statement of use has been filed, there is an exception for assignment to a successor to the business to which the mark pertains.187

ii IP diligence

Ownership of IP

For technology M&A transactions, the most important part of the IP diligence is to verify that the target business actually owns what it purports to own in terms of technology and IP rights. An important initial step in verifying ownership is to understand the target business's development history, including how and where its key proprietary technology originated, who was involved in the development (whether employees or contractors) and where the development took place.188

Developments by employees

In the US, an employer does not automatically own all IP created by its employees within the scope of employment. An employer has ownership of copyrights in works of authorship created by its employees within the scope of their employment through the work made for hire doctrine under the Copyright Act.189 However, unlike the IP laws in some other countries, this is not likely to be true with respect to other forms of IP, such as inventions and patents resulting from those inventions. The general rule under US law is that an inventor owns his or her invention. An exception to this general rule is that an invention created by an employee is owned by his or her employer, if the employee was specifically hired to invent, but this is a pretty high standard under US law.190 Therefore, for an employer to own all IP created by an employee within the scope of his or her employment, there needs to be a written IP assignment. Without such an assignment, the employer may have only a limited right to use the IP developed by such employee referred to as the 'shop right' doctrine.191

Developments by independent contractors

A business that hires individuals as independent contractors is even less likely to own the resulting IP in the US for several reasons. First, as described above, the work made for hire doctrine is a copyright-specific concept and does not apply to inventions or patents. Second, the work made for hire doctrine applies only to certain categories of works specified under law, if created by an independent contractor.192 Typically, works performed by an independent contractor do not fit within these categories. Software developed by an independent contractor, for example, generally does not qualify.193 Finally, the independent contractor and the business that hired the independent contractor must agree in writing that the work will be considered a work made for hire.194 Therefore, unless the independent contractor has assigned his or her IP to the business that hired him or her, he or she likely retains ownership in such IP. Without such an assignment, the business may have a limited implied licence to use such work created by the independent contractor at best.

Proprietary information and inventions agreements

For the reasons discussed above, it is important that a target business has IP assignments from employees and independent contractors who have developed technology for the business. These agreements are typically called proprietary information and inventions agreements or something similar.

When reviewing these types of agreements, it is important to confirm that the applicable agreement contains a properly drafted assignment provision. Specifically, the law in the US is clear that the assignment must be drafted as a present-tense assignment (e.g., 'employee hereby assigns. . .'), as opposed to an agreement to assign. A provision such as 'the IP shall be owned by or an employee shall assign the IP' are generally interpreted to be a mere covenant to do so in the future and not an effective present assignment.195

Despite this relatively clear law on IP ownership, it is not unusual to encounter during diligence of a technology business either a lack of IP assignments altogether or IP assignments that are incorrectly drafted. If the issue is lack of proper drafting of existing IP assignments, and the individuals at issue are still in relationships with the target business or these assignments have further assurance provisions that permit the target business to seek additional documents to effectuate the purpose of the original intent of IP ownership, then the acquirer will typically propose that additional IP assignments be executed as a closing condition, or if the IP at issue is less than material, then the acquirer can require new assignments post-closing.

Working with university staff

Many US technology companies, in particular startup companies, often work with professors or researchers from universities. For example, a professor or researcher may be either one of the founders of the target business or a consultant or technical adviser to the business. Sometimes, even graduate students may be involved as interns or consultants. In these cases, additional diligence may be required to verify that there is no overlap between the work these individuals have performed for the business versus the work they have performed for their universities. Even if these individuals have properly assigned their IP rights to the target business, the business may not actually own the developed IP due to such individual's pre-existing obligations to his or her university. Most research universities in the US have IP policies that describe what IP rights are owned by the universities. In general, IP policies of a university require that IP created within the scope of or related to employment with the university or created using any resources of the university, including any research performed at the university or using funding provided to the university, are owned by the university. Most universities also permit outside consulting activities, provided that the individual has complied with the consulting policy requirements, which often require a limited number of consulting hours and notice to or approval by the university.

Jointly developed IP

Technology businesses will often collaborate with others, such as suppliers or customers, and can potential jointly developed technologies through these collaborations. In the case of such joint development, it is important to know what the rights and obligations are with respect to the jointly developed technology. Although the parties to a joint development effort can always determine rights and obligations through a mutual agreement, they often fail to do so. In the absence of such an agreement, the underlying IP rights to the jointly developed technology will be jointly owned by those parties in the US. For jointly owned copyrighted work, each owner has the right to use and may license the work to third parties and may transfer the owner's ownership interest in the joint work to a third party, all without obtaining permission of the other joint owner. However, joint ownership of copyright is by default subject to a duty of accounting to the other joint owner, unless the parties have agreed to otherwise.196 For patentable inventions, each owner would have the freedom to use and to license the invention without a duty of accounting.197 In both cases, a joint owner is likely to be unable to enforce the jointly owned copyright or patent without the joinder of the other owner, as the other owner is likely to be a necessary and indispensable party.

Licensed IP

Restrictions in inbound licences

It is fairly common that technology businesses licence-in technology from third parties. It is not unusual to find that the target business has licensed-in technology or IP rights from third parties, and these are more than just standard off-the-shelf software. These licences can be material to the conduct of the business. In that case, the buyer should verify that the scope of the in-licence granted is sufficiently broad to cover the target company's existing business and contemplated future business. It is very typical for a US-style licence agreement to include at least some form of restriction on assignment. Even if the agreement is silent as to assignability, the default rule under US law is that a non-exclusive licence is not assignable.

Open source software

If a target business offers any software licences, including as a software service, to third parties, it is a virtually certain that the target business uses open source software. Usage of open source software is quite common for software providers as the quality of open source is often quite good due to peer review, and usage shortens development cycles and costs. In general, there are two types of open source software: restrictive and permissive. Restrictive open source (also referred to as copyleft or viral open source) requires modifications, derivative works, or works (including proprietary works) containing or based on the open source, when distributed, to be licensed under the same open source terms. Permissive open source, on the other hand, requires only the original open source and not the modifications, derivative works, or works containing or based on the open source, to be licensed under the same open source terms. Examples of restrictive open source licences are the GNU general public licence version (GPL), the GNU lesser public licence (LGPL), and Affero general public licence (AGPL). An LGPL licence is often used for libraries and is less onerous than GPL in that LGPL allows for dynamic linking of proprietary code with open source code (although not static linking or integration) without subjecting the entire linked work to an LGPL licence. AGPL expands the scope of distribution to include software offered as a service. Because the usage of restrictive open source can potentially jeopardise the value of proprietary code, it is not unusual for an acquirer to require an open source audit as part of the IP diligence.

Rights granted to third parties

Many technology companies, whether they have software-focused businesses or hardware-focused businesses, tend to license some IP rights to third parties such as customers, service providers and suppliers. While most of licences granted by a target business are likely to be non-exclusive licences granted in the ordinary course of business, one should identify whether the target business has granted any exclusive licences or other licences outside the ordinary course of business.

In addition, if the target business licenses any proprietary software to third parties, it will be important to determine whether it has licensed any source code or has entered into any source code escrow agreements and what the release conditions are. Although, in most cases, the release conditions are bankruptcy and insolvency-related, a change in control of the target business could be one of the release conditions as well.

IP infringement risks

IP diligence of a technology business should always include a review of actual or potential IP-related claims and proceedings involving the business. If the business is subject to any infringement claim by a third party, an evaluation of the likelihood of success or failure of the claim, and potential liabilities, needs to be undertaken to assess the need for a reduction in price, escrow or indemnity.

For a technology business, patent infringement claims tend to be the most material, because patent infringement claims are the most costly to address. If a target business is subject to a patent infringement claim, one of the first questions to ask is who is the party asserting the claim. If the party asserting the claim is a competitor or an entity who is in the business of proving products or services, and the target is found to infringe, then there is a potential for an injunction, which could result in serious consequences to the business. On the other hand, if the party asserting the patent is a non-practicing entity (NPE), then the party asserting the patent may be unable to obtain an injunction under US law or the patents at issue may be subject to a mandatory licensing obligation. Many NPEs grant paid-up licences for a lump sum payment and, therefore, these claims are mostly about negotiating the right settlement payment. If a claim by an NPE has already been settled, in many cases, these licences may limit the scope of the licence upon a change in control. For example, the licences will often not extend to the acquirer or its other affiliates, but even with respect to the target business, the licences may become frozen in time to the products and services existing at the time of the acquisition and only to modifications or evolutions of those products, and do not extend to any new products or services of the target. On the other hand, if a claim by an NPE has not been settled, then an acquirer may be concerned that after the acquisition, the combination of the acquirer and the target company may become a bigger target, with the NPE seeking even greater settlement payment. A paid-up settlement prior to the consummation of the M&A transaction is often preferred by an acquirer.

If a target business is found to infringe, the damages in the US can be significant compared to other countries, and US patent law includes the doctrine of wilful infringement, which imposes treble damages on any person or entity that wilfully infringes a patent.198 One common way to mitigate a potential finding of wilful infringement is to obtain an opinion of counsel concluding that the asserted patent is not infringed or is invalid or unenforceable. An acquirer will want to know whether the target business has conducted such analysis or obtained such opinion. The target business may resist sharing this opinion with the acquirer for fear of waiving any attorney–client privilege due to such disclosure. The parties may be able to rely upon the common interest doctrine. There are a number of cases that apply the common interest doctrine and protect attorney–client privilege on the basis that the potential acquirer and seller have a common interest, to the extent the acquisition of the target is near completion.199

Mitigating identified IP risks

Upon completion of the IP diligence, many acquirers will wish to mitigate the risks identified during the diligence process. There are a variety of ways to mitigate these risks, including through additional representations, warranties and indemnities in the purchase agreement, additional closing conditions and implementation of mitigating steps.

For example, open source issues that require the replacement of certain open source code or issues in IP assignments with existing employees that require new IP assignments can be addressed both pre and post-closing. Some risks, such as if a target business is subject to an existing IP litigation, may be addressed through a separate indemnification where the seller of the business may agree to take on some or all of such risks.

National security legal and regulatory framework

No review of the legal landscape impacting technology M&A would be complete without a discussion of US regulations and control regimes restricting foreign investment in, ownership of and access to various classes of assets, businesses, data and technology, all in the name of national security.

The effects of these measures – particularly the foreign investment review process carried out by CFIUS (or the Committee) – can be seen in high-profile Executive Branch orders demanding divestment of Chinese interests in US technology companies or prohibitions on the transfer of US goods and design know-how to designated Chinese entities. The trend is unmistakeable. US regulatory oversight of cross-border technology transactions is tightening, with Congress passing and administrative agencies implementing sweeping changes to law and policy in the form of expanded review jurisdiction, increased economic sanctions and an ever-broadening definition of what capabilities and information come within the ambit of national security warranting protection from foreign investment and access. Investments involving cutting-edge technology have become subject to this increased scrutiny, especially when there is a concern that sensitive technologies and IP will be transferred to a country that is not strategically aligned with the United States.

The result is a complex and ever-evolving set of rules that considerably impact M&A, leveraged finance and private equity transactions, particularly in the technology sector.

i Foreign investment review: the role of CFIUS

Legal underpinnings of CFIUS Review

Under Section 721 of the Defense Production Act, the President of the United States has long held the power to block 'any merger, acquisition or takeover' of a US business by a foreign-owned or -controlled entity if 'there is credible evidence that the foreign entity exercising control might take action that threatens national security'.128 CFIUS is an interagency body chaired by the Secretary of the Treasury that exercises the President's national security review power. CFIUS has authority to review transactions, whether proposed or completed, that could result in control of a US business by a foreign person129 to ascertain a potential threat to US national security.

In conducting its evaluation, CFIUS will assess whether a foreign investor is from a country with which the US has conflict or misalignment of strategic interests and whether the foreign investor is controlled by a foreign government. (Investors controlled by foreign governments typically present more national security concerns than purely private, commercial enterprises.) CFIUS will also evaluate whether the targeted US business engages in activities that are sensitive from the standpoint of national security (e.g., participation in the defence supply chain, dealings with sensitive US government agencies or information, providing services that implicate cybersecurity concerns, access to information affecting the safety and security of US citizens), including whether the US business manufactures, supplies or distributes critical technologies or is part of US critical infrastructure.

Until recently, the statute and regulations contemplated that filings with CFIUS were elective, triggered by the submission of a joint voluntary notice by the parties.130 Following a filing, the Committee would conduct a review of the transaction for possible national security concerns. At the conclusion of this process, CFIUS would either clear the transaction (with or without mitigation conditions) or recommend that the President block it for reasons of national security. If parties received clearance, they secured a legal safe harbour against future intervention by the Committee or the President (subject only to certain extraordinary exceptions, such as a material omission or misstatement of fact).

In the second term of the administration of President Barack Obama, as the strategic and economic rivalry between the US and China began to intensify, the United States pivoted to a more aggressive posture against Chinese acquisition of US technology and sensitive personal data, including Chinese investment in US technology companies. After the inauguration of President Donald Trump in January 2017, CFIUS scrutiny of Chinese-led deals (and also of other foreign investment transactions in the technology and data sectors) dramatically increased. Congress responded to calls that CFIUS be given broader jurisdiction to review transactions, including not just foreign takeovers but also minority investments in particularly sensitive sectors.

On 13 August 2018, President Trump signed the Foreign Investment Risk Review Modernization Act of 2018, which included broad new authorisations and significant revisions to the CFIUS process. Among other changes, FIRRMA gives the Committee a mandate to review minority investments through which a foreign investor could gain management rights in, or access to non-public technical information generated by, a US business that deals in critical technologies, critical infrastructure or sensitive personal information. Moreover, for the first time, FIRRMA defines a category of transactions for which submission to CFIUS is now mandatory, under threat of penalty.131

Parties to a transaction subject to CFIUS's jurisdiction have two options for notifying CFIUS of a proposed transaction (whether the notification is voluntary or mandated under the rules). The traditional process involves the submission to the Department of the Treasury of a notice, a detailed description of the parties, the transaction and the US business to be acquired, the contents of which are dictated by requirements in the regulations.132 Depending on the complexity of a transaction, the review process can be quite involved, stretching from 45 to 90 days or more. In FIRRMA, Congress directed CFIUS to implement an alternative, more streamlined declaration process, intended to result in a determination within 30 days. However, for many complex transactions, this streamlined process is unlikely to secure a clearance, often requiring the parties to go through the full notice process anyway to obtain the safe harbour.

Every cross-border transaction that involves foreign investment in or acquisition of a US business (including assets that taken together comprise an existing US business) must be evaluated to determine whether it falls within the scope of CFIUS's review and jurisdiction.

Key impacts of FIRRMA on CFIUS review of technology M&A deals

As noted, FIRRMA introduced far-ranging changes to the CFIUS process and extended review jurisdiction to categories of transactions not previously subject to scrutiny. A detailed treatment of those changes is beyond the scope of this summary. However, two impacts of the new law that bear directly on takeovers involving US technology companies are an expanded focus on transactions involving companies dealing in critical technologies, critical infrastructure and sensitive personal data, and the treatment of transactions involving certain investment funds.

Focus on the 'TID US business'

FIRRMA requires increased CFIUS scrutiny of foreign investments, including minority investments, in US businesses deemed to be engaged in the most national security-sensitive activities. To implement this, CFIUS introduced a new concept: the TID US business. A TID US business is one that, in some manner, trades in specified technology, infrastructure or data.133

A technology TID US business is one that '[p]roduces, designs, tests, manufactures, fabricates, or develops one or more 'critical technologies'.'134 Critical technologies, in turn, means items (goods, software, technology and, in some cases, services) that:

  1. are subject to heightened US export controls (including under the International Traffic in Arms Regulations, the Export Administration Regulations, and the Department of Energy or the Nuclear Regulatory Commission export regulations); or
  2. become designated in subsequent rulemaking as one or more emerging or foundational technologies.135

Determining whether a US target deals in critical technologies is a key threshold question and one that is highly fact-specific and technical.

An infrastructure TID US business is one that performs specified functions with respect to covered investment critical infrastructure, as specified in a new Appendix A to the CFIUS regulations.136 Appendix A describes certain systems ranging from terrestrial, submarine and satellite telecommunications, industrial resources, energy generation, transmission and storage facilities, financial markets and technologies, maritime and aviation ports, and public water systems. The list is significant because, in the past, CFIUS has generally asserted broad discretion to determine, on a case-by-case basis, which types of infrastructure came within its jurisdiction. The list of covered investment critical infrastructure serves to narrow CFIUS's purview over critical infrastructure only to those assets listed.

A data TID US business is one that '[m]aintains or collects, directly or indirectly, sensitive personal data of US citizens'.137 Sensitive personal data is defined as identifiable data collected by a US business that targets or tailors products or services to certain sectors of the government or one that has in the past year collected data on more than one million individuals (or has expressed a demonstrated objective to do so) in the following categories:

  1. certain financial data that could be used to determine an individual's financial distress;
  2. consumer credit report data;
  3. insurance application data;
  4. heath records;
  5. electronic communications between third-party users;
  6. geolocation data;
  7. biometric data;
  8. data for generating a government identification card;
  9. data concerning government personnel security clearances; and
  10. data in an application for a government personnel security clearance or an application for employment in a position of public trust.

Sensitive personal data also includes genetic test results. This element is where target companies that do not appear to present obvious national security concerns can get swept into CFIUS's jurisdiction.

Even a minority foreign investment in a TID US business triggers CFIUS jurisdiction when the transaction entitles a foreign investor to at least one of three types of rights:

  1. access to any material non-public technical information possessed by the business;138
  2. membership or observer rights on (or the right to nominate an individual to) the governing board of the TID US business;139 or
  3. any involvement (other than through the voting of its shares) in certain substantive decisions of the TID US business regarding the relevant technology, infrastructure or data.

Moreover, the concept of a TID US business is central to the new mandatory notification requirements under CFIUS. Specifically, two categories of transactions must be notified to CFIUS (either through the long-form notice procedure or the short-form declaration process) at least 30 days prior to closing.140

First, a notice is required for a foreign investment (including either a takeover or a minority investment with specified control or access rights) in a TID US business that produces, designs, tests, manufactures, fabricates or develops one or more critical technologies where the TID US business either:

  1. utilises those critical technologies in connection with the TID US business's activity in one or more of 27 industries identified by CFIUS according to their North American Industry Classification System codes; or
  2. designs those critical technologies specifically for use in one or more of the 27 identified industries.141

In addition, a CFIUS notice is mandatory for certain acquisitions of or investments in a TID US business by an investor in which a foreign government has a substantial interest.142

The detailed discussion of the industries, technologies and activities that can render a company a TID US business in the new FIRRMA regulations serves as an important signal to the marketplace as to which classes of acquisition targets warrant careful CFIUS scrutiny. So much of what makes up the technology sector of the US economy involves touchpoints with critical technologies, critical infrastructure and sensitive personal data. Parties to any M&A deal implicating these factors should consult with qualified US CFIUS counsel as a central element of transaction planning.

Treatment of certain investment funds

In FIRRMA, Congress provided for a specific carve out from CFIUS jurisdiction for acquisitions undertaken by certain US-controlled investment funds that include foreign limited partner investors. This is particularly relevant for investments in the US technology sector, which are often made by private equity, venture and other funds that include participation by foreign capital. If certain criteria are met, 'an indirect investment by a foreign person in a TID US business through an investment fund that affords the foreign person (or a designee of the foreign person) membership as a limited partner or equivalent on an advisory board or a committee of the fund shall not be considered a covered investment'.143 To qualify:

  1. the fund must be managed exclusively by a general partner, managing member or equivalent who is not a foreign person;144
  2. the foreign person must not sit on or have the right to appoint a member to an advisory board or committee that:
    • has authority to approve, disapprove or otherwise control investment decisions of the fund;
    • has authority to approve, disapprove or otherwise control decisions by the general partner, managing member or equivalent 'related to entities in which the fund is invested;' or
    • provides the foreign person access to material nonpublic technical information;145 and
  3. the foreign person must not otherwise have the ability to control the fund.146

This fund clarification provides parties a valuable guide for how best to address CFIUS jurisdiction over a transaction by carefully structuring foreign participation in an investment fund context. CFIUS will, in its review of an acquisition or investment by an LP or equivalent structure, scrutinise the underlying investment documents to evaluate the rights, entitlements and authorities conferred on foreign investors. Where possible, these documents should be drafted to address in clear terms aspects of the limited partner and managing member relationship that touch upon the criteria outlined by the new regulations as described above.

Finally, the regulations clarify that, where a foreign government-controlled entity invests solely as a limited partner or non-managing member in a fund with a general partner, managing member or equivalent, that foreign government's interest, at any level of equity, will not be counted as a substantial interest in the fund's investment in a TID US business sufficient to trigger a mandatory filing with CFIUS. Instead, the substantial interest trigger for purposes of mandatory filing will only come into play where a foreign government-controlled entity has at least a 49 per cent interest in the general partner, managing member or equivalent entity of the investment fund itself.147 This provision will go a long way to limiting the CFIUS obligations and exposures of a fund that takes in equity from foreign sovereign wealth or government retirement fund investors solely as limited partners.

Impacts of CFIUS on recent technology transactions

CFIUS review was once regarded as necessary only for transactions involving military supply chains or large-scale infrastructure, or in circumstances posing clear espionage risks. Times have changed, driven by two factors: a number of advanced technologies have direct and indirect national security implications, and access to sensitive personal data of US citizens is something that certain nation states are seeking to obtain and exploit.

The government is particularly focused on maintaining technological superiority over strategic rivals, especially China. Numerous government actions, including the outcome of reviews before CFIUS, have raised concerns over transfers of technology in such disparate fields as artificial intelligence, autonomous vehicles, augmented reality, semiconductors and financial technology, all areas the government has signalled are foundational to future US strategic success and innovation.148 President Trump's decision in September 2017 to block Canyon Bridge Capital Partners' US$1.3 billion proposed acquisition of Lattice Semiconductor was that administration's introductory move in treating private sector-driven technology as a component of national security.

Since that action, the administration has repeatedly focused on sensitive data as a core national security concern for CFIUS. Most prominently, CFIUS launched a post-closing review of ByteDance Ltd's acquisition of Musical.ly, a transaction that resulted in the merger of Musical.ly's US social media app with ByteDance's TikTok. The parties undertook the transaction in 2017 without seeking CFIUS clearance. That turned out to be a fateful decision. On 14 August 2020, President Trump issued a directive ordering that ByteDance divest all interest in Musical.ly (including the TikTok app in the United States) within 90 days, a move widely seen as arising out of concern that ByteDance, which is Chinese-controlled, could use the app to gain access to personal data of millions of Americans. This aggressive action followed similar decisions taken by the Trump administration against other non-notified transactions in the tech sector. In 2019, the President issued an order requiring the Chinese acquirer of Grindr, a US social medial app, to divest its investment over similar concerns regarding personal information, according to public sources.

ii Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (previously, Team Telecom)

CFIUS is not the only regulatory regime focused on reviewing the national security implications of foreign ownership in the technology sector. In the case of regulated telecoms infrastructure, an interagency process led by the DOJ and the US Department of Homeland Security regularly conducts national security reviews of transactions that could result in foreign control of an entity holding licenses issued by the Federal Communications Commission (FCC).

This process, known as Team Telecom, long operated on the basis of interagency agreements and ad hoc norms. On 4 April 2020, President Trump issued an Executive Order establishing a Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (previously known as Team Telecom). The Order formalised the Team Telecom process, adding procedures not unlike those followed by CFIUS, with an initial review and secondary assessment period. At the conclusion of the review, the Committee can issue an unconditional grant of approval for transfer of an FCC licence, grant approval conditioned upon standard or non-standard mitigation measures, or deny an application or otherwise revoke the affected licence.

iii Export control regulations that affect technology transactions

Laws primarily directed to regulating foreign access to commodities, materials, software and technology can have dramatic impacts on technology transactions, especially those involving information that has military or classified applications. Some aspects of these laws are expressly triggered by proposed foreign control over companies that handle this type of information. Others, however, are implicated by the broad concept that restricted transfers of controlled information can occur in the course of activities undertaken in connection with a foreign takeover, including due diligence, facilities inspections, technology licensing arrangements and even employment of foreign nationals.

The following US export controls and various defence and military regulations may impact tech transactions.

Export Administration Regulations: 'dual-use' and civilian export controls

The Export Administration Regulations (EAR), administered by the Bureau of Industry and Security (BIS) of the Department of Commerce, is the primary set of rules regulating the export of civilian, dual use items. These are items that have significant commercial and non-military application, but heightened control over foreign access is still warranted for reasons of national security, nuclear, chemical and biological non-proliferation, missile technology controls or law enforcement considerations.

An extremely wide variety of goods, software and technology are subject to heightened controls under the EAR. The restrictions on a particular export of these items will depend primarily on the specific export classification at issue, the destination of the export and, in some cases, the end use or end-users. These classification levels and other triggers for restriction are set forth in the EAR.149 Importantly, categories of classification subject to heightened control include most forms of commercial encryption technology, as well as sophisticated electronics, computing and navigation or process controls.

Unless an item is exempt from all control (e.g., as in the case for some fundamental research or information in the public domain), transfer to a non-US person can be subject to some level of restriction. Covered items that do not meet a specific heightened control classification under the EAR are still designated under a default, or category, known as EAR99. EAR99 items are freely exportable without special authorisation (or licence) from BIS, except in specified circumstances, including exports to countries or nationals subject to US sanctions or transfers to sanctioned or denied persons.

Importantly for technology transactions, a restricted export can occur in a variety of ways, including through oral or visual disclosures or through email communications.150 Release or disclosure of controlled technology or software source code to a foreign national is also an export, even when it occurs within the United States.151 Because non-US person employees of an acquirer might access controlled technology, either in due diligence or in the course of employment or other business post-closing, most M&A transactions require an analysis to determine whether export controls are implicated.

Additional changes are on the horizon. The Export Control Reform Act (ECRA), which was enacted in 2018 as part of the same legislation that included FIRRMA, established an inter-agency process led by the Commerce Department to identify emerging and foundational technologies that are deemed essential to US national security and not otherwise already controlled under the EAR. Based on initial notices published by BIS, broad swaths of the technology sector could come under heightened control, particularly for export to China, ranging from artificial intelligence and deep learning, quantum computing, cybersecurity, autonomous driving, biomedical developments, semiconductor manufacturing to other fields that currently dominate the demand for venture capital. The ECRA provides for a notice and comment period for the proposed designation of certain technology as an emerging and foundational technology. At the time of writing, the comment periods for both emerging and foundational technologies are underway – no heightened controls for any category of technology have yet been promulgated. However, the impacts on technology transfers of heightened controls over emerging and foundational technologies could well remake the landscape for technology M&A for years to come.152

International Traffic in Arms Regulations and National Industrial Security Program Operating Manual

Specific regulatory processes can also be triggered for proposed takeovers of technology firms that are engaged in defence activity (manufacture or export of defence articles or provision of defence services), while firms that hold security clearances from the government to receive, access or store classified information must observe certain foreign ownership restrictions.

Under the International Traffic in Arms Regulations (ITAR),153 an entity engaged in the manufacture or export of defence articles (including defence technology) or the provision of defence services must be registered with the Department of State, Directorate of Defense Trade Controls (DDTC). The items subject to controls under ITAR are specified on the US Munitions List (USML) and include traditional military hardware, as well as space and satellite technologies and even certain cybersecurity tools and technology.154 The ITAR requires that a registrant must notify DDTC 'at least 60 days in advance of any intended sale or transfer to a foreign person of ownership or control of the registrant or any entity thereof'.155 Filing such a notice can trigger a further evaluation of the transaction and the acquiring party, and can even result in a referral to CFIUS for formal review.

The US National Industrial Security Program (NISP) encompasses the processes and requirements by which companies and individuals can be granted security clearances to receive, access or store classified information. Only US-incorporated entities are permitted to hold security clearances and employ cleared individuals, who themselves must be US citizens. Any transaction (including a takeover) that could result in foreign ownership, control or influence (FOCI) over a cleared entity must be reviewed by the US Department of Defense (DOD).156 Specifically, companies that hold a security clearance must file an updated Standard Form 328 (SF 328) whenever there is a 5 per cent or greater increase in the ownership of their voting or investment-right stock by a foreign interest.157 The DOD will then review the transaction to determine whether the foreign ownership stake will cause the cleared entity to be regarded as under FOCI.158 Failure to mitigate FOCI (including by divesting the foreign ownership or ringfencing that interest though proxy or other approved means) can result in loss of clearance.

Employment issues

i Misclassification of independent contractors

Employers should be wary when hiring individuals as independent contractors because US courts are expanding the definition of employee to include individuals once considered independent contractors, giving them rights and benefits that inure to a traditional regular employee–employer relationship, This can result in significant unexpected costs. In general, potential liability for the incorrect classification of an employee as an independent contractor arises from incorrect tax withholding and reporting and denial of employee medical benefits. Wages paid to employees are reported on a Form W-2 and are subject to applicable withholding, and there are related employer payroll taxes. Service fees paid to contractors are reported on a 1099, with no withholding and no payroll tax obligations. With respect to benefits, potential liability arises in connection with a medical catastrophe, such as a heart attack or a major injury, where the contractor subsequently seeks for the company to cover medical expenses arguing that, as a result of misclassification, the service provider was incorrectly denied benefits.

US law and analysis of whether an independent contractor should be classified as an employee is constantly evolving. Historically, the IRS used a 20-factor test to determine whether a service provider was an independent contractor or employee.200 Simplified, the 20-factor test focuses on the degree of control with respect to how services are performed. States have begun to adopt their own standards for determining independent contractor status, potentially creating a situation where an individual may be a contractor for federal tax purposes but an employee for state tax purposes. Effective 1 January 2020, California codified the 'ABC' test resulting from the 2018 California Supreme Court decision in Dynamex Operations West Inc v. Superior Court of Los Angeles.201 In Dynamex, the Court determined an employer must prove the following three elements (A-B-C) to rebut the presumption that a worker is an employee:

  1. the worker is free from the control and direction of the hiring entity in connection with the performance of the work;
  2. the worker performs work that is outside the usual course of the hiring entity's business; and
  3. the worker is customarily engaged in an independently established trade, occupation or business.202

In the technology industry, employers often experience surges in demand that cause a need for a larger workforce in a short period (or vice versa). In addition, many individuals prefer to provide services as contractors instead of employees and, when labour is in tight supply, employers may be willing to bring on a service provider as a contractor if that is the easiest way to acquire talent. Acquirers typical take a target's workforce as is. An acquirer should carefully review a target's employee and contractor classification decisions so as to avoid misclassification liability post-closing.

ii Misclassification of overtime-exempt employees

The technology workforce is often highly educated and highly compensated. Companies often, without thought, classify all employees as exempt from the overtime requirements of the Fair Labor Standards Act (FLSA). Misclassifying an employee as exempt may result in large monetary penalties for not paying a minimum wage or overtime compensation for hours work over 40 per week up to three years prior to the date of the claim; and additional penalties for other wage and hour compliance failures (such as not providing required meal and rest breaks).

The FLSA provides that the following categories of employees are properly classified as exempt:

  1. white-collar workers, such as executives, administrators, professionals and outside salespersons;
  2. computer professionals;
  3. workers in industries such as transportation, bulk oil distribution, domestic service, forestry, retail service, communications and agriculture; and
  4. employees working under special certificates, such as full-time students, learners, apprentices and disabled employees.

To qualify for one of the above FLSA exemptions (meaning, in general, the employee is not eligible for overtime), employees must generally satisfy specified tests regarding their job duties and annual salary. Given the potential large liability resulting from a misclassification, it is important to review classification decisions as part of the diligence process.

iii Non-competition agreements

Recognising that the focus of many technology acquisitions is the acquisition of key talent, preventing newly acquired employees from resigning and joining a competitor is often a key value concern. State law continues to evolve in favour of supporting the free movement of talent, making enforceability of non-competition agreements more and more difficult. California, Washington and Massachusetts are leading this evolution.

In California, 'every contract by which anyone is restrained from engaging in a lawful profession, trade, or business of any kind is to that extent void'.203 While an employer may prohibit an employee from joining a competitor during employment, absent an exception to this statue, an employer cannot prevent an employee from resigning and joining a competitor. Some California courts have interpreted this statute broadly such that customer non-solicits, employee no-hire provisions and, recently, employee non-solicit provisions have all been determined to be non-competes in violation of California law.

The most relevant California exception in M&A is the sale of business exception.204 Simplified, significant shareholders selling a business may agree to refrain from competing with the business for a reasonable period of time. A significant shareholder is anyone owns a meaningful equity interest in the company being sold, with courts generally determining that meaningful requires equity holdings of at least somewhere between 0.1 to 7 per cent at the lower end. Note that an option holder is not a shareholder and, as a result, it is common to require key employees to exercise stock options prior to a transaction closing so that key employees can be treated as shareholders.

Massachusetts has adopted new non-compete limitations effective 5 October 2018.205 Under this new law, a non-compete duration is limited to 12 months, and non-competes will not be enforced against employees whose employment was terminated without cause. Furthermore, to support a non-compete, an employer must provide garden leave payments a la Europe of at least 50 per cent of the employee's base salary. There is no sale of business exception in the Massachusetts statute as is the case in California.

Washington adopted new non-compete limitations effective 1 January 2020.206 Among other requirements, this new law limits non-competes to only employees earning more than US$100,000 per year and requires garden leave payments (generally, continued payment of base salary) to support a non-compete for employees who have been laid off. As with Massachusetts, there is no sale of business exception in the Washington statute.

Numerous other US states have non-compete legislation that imposes various limitations. However, even in states (or non-US jurisdictions) without a specific statute, a non-compete generally will not be enforced unless it can be shown that the non-compete is reasonable in duration and scope and protects a legitimate business interest of the former employer.

iv Retention arrangements

Many acquirers struggle with the question of how best to compensate newly acquired employees. This is particularly problematic for a strategic buyer. The buyer needs to provide appropriate incentives to motivate newly acquired employees while being cognisant to not overcompensate those same employees with respect to the buyer's similarly situated current employees.

Many strategic buyers will continue, or assume, a target company's equity compensation programme. Leaving unvested awards outstanding mitigates the need to provide new equity compensation, while the remaining vesting schedule provides an immediate retention programme.

However, it also is common to provide an additional retention pool to further incentivise and motivate new employees. Often, this is a cash-based programme of a specified amount that vests either subject to continued employment (most commonly one-third per year over three years) or upon satisfaction of target company performance objectives.

v Section 280G Internal Revenue Code

Section 280G of the Internal Revenue Code of 1986, as amended, and related Section 4999 work together to impose a 20 per cent excise tax on compensatory change in control-related payments to certain individuals and deny the paying of corporation deductions on those same payments. Together, these code sections are commonly referred to as the golden parachute rules.

The golden parachute rules apply to officers; the 1 per cent most highly compensated target employees when ranked by compensation paid over the past 12 months (which often overlaps with the officer group); and 1 per cent shareholders. These individuals are referred to as disqualified individuals. In the event a disqualified individual receives compensatory change in control payments that exceed three times his or her average annual taxable income paid by the target company or a related company for the five years prior to the year in which the change in control occurs (or, if shorter, for as long as the individual provided services), then all amounts in excess of one times his or her average taxable annual income is subject to the 20 per cent excise tax and loss of deductions.

The determination of what is a compensatory change in control payment is broad. In general, this captures all payments, compensatory in nature, that a disqualified individual receives because of a change in control. Obvious payments are transaction bonuses and deal-related equity vesting acceleration. However, there is a presumption that any out-of-the-ordinary course payments provided in the 12 months prior to a change in control, and any severance paid in connection with a termination of employment within 12 months following a change in control, are compensatory change in control payments. The presumption may be rebutted with clear and convincing evidence that the payments would have been made in the absence of a change in control. Compensatory change in control payments also include payments made after a change in control pursuant to agreements entered into before a change in control; however, payments made pursuant to agreements entered into after a change in control, even if immediately after closing, are not compensatory change in control payments. In addition, amounts received due to someone's status as a shareholder (including as a vested option holder) are not compensatory change in control payments.

Two exceptions are commonly used to exempt amounts from the application of the golden parachute rules. First, amounts that are reasonable compensation for future services are exempt. This exemption is less useful than it may seem, as any amounts greater than recent historical compensation likely are not reasonable. With that said, a replacement equity grant, relatively consistent with prior grants, often will qualify as reasonable compensation for future services.

The more commonly used exemption is the shareholder approval exemption. Available for private companies only, if more than 75 per cent of disinterested207 voting power approves payments, the approved payments are exempt under the golden parachute rules.

Data protection

i Overview

Data privacy and security considerations arise in almost all transactions, but are at their most prominent in transactions involving technology companies. Where a business being acquired is built online, or relies on customer data as a key element of its product, the fundamental strength of the business depends upon the integrity of its networks and databases, and the thoroughness with which it protects personally identifiable information and complies with applicable law. The consequences of breaches, unauthorised disclosures and non-compliance can be severe not only financially, but reputationally and operationally as well.

Data privacy and cybersecurity concerns include not only the obvious customer and employee privacy and security concerns, but also marketing, healthcare and other aspects of a business's operations. Many of the issues that arise constitute whole practice areas on their own; in conducting privacy and cybersecurity diligence, the key is to ask the right questions.

This is complicated in the United States by the absence of any generally applicable data privacy law. States like California have begun adopting laws at the state level, and the California Consumer Privacy Act (CCPA) has set the tone nationwide, but as yet there is no US equivalent. Privacy and data security requirements stem from a patchwork of sector-specific federal laws and regulations, which in conjunction with state laws and international regulations applicable to US-based companies with global reach create a complex compliance environment. As a result, counsel conducting diligence in such transactions have an array of lines of inquiry to follow.

ii Key laws and regulations

CCPA

The CCPA gives California residents important new rights in relation to their personal data. Like the European Union's Global Data Protection Regulation (GDPR), the CCPA also appears to have extraterritorial effect (see below for further discussion), and organisations should therefore conduct an analysis to confirm whether they will fall within the remit of the CCPA and, if so, what steps, if any, they need to take towards compliance.

The CCPA provides protections and rights in relation to the personal information of California residents. In the simplest terms, a resident is an individual who lives in California and the rights provided under the CCPA do not cease to exist when the individual leaves California for a provisional period, such as a holiday. However, the CCPA caveats this slightly by clarifying that it does not apply to the collection or sale of personal information 'if every aspect of that commercial conduct takes place wholly outside of California'.

To fall within the scope of the CCPA, an organisation must:

  1. collect the personal information of California residents (either directly or through a third party);
  2. be for-profit, therefore excluding, for example, not-for-profit charities or public authorities;
  3. 'do [ ] business in the State of California';
  4. determine the purposes and means of processing, like a controller under the GDPR; and
  5. meet one of the following conditions:
    • the business must generate annual gross revenue in excess of US$25 million;
    • the business must receive or share personal information of more than 50,000 California residents annually; or
    • the business must derive at least 50 per cent of its annual revenue by selling the personal information of California residents.

The CCPA also applies to any entity that controls or is controlled by a business that meets the requirements above, and that shares common branding with such a business.

Where the CCPA applies, it imposes requirements including notices to be provided to data subjects, requirements for processing and deletion of data, and obligations to respond to requests for access and deletion of data. Its scope is broad, and the penalties for non-compliance severe, particularly under the private right of action.

Illinois Biometric Information Privacy Act

While it has been on the book (and occasionally enforced) since 2008, Illinois' Biometric Information Privacy Act has garnered increased attention in recent years as the growth of biometric data collection has grown. The law includes protections addressing the gathering, storage and destruction of biometric information, including requirements for consent, security protections and deletion. In 2020, social video app TikTok was sued by several minors for alleged violations of the law, the latest in a string of lawsuits alleging violations by companies against their customers and against employees.

Health Insurance Portability and Accountability Act

While not applicable to all entities, the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules impose a variety of strict compliance requirements on covered entities and business associates. HIPAA's requirements can also apply to companies that self-insure their employees' health plans. Given the sensitivity of health data, HIPAA compliance is critical to examine where it is determined that the law applies.

GDPR and EU–US Privacy Shield

Perhaps the world's most widely known and widely applicable data privacy and data protection regime, the GDPR applies to the processing of personal data (information that directly or indirectly identifies an individual). The GDPR has extraterritorial scope, meaning it can apply when: the personal data being processed belongs to a person outside the EU; the personal data is being processed outside of the EU; or the organisation processing the personal data is not itself established in the EU.

The GDPR was implemented to build on previous legislation while also introducing new principles, rights and obligations, protecting the rights and freedoms of individuals and their personal data while harmonising data protection legislation across the EU. Under the GDPR, regulators can impose fines of up to €20 million or 4 per cent of annual global turnover. The GDPR also sought to increase the focus and attention on security of data, strengthening the obligations upon organisations holding data and introducing a mandatory reporting obligation for personal data breaches.

GDPR compliance has become its own industry, and while comprehensive GDPR compliance audits are not commonly a part of the transactional diligence process, it is important to consider GDPR issues given the potential scale of liability.

Also governed by the GDPR are transfers of data from EU Member States to other jurisdictions. Although the GDPR provides a number of avenues to facilitate such transfers, one of the more popular, the EU–US Privacy Shield was invalidated in 2020 by the Court of Justice of the European Union in an opinion also addressing the use of standard contractual clauses.

Telephone Consumer Protection Act and Controlling the Assault of Non-Solicited Pornography and Marketing Act

The Telephone Consumer Protection Act (TCPA) and Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM) govern privacy practices associated with telemarketing, text messaging, commercial faxing and email. TCPA litigation has rapidly expanded in recent years, and is a highly complex area of law. While CAN-SPAM compliance is in some respects more straightforward, the common thread in both bodies of law in transactional diligence is looking to see whether a business has a plan to ensure compliance.

Payment card industry data security standards

While not a body of law (rather, the Payment Card Industry Data Security Standards (PCI-DSS) are an industry-defined standard), compliance with the credit and debit card industry's PCI-DSS standards is critical for any entity accepting cards for payment and processing those transactions. Software companies who provide systems used to support e-commerce or that interact with payment pages must also be mindful of their strict requirements and steep penalties for non-compliance.

iii Approaching privacy and data security diligence

Privacy and data security diligence in technology transactions primarily relies on legal practitioners ensuring they ask the right questions during initial diligence (to help get the lay of the land).

As much as it is important to know what to look for, however, it is also important for counsel to know their own limitations, particularly with respect to technical expertise. Diligence functions are not full audits, and most attorneys are not, in any event, technically proficient enough to substantively evaluate cybersecurity practices, technical security measures or the substantive content of all the policies that contribute to a security programme. Counsel should know, and advise their clients of, the limitations in their expertise; where technical issues are critical, specialists within a firm, or specialist technology consultants, can be brought in (as is done with tax and accounting matters) to bring necessary expertise to bear.

iv Key practice tips

Understanding the scope of data

It is critical to understand what information a company holds about individuals, who those individuals are (particularly their nationality), where the data is stored, and how it is used and shared. Nearly all companies have data about employees in connection with the employment relationship, but beyond that, companies collect information about customers, about users, about competitors, and about potential customers and users of their services. Understanding what this data is helps define the scope of the diligence exercise: if a company holds information about European citizens, for instance, that is an immediate indicator that GDPR compliance needs close examination; if they hold data only about their employees, and they have no operations in California, on the other hand, CCPA compliance is likely to be less of a concern.

Understanding the privacy framework in place

Enquiring about the status of data protection policies and practices, including looking at privacy policies, can indicate how proactive the company is about managing data privacy issues. Privacy policies published on websites are a great resource of information even before initial diligence responses are received. If a privacy policy contains CCPA or GDPR notices, that indicates the company had some reason to believe they needed to address those laws. A smart counsellor will enquire as to why. Because so much of privacy and data security is consumer-facing and user-facing, publicly available information can in many cases be just as valuable as confidential data room documents.

Evaluating the approach to security

Information security presents myriad challenges to companies of all shapes and sizes, and there is no one-size-fits-all approach. Two of the best starting points are to ask for copies of all information and data security-related policies and plans (such as business continuity plans, incident response plans, mobile device policies, access controls, data and change management policies, physical access policies and so forth), and for copies of any third-party privacy and cybersecurity audits.

In particular, reports of SOC2 Type 2 audits are frequently valuable not only for the information they contain (which details the information security controls companies have, as well as the infrastructure which underlies their data systems), but also for the evidence they provide of a company's attention to these types of issues.

Subsidies

Direct government subsidies are rare in the United States, and governments (federal and state) do not typically own commercial properties.

Due diligence

In the United States, virtual data rooms are ubiquitous and offered by a variety of vendors. The data room is usually populated in stages, especially in an auction setting, and is configured to cover recurring main topical areas (governing documents, financial statements, taxes, material contracts, etc.), and other areas that a buyer may request of particular importance. The US practice is not to treat everything in the virtual data room as having been disclosed to the buyer for the purposes of qualifying the representations and warranties or materiality, and so this differs, for example, from the UK approach.

If the buyer is a large strategic entity, most diligence will be done by its internal business and legal staff, supplemented by diligence conducted by outside counsel in cases where the buyer feels the need to access outside counsel resources or expertise. Most large strategics have, as a necessity when doing many acquisitions per year, a standard diligence playbook and list of diligence requests.

Except in obvious cases of non-relevance, it is usually not wise to avoid these diligence requests as they generally not be waived. It is usually more efficient to try to limit the breadth of the requested data and to quickly try to find personnel matches between the buyer and seller so as to create mini-teams to work through diligence requests. Private buyers will generally have the same categories of diligence requests, but typically rely on outside counsel and advisers on matters of general diligence, tax, accounting, IP viability and strength, marketing and employee benefits. Typically private buyers can move quickly through diligence, and have more flexibility in determining what is enough, as the reporting level is usually from outside service providers directly to the decision makers.

The areas that receive intense focus in technology transactions involve:

  1. ownership and strength of the IP (whether patents, software or otherwise);
  2. use of open source software,;
  3. export licences and compliance for products to foreign jurisdictions;
  4. employee assignments of IP to the employing entity;
  5. compliance with privacy laws;
  6. cybersecurity and strength of protection culture;
  7. churn rates for customers;
  8. tax position and compliance;
  9. compliance with the US Foreign Corrupt Practices Act; and
  10. antitrust (both US and foreign).

The end result of the diligence process is typically memorialised in a due diligence memorandum given by the legal team to the client (or internal business or legal head). In private equity transactions, this memorandum is usually also shared with the lenders and their counsel, so particular care needs to be given to the contents of the due diligence memorandum as it will not be an attorney–client privileged document.

Depending on the state of the market and the desirability of the asset, the due diligence period can last for several months, and as quickly as a week or two on the legal side. Investment bankers for the target will front-load business financial diligence and then put a short fuse on the legal diligence side and terms of the sale contract when the bankers feel they have a hot asset. In these types of fast-moving deals, strategic buyers often suffer a disadvantage because some cannot move at the requested speed, while private equity buyers can move extremely fast if convinced by the business case so long as the debt markets are open.

Dispute resolution

In the US most disputes involving M&A are brought in state or federal courts. Some larger buyers insist on arbitration. If the acquisition agreement has a provision adjusting the purchase price for working capital, disputes over these provisions are usually settled by submission and an arbitral-type decision by an accounting firm.

Outlook

History shows an inexhaustible supply of prognosticators who have deeply held and certain views about what will happen to the local and world economy over the next 12 to 24 months, decade or millennium. The ubiquity of covid-19 and its negative effects on the demand side of the economy, confidence in general, the fiscal response and unemployment, as well as the fundamental questioning of the just-in-time interconnected world supply chain, belie any sane person having a religious belief in any predictive statements of what will happen a year or two from now. We all ought to be humble in our predictive prognostications.

What we are seeing now in the US is, in one sense, a tale of two cities. Technology companies in general, and especially those whose daily focus is on remote-work environments and access or on security, are doing extremely well. They can effectively function in a remote environment as they rely on software, social media, access to products online and connectedness, all things in high demand. Those businesses that produce or provide actual things (again ignoring the componentry and devices that run the virtual world), such as travel (airlines and cruises), retail shopping (malls), food (restaurants) and so many other services that are fundamentally non-tech (salons, gyms, religions (places of worship)), perhaps 'holding hands', have been very hard hit indeed. The commercial real estate market obviously cannot survive in its current form with only half (maybe) of its corner office denizens commuting to work into tall, crowded, elevator-necessary structures.

At the same time, we are seeing many nations move to protect their 'own' industries, and doing so by enhancing their foreign investment laws and, without admitting it, their antitrust laws – this further threatens the just-in-time culture and efficiency of the global supply chain that has been the darling of the business world the past 15 years.

It is a fair prediction, I think, that technology companies will do quite a bit relatively better over the next 12 to 24 months than all other categories, and, for the most part, they are better adapted to meeting challenges forced on them by the current environment. As such, technology M&A will also do better than their counterparts over the same period: they will attract more venture and other investments and, despite any fall from their stock market heights as of 15 September 2020, continue to be a vibrant M&A market, especially with its backlog and the low-interest rate environment. However, not everyone over that same period can work for a technology company, and any advantage that technology companies have cannot endure with a protectionist and high tax regime aimed at it and its employees, or an enduring social and industry economic environment that fosters a tale of two cities.

Footnotes

Footnotes

1 Michael J Kennedy is a partner at Paul Hastings LLP. The author wants to thank and acknowledge colleagues who contributed their time and expertise to this chapter, including Michael Wise, Sherrese Smith, Ziemowit Smulkowski, Jane Song, Daniel Stellenberg, Scott Flicker, Richard Horvath, Lindsay Sparks, John Gasparini and many others.

2 See Merger Market Datasite 'HY 2020 Deal Drivers Americas'.

3 ibid.

4 Albeit with people actively charged with maintaining hardware and software being deemed essential workers for the purposes of not being subject to stay at home orders.

5 Yardeni.com, Figure 18 'FAANGM Market Share Cap of S&P 500'.

6 AT&T, Microsoft, Google and Facebook. Note that Google and Facebook emerged during Microsoft's supposed dominance, and that Apple, which was one of the companies noted as being destroyed by Microsoft, has done quite nicely.

7 31 July 2017, Richard Yhieme speaking to the DefCon 25 hacker conference said: 'Privacy is nonexistent. It does not exist in the way it existed. The 20th century framework in which we think about those things is effectively ending.'

8 Stuxnet, an alleged Israeli worm, reportedly ruined one-fifth of Iran's nuclear centrifuges.

9 See Open Access Government (18 December 2019) 'Hacking back: the dangers of offensive cyber security'. In short, hacking back can be illegal: one can hack back (or be fooled in to hacking back) into the wrong target, and, for example, disable a power grid, or artificial intelligence used in hacking back can 'learn' bad behaviour. Attacking back also increases the odds of a more concerted counter-attack.

10 See Section III.

11 See Section III.

12 For example, private equity funds need to look closer at their limited partner base in determining whether a particular transaction presents a CFIUS risk.

13 For example, Australia has made its foreign direct investment monetary threshold zero, meaning any deal, no matter how small, can be caught up in its foreign investment review programme.

14 PWC: Technology Deal Insights: Mid year 2020.

15 Most United States companies of note are incorporated in the state of Delaware, and for this reason most acquisition agreements are governed by Delaware law.

16 The drop-dead date, or outside date, is the date after which either party can terminate an agreement.

17 The debt commitment letters expired automatically after a certain date.

18 These are effectively the three market exchanges.

19 For our purposes, a company with publicly traded debt, but no publicly traded equity, is considered private.

20 Delaware also provides for general and limited partnerships (LPs) as well as limited liability companies (LLCs). Again, for commercial businesses of meaningful size, most would be organised as Delaware corporations unless particular tax or other business reasons dictate a different choice.

21 See, e.g., 'Business Judgement Syllogism', Mergers & Acquisitions in the High-Tech Environment, PLI (1999), Michael J Kennedy.

22 Smith v. Van Gorkom, 488 A.2d 858 (Del. 1985).

23 See, e.g., Unocal Corp v. Mesa Petroleum, 493 A.2d (Del. 1985); Revlon Inc v. MacAndrews & Forbes Holdings, Inc, 506 A.2d 173 (Del. 1986), Paramount Communications, Inc v. Time Inc, 571 A.2d 1140, 565 A.2d 280 (Del. 1989), Paramount Communications Inc v. QVC Network Inc, 637 A.2d 34 (Del. 1994) and Corwin v. KKR Financial Holdings, LLC, 125 A.2d 304 (Del. 2015).

24 See generally Section 14 of the 34 Act, and Regulation 14D.

25 The HSR dollar thresholds are adjusted annually.

26 A second request essentially is a subpoena demanding the production of all documents that bear on each company's competitive position, and can be quite burdensome to comply with.

27 See above.

28 See CFIUS Reform under FIRRMA, Congressional Research Service (21 February 2020).

29 This goes beyond the current US–China battles over trade and Tik-Tok. Essentially, covid-19 has focused sovereign states on protecting what they have in a world where connectedness has suffered a setback or created its own threats.

30 Pension laws, sales tax, privacy laws, Federal Communication approvals, etc.

31 Delaware adopts a pro-sandbagging position. In New York, if a buyer knew of a breach based on seller disclosure it will not be protected unless the contract is explicitly to the contrary.

32 More and more private transactions are structured with no contractual indemnities (other than for ownership and authority representations) given the availability of representation and warranty insurance.

33 Most venture-backed technology companies are established as corporations with common equity and a series of convertible-preferred stock issued to the venture investors. Private equity structures can be byzantine in structure involving on and offshore funds and co-investors.

34 For an example of a reverse triangular merger, see the Logmein transaction described in Section II.

35 See Section 251 of the Delaware General Corporation Law.

36 See Section 368 of the Internal Revenue Code.

37 Typically either in the technology company's charter or in a stockholders agreement, there will be a drag along contractual provision allowing, in effect, the controlling shareholders to force the other shareholders to sell – thus replicating the result that can be obtained in a merger.

38 The target board must give its recommendation for or against, or be neutral, and can always adopt a poison pill to negate any tender offer timing advantage.

39 In effect offering a perceived high price that expires unless the auction is ended.

40 See, e.g., Functional Fairness (PLI 1999; Michael Kennedy).

41 A merger of equals would involve something like 50 per cent ownership by each company and could be structured by use of a new company.

42 Readers can view the Forescout MAE clause by going to 'sec.gov', typing in 'Forescout' in the Company filing box and reviewing Annex A to Forescout's proxy statement filed on 24 March 2020.

43 Akorn, Inc v. Fresenius, 198 A.3d 724 (Del. 2018).

44 Although now there are virtually no inbound Asian, or especially Chinese, transactions, prior to 2019 virtually all such deals had reverse break-up fees for CFIUS failure.

45 See, e.g., 'Best Efforts' Standards Under New York Law: Legal and Practice, Glasser Legalworks 2004 (David Shine).

46 For an excellent analysis of antitrust reverse break-up fees, see Dale Collins' annual study at 'https://wwww.antitrustunpacked.com/?itemid=74.

47 These termination provisions almost always allow the initial buyer to match any higher bidder, and the match process can go multiple rounds.

48 Often, the largest part (by words) of the purchase price section by far is the numerous sections dealing with incentive equity.

49 See, e.g., 'Paying Attention to Biotech M&A Earnout Payments' in Life Sci VC (22 February 2012).

50 It is more than a common occurrence that employee IP assignments are 'misplaced', or are only backward-looking and do not convey IP created during employment.

51 Typically 50.1 per cent is all that is needed, in addition to any preferred stock class or series vote.

52 Omnicare, Inc v. NCS Healthcare, Inc, 2003 WL 1787943 (Del. 4 April 2003).

53 After Omnicare, in private companies with control shareholders, the shareholder vote is structured as a written consent without a meeting, so the vote happens in effect at signing of the agreement.

54 This highlights the importance of having a well-drafted drag-along provision.

55 This effectively gives the seller certainty of closing if a MAE has not occurred, but leaves it with an indemnity obligation with a lower level of materiality usually defined as losses in excess of a deductible – typically between 0.5 to 1 per cent of deal value.

56 The author represented Seagate.

57 A reverse break-up fee, generally between 2 to 6 per cent of deal value, will often be used when the buyer is not willing or able to use equity for the entire purchase price. The fee covers the situation where the debt providers do not fund.

58 Typical incentive pools cover between 8 to 12 per cent of the equity capitalisation on a fully diluted basis.

59 For the most part simple equity options are no longer used. It is more common to see a restricted stock unit, used some of which vest over time and some only if certain return hurdles (IRR, multiple of capital returned, etc.) occur, so that management only makes money if the fund makes money above the hurdle.

60 For some early history on specific performance of merger agreements and merger agreement covenants, see 'The Challenges for Sellers in Obtaining Effective Remedies in M&A Transactions', Bloomberg BNA, Mergers & Acquisitions Law Report (3 September 2012).

61 See Section VI.

62 Assuming the lenders were still committed.

63 They often have multiple 'notwithstanding any other provision. . .' overrides that are difficult to parse.

64 The banks will also assume that the reverse fee is the damage cap and get their exposure similarly capped for potential tort exposure by inserting Xerox provisions.

65 See, for prior shifts, Moran v. Household International, Inc, 500 A.2d 1346 (Del. 1985); Revlon, Inc v. MacAndrews & Forbes Holdings, Inc, 506 A.2d 173 (Del. 1986); Unocal v. Mesa Petroleum Co, 493 A.2d 946 (Del. 1985); Unitrin, Inc v. American General Corp, 651 A.2d 1361 (Del. 1995); Paramount Communications, Inc v. QVC Network, Inc, 637 A.2d 34 (Del. 1994).

66 8 Del. C. § 141(a).

67 Revlon, 506 A.2d 173; QVC, 637 A.2d 34.

68 QVC, 637 A.2d at 45.

69 125 A.2d 304 (Del. 2015).

70 In re USG Corp S'holder Litig, 2020 WL 5126671, at *14 (Del. Ch. Aug. 31, 2020).

71 id. at *13.

72 id. at *2.

73 Larkin v. Shah, 2016 WL 4485447 (Del. Ch. Aug. 25, 2016).

74 Tornetta v. Musk, 2019 WL 4566943, at *4 (Del. Ch., Sept. 20, 2019).

75 If the transaction was approved by disinterested directors or a majority of minority stockholders, the court could shift the burden of proof from the directors to the plaintiff challenging the transaction. In re Cox Communications, Inc S'holders Litig, 879 A.2d 604, 616 (Del. Ch. 2005) (citing Kahn v. Lynch Communication, Inc, 638 A.2d 1110 (Del. 1994)).

76 id. at 606-07.

77 88 A.3d 635 (Del. 2014).

78 id.

79 See, e.g., Flood v. Synutra, 195 A.3d 754 (Del. 2018); Olenik v. Lodzinski, 208 A.3d 704 (Del. 2019); Salladay v. Lev, 2020 WL 954032 (Del. Ch., Feb. 27, 2020); Tornetta, 2019 WL 4566943.

80 Cf. Cox, 879 A.2d at 606-07.

81 If the surviving corporation overpays, however, and the Court of Chancery awards a lesser amount than what was prepaid, the surviving corporation is not entitled to a refund of the amount overpaid. See In re Appraisal of Panera Bread Co, 2020 WL 506684 (Del. Ch. 2020).

82 Verition Partners Master Fund Ltd v. Aruba Networks, Inc, 210 A.3d 128 (Del. 2019); Dell, Inc v. Magnetar Global Event Driven Master Fund Ltd, 177 A.3d 1 (Del. 2017); DFC Global Corp v. Muirfield Value Partners, LP, 172 A.3d 346 (Del. 2017).

83 In re Stillwater Mining Co, 2019 WL 3943851, at *24 n.13 (Del. Ch. Aug. 21, 2019).

84 954 A.2d 346 (Del. Ch. 2008).

85 id. at 362.

86 129 A.3d 884 (Del. Ch. 2016).

87 id. at 896-98.

88 See Boilermakers Local 154 Retirement Fund v. Chevron Corp, 73 A.3d 934 (Del. Ch. 2013).

89 2019 WL 1223026 (Del. Ch. Mar. 14, 2019).

90 id. at *1-2.

91 id. at *3.

92 Infomedia Group, Inc v. Orange Health Solutions, Inc, 2020 WL 4384087 (Del. Super. July 31, 2020).

93 id.; see also Collab9, LLC v. En Pointe Technologies Sales, LLC, 2019 WL 445412 (Del. Super. Sept. 17, 2019); ChyronHego Corporation v. Wight, 2018 WL 3642132 (Del. Ch. July 31, 2018).

94 See also Oxbow Carbon at 202 A.3d 482 (Del. 2019) for the court's refusal to use the covenant of good faith and fair dealing to fix a mistake.

95 Hexion Specialty Chems, Inc v. Hunstman Corp, 965 A.2d 715, 739 (Del. Ch. 2008); In re IBP, Inc S'holders Litig, 789 A.2d 14, 68 (Del. Ch. 2001).

96 Akorn, Inc v. Fresenius Kabi AG, 2018 WL 4719347 (Del. Ch. Oct. 1, 2018).

97 Earnings before interest depreciation and amortisation.

98 See footnote 96.

99 Channel Medsystems, Inc v. Boston Scientific Corp, 2019 WL 6896462 (Del. Ch. Dec. 18, 2019); Hexion Specialty Chems, Inc v. Hunstman Corp, 965 A.2d 715 (Del. Ch. 2008); Frontier Oil v. Holly Corp, 2005 WL 1039027 (Del. Ch. Apr. 29, 2005); In re IBP, Inc S'holders Litig, 789 A.2d 14 (Del. Ch. 2001).

100 See, e.g., Bed Bath & Beyond, Inc v. 1-800-Flowers.com, Inc, C.A. No. 2020-0245-VCG; Oberman, Tivoli & Pickert, Inc v. Cast & Crew Indie Services, LLC et al, C.A. No. 2020-0257-PAF; Realogy Holdings Corp v. SIRVA Worldwide, Inc, C.A. No. 2020-0311-MTZ; SP VS Buyer, LP v. L Brands, Inc, C.A. No. 2020-0297-JTL; Forescout Technologies, Inc v. Ferrari Group Holdings, LP, C.A. No. 2020-0385-SG.

101 See Realogy Holdings Corp v. SIRVA Worldwide, 2020 WL 4559519 (Del. Ch. Aug. 7, 2020).

102 id. at *7-8.

103 These certainty of funds provisions are referred to as SunGard provisions as they were first used in the 2005 debt commitment letter issued in connection with the acquisition of SunGard Data Systems. A copy of this debt commitment letter can be found at https://www.sec.gov/Archives/edgar/data/789388/000119312505074184/dex99b1.htm.

104 A copy of the agreement and plan of merger, dated 27 September 2009, by and among Xerox Corporation, Boulder Acquisition Corp and Affiliated Computer Services, Inc, can be found at https://www.sec.gov/Archives/edgar/data/108772/000119312509199142/dex21.htm.

105 Hart-Scott-Rodino Antitrust Improvements Act, 15 USC. § 18a.

106 Current threshold, adjusted annually for inflation.

107 ibid.

108 ibid.

109 ibid.

110 There are many additional rules and exemptions that must also be taken into account when assessing HSR reporting requirements, but the size of transaction and size of person tests are the most important pieces for determining whether a transaction must be reported.

111 It is also possible for the parties to withdraw their HSR filing and resubmit it, giving the reviewing agency a second 30-day review period to determine whether the transaction should be cleared. This may only be done once. It is a useful strategy if the parties believe they can convince the staff to clear the transaction without issuing a second request, but there are still unresolved issues at the end of the first 30 days.

113 The duration of a second request can be shortened by extensive preparation before the HSR filing is made and during the initial waiting period. Such an accelerated strategy, however, requires alignment between the merging parties, as substantial compliance with the second request is not effective unless both parties have certified compliance.

114 Federal Trade Commission, FTC's Bureau of Competition Launches Task Force to Monitor Technology Markets, 26 February 2019, available at www.ftc.gov/news-events/press-releases/2019/02/ftcs-bureau-competition-launches-task-force-monitor-technology.

115 Steven Overly and Margaret Harding McGill, 'FTC went to Silicon Valley to solicit antitrust complaints', Politico (7 June 2019), available at https://www.politico.com/story/2019/06/07/ftc-tech-scrutiny-silicon-valley-1511310.

116 Federal Trade Commission, FTC to Examine Past Acquisitions by Large Technology Companies, available at https://www.ftc.gov/news-events/press-releases/2020/02/ftc-examine-past-acquisitions-large-technology-companies.

117 Federal Trade Commission, FTC to Examine Past Acquisitions by Large Technology Companies, available at https://www.ftc.gov/news-events/press-releases/2020/02/ftc-examine-past-acquisitions-large-technology-companies.

118 Diane Bartz and Nandita Bose, FTC demands data on small buys by Google, Amazon, Apple, Facebook, Microsoft, Reuters (11 February 2020), available at https://www.reuters.com/article/us-usa-tech-antitrust/ftc-demands-data-on-small-buys-by-google-amazon-apple-facebook-microsoft-idUSKBN205261; see also John D McKinnon and Deepa Seetharaman, 'FTC Expands Antitrust Investigation Into Big Tech', Wall Street Journal (11 February 2020), available at https://www.wsj.com/articles/ftc-plans-to-examine-past-acquisitions-by-big-tech-companies-11581440270.

119 Federal Trade Commission, FTC to Examine Past Acquisitions by Large Technology Companies, available at https://www.ftc.gov/news-events/press-releases/2020/02/ftc-examine-past-acquisitions-large-technology-companies.

120 Department of Justice, Justice Department Reviewing the Practices of Market-Leading Online Platforms, available at https://www.justice.gov/opa/pr/justice-department-reviewing-practices-market-leading-online-platforms.

121 Brent Kendall and Sadie Gurman, 'Justice Department's Antitrust Chief removes himself from Google probe', Wall Street Journal (4 February 2020), available at https://www.wsj.com/articles/justice-departments-antitrust-chief-removes-himself-from-google-probe-11580822369?mod=searchresults&page=1&pos=4.

122 Tim Hanrahan and Brent Kendall, 'Barr sees big-tech probe wrapping up by next year', Wall Street Journal (10 December 2019), available at https://www.wsj.com/articles/barr-sees-big-tech-probe-wrapping-up-by-next-year-11576011636.

123 Department of Justice, Assistant Attorney General Makan Delrahim Announces Re-Organization of the Antitrust Division's Civil Enforcement Program (20 August 2020), available at https://www.justice.gov/opa/pr/assistant-attorney-general-makan-delrahim-announces-re-organization-antitrust-divisions-civil.

124 id.

125 United States v. Sabre Corp, case No. 20-1767 (3d Cir. July 20, 2020).

126 Dissenting Statement of Commissioner Rohit Chopra, In the Matter of Bristol-Myers Squibb/Celgene, Comm'n File No. 1910061 (F.T.C. Nov. 15, 2019).

127 Press release, Klobuchar Leads Letter Warning That Pharmaceutical Mergers May Threaten Drug Competition, Increase Prices and Reduce Patient Access to Essential Medications (Sept. 17, 2019).

128 Defense Production Act, § 721; 50 USC. § 4565. The term control is defined broadly to mean 'the power, direct or indirect, whether or not exercised, through the ownership of a majority or a dominant minority of the total outstanding voting interest in an entity, board representation, proxy voting, a special share, contractual arrangements, formal or informal arrangements to act in concert, or other means, to determine, direct, or decide important matters affecting an entity'. 31 CFR § 800.208.

129 The term 'foreign person' means any foreign national, foreign government or foreign entity; or any entity over which control is exercised or exercisable by a foreign national, foreign government or foreign entity. 31 CFR § 800.224.

130 CFIUS has authority to initiate a review on its own and invite the parties to submit information; the Committee is also empowered to issue interim orders barring parties from closing a transaction to permit time for completion of the review, or (in the case of transactions that have already closed) orders requiring that the foreign party divest its interest. For these reasons, parties to a transaction raising potential national security sensitivities are usually well-advised to submit a notice voluntarily, ideally prior to a planned closing.

131 The Department of Treasury implemented the new authority in an overhaul to CFIUS's regulations, most of which went into effect on 13 February 2020. 31 C.F.R. Part 800.

132 31 C.F.R. § 800.502.

133 31 C.F.R. § 800.248.

134 31 C.F.R. § 800.248(a).

135 31 C.F.R. § 800.215. See also discussion of emerging and foundational technologies, infra.

136 31 C.F.R. § 800.248(b).

137 31 C.F.R. § 800.248(c).

138 31 C.F.R. § 800.211(b)(1). Material nonpublic technical information is information, not available in the public domain, that, in the case of an infrastructure TID US business, '[p]rovides knowledge, knowhow, or understanding. . .of the design, location or operation of covered investment critical infrastructure, including vulnerability information such as that related to physical security or cybersecurity'; or in the case of a technology TID US business, is 'necessary to design, fabricate, develop, test, produce, or manufacture a critical technology, including processes, techniques, or methods'. 31 C.F.R. § 800.232(a).

139 31 C.F.R. § 800.211(b)(2).

140 Penalties for failing to make a mandatory filing are stiff. A person who does not comply can face penalties of up US$250,000 or the full value of the transaction, whichever is greater. 31 C.F.R. § 800.901(b).

141 31 C.F.R. § 800.401(c). CFIUS has proposed to replace this multipart test with one that looks to whether US regulatory authorisation would be required to export or transfer the TID US business's critical technologies to the country of the foreign investor. See Proposed Rule to be codified at 31 C.F.R. § 800.401(c), 85 Fed. Reg. 30893 (21 May 2020). At the time of writing, the proposed rule has not yet been made effective.

142 31 C.F.R. § 800.401(b). No mandatory filing is required if the investment is made by an 'excepted investor'. The criteria for qualifying as an excepted investor are complex, but they essentially require that the investor be, or be almost exclusively controlled by, nationals, governments and entities of an 'excepted foreign state'. For the time being, CFIUS has designated Australia, Canada and the UK as excepted foreign states.

143 31 C.F.R. § 800.307.

144 31 C.F.R. § 800.307(a)(1) and (2).

145 31 C.F.R. § 800.a(3)-(6).

146 31 C.F.R. § 800.a(4).

147 31 C.F.R. § 800.244(b).

148 See Michael Brown and Pavneet Singh, China's Technology Transfer Strategy: How Chinese Investments in Emerging Technology Enable A Strategic Competitor to Access the Crown Jewels of US Innovation, Defense Innovation Unit Experimental (February 2017).

149 An item falls into a heightened control category if it meets the criteria of an export classification control number on the US Commerce Control List, published in the EAR.

150 The EAR controls both exports and reexports of covered items. An export is the transmission or transfer of an item outside of the United States, whether physically, electronically (e.g., via email or website download) or otherwise. A reexport is the transfer or transmission (by whatever means) of an item from one foreign country to another foreign country. Reexports of US-controlled items are often subject to similar types of restrictions as exports.

151 This kind of transfer is referred to as a deemed export, and the level of control is determined by the requirements that would be imposed on a physical export of the technology or source code to that foreign person's country of nationality. Similarly, a deemed reexport occurs when US-controlled technology or software is released or disclosed outside of the United States to a national of a third country.

152 Among other things, the designation of a particular technology as emerging or foundation as a result of the ECRA process will automatically result in heightened CFIUS review for any proposed takeover of a US company dealing in such technology, because under FIRRMA the definition of critical technologies for CFIUS purposes includes 'Emerging and foundational technologies controlled under section 1758 of the Export Control Reform Act of 2018 (50 USC. 4817)'. 31 C.F.R. § 800.215(f).

153 22 C.F.R. Part 120 et seq.,

154 The USML can be found at 22 C.F.R. Part 121.

155 22 C.F.R. § 122.4(b).

156 See the National Industrial Security Program Operating Manual of 2006 (DDD 52202.M), Section 2-300 et seq.

157 See DOD Industrial Security Letter 2009-03, p. 1.

158 See DOD 52202.M Section 2-301 (outlining factors that may be considered in making a FOCI determination).

159 Title 35 of the United States Code.

160 Paris Convention for the Protection of Industrial Property provides reciprocal filing rights by allowing an applicant to file an application in their home country first to receive the priority filing date and subsequently file in other Member States within 12 months for a patent application.

161 The Patent Cooperation Treaty provides an international filing system.

162 See 35 USC. §§101-103.

163 See 35 USC. §271.

164 See 35 USC. §111(b).

165 35 USC. §101.

166 See Alice Corp v. CLS Bank International, 573 US 208 (2014).

167 Title 17 of the United States Code.

168 See US Copyright Office Circular 38a.

169 17 USC. §102.

170 See 1 Nimmer on Copyright § 2A.10 (2017).

171 Oracle Am Inc v. Google Inc, 886 F.3d 1179 (Fed. Cir. 2018).

172 See 17 USC. § 106.

173 US Copyright Office Circulate No. 61.

174 17 USC. § 106A.

175 id.

176 17 USC. §§901-914.

177 17 USC. §902.

178 17 USC. § 905.

179 18 USC. §1836, et seq.

180 18 USC. § 1833.

181 18 USC. § 1833.

182 18 USC. § 1836(b)(2)(A)(i).

183 15 USC. §§ 1051 et seq.

184 15 USC. § 1072.

185 15 USC. 1065.

186 15 USC § 1051(b).

187 15 USC. § 1060(a).

188 While US law would apply to employees and contractors located in the US working for US companies, US companies often use individuals outside the US for development. In such cases, the laws of the country where those individuals are residing or the governing law of the agreements with such individuals, or both, will apply.

189 See 17 USC §201.

190 United States v. Dubilier Condenser Corp, 289 US 178 (1933).

191 Lariscey v. the United States, 949 F.2d 1137 (Fed. Cir. 1991).

192 The work created by an independent contractor must be one of the following to constitute work made for hire under US copyright law: a work for use as a contribution to a collective work; a work that is part of a motion picture or other audiovisual work; a translation; a supplementary work; a compilation; an instructional text; a test; answer material for a test; or an atlas. See 17 USC §101.

193 See 6 Nimmer on Copyright § 27.02 (2017) ('[C]omputer programs are not among the categories of work enumerated in the current Act that are eligible for specially commissioned status upon execution of the proper agreement. . .').

194 See 17 USC §101. However, note that under Section 3351.5(c) of the California Labor Code, an independent contractor who agrees to a work made for hire provision in a written agreement is deemed to be an employee. Therefore, any agreement with an independent contractor that could be subject to California law may want to omit a work made for hire provision.

195 Arachnid, Inc v Merit Indus., Inc, 939 F2d 1574 (Fed Cir 1991).

196 See 1 Nimmer on Copyright § 6.12 (2017). This includes a duty to account to the other joint owners for a ratable share of the profits realised from the joint owner's use of the work and of the profits realised from licensing of the work.

197 See 35 USC §262.

198 See 35 USC §284.

199 See, e.g., Hewlett Packard Co. v Bausch & Lomb, Inc, 115 F.R.D. (ND Cal 1987); Tenneco Packaging Specialty & Consumer Prods, Inc v. S.C. Johnson & Son, Inc, No. 98 C2679, 1999 US Dist. LEXIS 15433 (N.D. Ill. Sept 9, 1999).

200 Revenue Ruling 87-31.

201 4 Cal 5th 903.

202 California Labor Code Section 2750.3.

203 California Business and Professions Code 16600.

204 California Business and Professions Code 16601.

205 Massachusetts General Laws Chapter 149, §24.

206 Washington Revenue Code § 49.62.020.

207 Meaning the shares of any individual whose payments are subject to approval are considered not outstanding so that such individual does not vote to approve his or her payments or the payments to anyone else.

Get unlimited access to all The Law Reviews content