what's in the news

The survey is now closed.

The results will be published in January 2012.

For your copy, please email poppy@pitmans.com

Courtesy of Thames Valley Business Magazine September 2011

It has been a tough few years in the M&A market with a considerable downturn in M&A activity since 2007, but over the past 18 months we have seen some emerging trends in deal dynamics, financing and legal practice which are encouraging increased transactional activity.

Deal Dynamics

Financially stable corporate buyers are still keen to do deals to maintain their competitive advantage in the market.  The relatively small number of “quality” sellers has meant valuations are not as depressed as some commentators may have thought.  Potential sellers had adopted a “batten down the hatches” mentality, but are now starting to explore the market as they are three years further down their business plan.  However, on an evaluation of what a potential seller can take out of a successful business on an annual basis compared with the poor return on capital they may make if the business were sold, is still discouraging potential sellers. A number of businesses have also disposed of non-core assets to raise cash or to better focus their business models.

Another interesting development we have notices is a decrease in emphasis on perceived “market practice”. Deals generally have become more innovative and creative which has made for some interesting and bespoke transactions.

In addition, the private equity players are not only important asset holders but remain potential acquirers, and they continue to be active in the market. There are still a realtively small number of IPOs, so there has been a greater emphasis on disposals as the main exit for both private equity and other business owners. We still see that a significant proportion of private equity disposals have been to private equity buyers, underlying their importance to the M&A market.

Documentation and valuation

A number of transactions have continued to use the traditional ‘completion accounts’ mechanism to establish a final deal price, largely as buyers are keen not to overpay for acquisitions. The completion accounts method does, however, mean increased time and cost, as well as not having certainty at completion which opens the door for ongoing negotiation and potential disputes. As a result, some sellers in a strong bargaining position who want a definitive position at completion have utilised the ‘locked box’ mechanism. Put simply, in a locked box deal, the price is set in accordance with an agreed set of pre-completion accounts and the seller provides additional protection for any ‘leakage’ (such as the payment of dividends). This does make for a cleaner break, but which transaction mechanism is used will largely depend on the relative bargaining position of the parties.

Unsurprisingly, buyers are increasingly insistent on some form of deferred consideration element, whether the retained amount is conditional on certain targets being met and so is payable by way of earn-out or whether it is ‘unconditional’ but is held for a period of time to offset against future warranty claims. Sellers have to consider the balance between a higher overall deal consideration, a proportion of which will not be received at completion and may be dependent on future profits of the business which is likely to result in a continued role in the company for the seller, and receiving a lower total amount but getting more up front in cash. Evidently, each deal is different and will be the subject of lengthy negotiation, however, most deals now do have some form of consideration hold back to give the buyer an extra level of comfort.

Another interesting development is the rise in importance of transitional service agreements (TSAs). TSAs used to be viewed as reasonably insignificant and were often merely schedules to the main purchase agreement but they are now often negotiated alongside the main documentation. Buyers, again in a desire to limit risk, are keen to clearly set out the parameters of the ongoing services to be provided by the seller post deal and TSAs have become an increasingly important strategic driver in many deals.

Financing

The finance markets have gradually improved over the past year, and for large corporate borrowers, there is an available pool of liquidity.

However, for smaller companies and leveraged borrowers, the market has remained tough. We are seeing some increased interest to fund leveraged, event-driven financing, which is evidenced by the activity of the private equity houses, but generally leveraged debt transactions from private companies are still hard to fund.

Warranties and indemnities

Our recent experience is that parties are spending more time negotiating specific and tailored warranties and indemnities to cover the key deal issues, so although a number of standard warranties are still included, more bespoke and deal specific warranties and indemnities are negotiated to give addititonal protection to buyers.

In addition, our recent experience suggest that warranty caps have also become very deal specific and are heavily negotiated on every transaction. On larger deals, it is common to see split warranty caps with liability for title and other key warranties being capped at 100% of the purchase price, or even in some cases being unlimited, with the cap on other warranties being at a lower level. However, a 100% overall warranty liability cap is still common on smaller deals. De minimis levels and baskets for warranty claims are also fiercely negotiated and are often one of the final deal issues that are agreed during the negotiation process.

We have seen limitation periods for warranty breach agreed as low as 9 months in some deals but it is more normal for them to be around the 18 month to 3 year period as buyers like the comfort that the business they have acquired has had at least one full year’s audit post completion, as any potential warranty issues are likely to become apparent during this period.

However, in some deals bespoke periods have been agreed for certain groups of warranties to futher protect the buyer against their perception of key deal issues. In addition, tax warranties and indemnities are for longer periods to protect against any future HMRC investigation.

Bribery and corruption risks

Over the past few years, anti-corruption and ethical issues have become increasingly important, for example the recent coming into force of the Bribery Act. Some buyers have therefore focused keenly during the due diligence process on bribery and corruption risks inherent in businesses they are acquiring, and have developed their own ethical policies and procedures which can be adopted in acquired targets post completion.

Pitmans’ corporate team

Following Pitmans’ Deal of the Year under £25m (Guralp Systems Ltd) and Corporate Lawyer of the Year (Adam Dowdney) Awards from the Thames Valley Deal Awards in May, together with Pitmans recent recognition for its exceptional deal making achievements in Experian’s league table of Corporate Finance Advisers HY2011 – ranking 4th by volume of deals – Pitmans’ corporate team remains positive that deals will continue to grow in number and the M&A market will adapt to the ongoing tough economic environment.

Adam Dowdney
Partner, Corporate
T: 0118 957 0574
E: adowdney@pitmans.com

This article was published by Workbooks.com

Philip James, Partner, and Carolyn Butler, Solicitor at Pitmans LLP examine some of the legal issues you should consider when moving to cloud computing and selecting a vendor.

1. Know the flight plan (negotiation and contract)

Carefully review the terms on which you are intending to contract with your cloud provider. Is the contract open to negotiation or are you expected to contract on the cloud provider’s standard terms? If the former, consider your specific requirements, and ensure your contract:
 
• adequately reflects your requirements in unambiguous language in a layout that’s easy to follow (in other words, don’t bury your specifications across numerous schedules);
• clearly delineates the roles and responsibilities of both the cloud provider and your organisation; and
• has quantifiable metrics or KPIs to verify the performance of your cloud provider.

If the latter, review the terms carefully to ensure, firstly, that they are fair and that there are no unpleasant surprises lurking and, secondly, that they cover everything you need them to. If not, seek to vary the standard terms with your cloud provider accordingly.

Look at the extent of the remedies available under the contract. The contract will probably contain limitations of liability, so if you are intending to outsource critical internal infrastructure, check whether those limitations adequately reflect the allocation of liability to your cloud provider.

• What limitation should apply?
• Are there risks for which liability should or should not be excluded? E.g. does the supplier exclude liability for loss of data (this is not much good if you are outsourcing your CRM database!)

In some cases, damages for breach of contract may not be a sufficient remedy if things go wrong, and you may wish to set out alternative, more appropriate remedies under the contract. Other key issues to look out for in your contract are explored in more detail below. In all cases, always seek specific legal advice if you are unsure about the effect of any element of your contract.

Before negotiating a contract with a cloud provider, the European Network and Information Security Agency’s Information Assurance Framework for Cloud Computing, which sets out questions that an organisation should ask a cloud provider, is essential reading¹.

2. First class, business class or economy class? (service levels)

Service levels need to be agreed upfront, and should be expressed in the service-level agreement in terms that are both clear and measurable, including maximum periods of downtime, the relative importance to the business of different elements of the service and processes for remedying defaults. While many businesses look to cloud providers as part of their business continuity strategy, it is also necessary to consider what would happen if the cloud provider’s operations become disrupted. How does your cloud provider manage its response to incidents such as natural disasters or security breaches to ensure disruption is kept to a minimum?

Before you sign up, ask your cloud provider about any extra costs and charges, work out which of these are relevant to your business and budget accordingly. You should also ensure your future as well as your present needs are taken into account: find out how quickly and by how much your cloud provider can scale up the services it provides, and, if you plan to expand your business abroad, whether your provider has the capabilities to meet your needs in other jurisdictions.

It is important that the ramifications of failing to meet the agreed service levels are clearly set out (often a service credits mechanism is used) and that the parties agree a process of escalating remedies in the event that problems supplementary to the agreed remedial mechanisms arise. The resolution of disputes can be a costly and time-consuming exercise, and it is in the interests of both parties to have workable and effective escalation processes in place to ensure problems are worked out amicably, the business relationship is preserved and any disruption is kept to a minimum.

3. Security checkpoints (security and data protection)

It is essential to verify with your cloud provider what responsibilities for security lie within the remit of your organisation and which are their responsibility.

While your cloud provider may be unable to give you precise details about the security measures it has in place (since a detailed disclosure of the systems in use could impair their integrity), a high-level description of those measures should be given, for example, the extent to which data encryption is used, whether anomaly detection systems are applied, the protocols in place to deal with the theft of user credentials and the physical security used to protect the locations where data is stored. Your cloud provider should also be able to tell you whether it meets any of the existing web standards² and give you details of the security features on offer for users, such as user authentication and authorisation/administration controls. Find out whether your cloud provider offers any guarantees that customer resources are fully isolated from one another, and to what degree data, metadata or other traces of use by your organisation is erased before machines are reallocated. You should request sufficient information to allow you to make a sensible judgement about the adequacy of the security measures offered by your cloud provider, whether additional measures are required and need to be agreed in your contract.

Further, your cloud provider may intend to outsource or subcontract any of the operations that it is contracted to supply to you, and, if they do, find out who those third parties are, where they are based, what procedures are used to verify and monitor the quality of services they provide, and the security controls in place to protect your data. For instance, it is not much use having contractual protections in your agreement with your provider if the ‘subbie’ to whom the service is sub-contracted is not subject to the same terms agreed with your supplier (you may also not have conducted due diligence in respect of that subbie).

4. Final destination (location)

Just as importantly, find out where your cloud provider will physically hold your data. Your data should be stored in a jurisdiction where an acceptable level of protection is mandated by law. Data protection standards vary from one jurisdiction to another and, although efforts are being made to harmonise the requirements across the EU as a whole, outside of the EU they may be non-existent. Nevertheless, if you are a business based in the UK, and the data in question is being processed in the context of that business, the full extent of the UK rules will most likely apply.

Further, if you are intending to store personal data in the cloud, such as HR records, take note that the transfer of personal data to a country or territory outside of the EEA is prohibited, unless equivalent protection in that country or territory is assured (and in this respect, if it is to be stored outside the EEA, seek specific legal advice on this issue as there are a number of compliance requirements which may need to be dealt with). Where this is concerned, it is always easier from a data privacy compliance perspective to engage a supplier whose data centre is located in the UK or Europe than enter into an arrangement with a supplier whose servers are in the US or China (or worse still, in a virtual data centre i.e. you don’t know where it is stored!).

Note also that, where HR data is concerned, it is also likely to contain sensitive personal data. As such, there are a number of more stringent restrictions as to how this type of data may be processed and specific consents may need to be obtained from the data subjects (i.e. the person to which such personal data relates). Ideally, find a cloud provider based in your jurisdiction that can provide assurances that data (and at the bare minimum, personal data) will not be transferred outside of the EEA.

It is important to ensure your contract with your cloud provider clearly states the choice of territorial jurisdiction (that is, the country in which any dispute in relation to the country will be heard) and the choice of law that the courts will apply in determining any dispute. Ideally, this should be a jurisdiction in which your organisation operates. If a dispute arises, and the choice of law and jurisdiction has not been specified, under EU law a defendant may be sued where they live, or where the contractual obligation was performed. The applicable law, however, will be the law with the closest connection to your contract. It is easy to see how this can create problems in a cloud computing environment where there are cloud providers all over the globe eager for your business, and where your data could potentially be stored anywhere in the world, so explicitly state in the contract what’s intended.

5. Take a moment to find the nearest exit (transitioning)

Although it may feel like a remote prospect, before you enter into a cloud contract it is necessary to anticipate how you intend to exit those arrangements. Care should be taken to ensure the portability of your data, including your metadata. Review your contract to determine what events could trigger a right to terminate the agreement by either you or your cloud provider. Ask what procedures are in place to export your data (in an orderly fashion) if you change cloud providers or in the event that the agreement is terminated. Find out whether those procedures are regularly tested to ensure that they work.

Also, if there is a specific format in which you expect to receive your ported data, you should try and specify that (to the extent that is possible) in your contract with your supplier. Please note: there may be additional costs associated with ensuring your data is in a format which is compatible with your systems. The ownership of intellectual property (IP) can be a particularly contentious issue in the cloud environment. Examine the IP provisions in the agreement with your cloud provider to determine how data ownership is dealt with, and whether those provisions are acceptable to you. IP is a technical area of law; as such, therefore, if in doubt, always seek specific legal advice to ensure you are adequately protected.

Once you have moved your data, you will no doubt be seeking assurances from your cloud provider that all traces of your data will be deleted as soon as possible. So, before you commit to a particular cloud provider, find out whether this is a realistic prospect: it may take a number of weeks for your data to be deleted if it is stored in more that one place (for example, if it is copied on to back-up tapes) and it may be impossible to destroy your data completely if your cloud provider allows you to share disk space with other customers. If that’s not good enough, give your cloud provider the opportunity to put satisfactory processes in place for you.

For further information in relation to the issues raised by this note, please contact:

Philip James
Partner
pjames@pitmans.com
+44 (0) 207 634 4655

Carolyn Butler
Solicitor
cbutler@pitmans.com
+44 (0) 118 957 0234

¹ http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-information-assurance-framework/?searchterm=assurance framework

² Such as ISO27001 (http://www.27001-online.com/), which implements OECD (Organisation for Economic Cooperation and Development) principles governing security of information and network systems, and the SAS70 auditing standard (http://sas70.com/)

PLEASE NOTE: This note has been prepared to provide general guidance on the benefits as well as some of the risks associated with cloud computing. As such, it should not be relied on. Always seek specific legal advice in relation to your specific circumstances in question.

Award winning Thames Valley law firm Pitmans LLP has been recognised for its exceptional deal making achievements in Experian’s league table of Corporate Finance Advisers HY2011. Ranked 4th by volume of deals, Pitmans LLP joins the league for the first time in the South East and is ranked alongside much larger firms including Linklaters, Ashurst and Pinsent Masons.

Pitmans LLP has an award winning corporate team of 6 partners and 5 solicitors led by Andrew Peddie. Over the last 6 months the team has advised on a variety of deals ranging from Technology companies, pharmaceuticals, transport and food manufacturers.  Philip Weaver deserves particular recognition having completed 4 deals in 10 days in June.

Commenting on the achievement, Managing Partner Christopher Avery said “I’m thrilled that once again the achievements of Pitmans corporate team have been recognised. Pitmans is a hotbed of talent and this ranking is clear recognition from our clients and from the market that Pitmans leads the pack in getting deals done in the Thames Valley”.  

Click here to view the League Table online

Click here to download PDF

Award winning law firm Pitmans LLP has acted on behalf of Maudesport Limited, one of the Uk’s leading mail order suppliers of sports and leisure equipment and team wear, on the sale of their company to DEMCO UK Limited for an undisclosed consideration. The transaction was led by Pitmans’ Corporate Partner, Philip Weaver, and Corporate solicitor, Carolyn Butler. They were assisted by Property Partner, Sally Sharp.

Maudesport limited supplies 60 Local Authorities with equipment for their schools, colleges and other establishments. It also supplies HM Prisons, NHS and MOD establishments as well as Youth Centres, Special Needs Units, leading fitness and leisure companies and the general public.

Commenting on the transaction, John Maude, the Owner and Managing Director of Maudesport Limited said “I was most satisfied in the manner that my corporate and legal advisors brought this sale to completion. Although intense as the final stages played out, Pitmans kept me informed and helped me through a process with which I was unfamiliar. In particular property issues, a difficult hurdle to overcome, were negotiated through to both parties satisfaction.”

Philip Weaver, Pitmans Corporate Partner added: “We were very pleased to bring this sale to a successful conclusion. Although the purchaser was a UK company, the decisions were made by its parent. We had noted from previous transactions (and this sale proved to be no exception) that US purchasers are often more concerned about some areas than a typical UK purchaser, such as environmental concerns.”

DEMCO UK Limited supplies materials, including laboratory equipment, chemicals and consumables to the eductation sector. The company also owns Technology Supplies Limited and Timstar Laboratory Supplies Limited (which it acquired in July 2009). DEMCO UK Limited is ultimately owned by Wall Family Enterprise Inc in the United States, a family-owned group of eight independent businesses that generates annual revenues of more than $200 million (£125 million).

Award winning law firm Pitmans LLP has acted on behalf of Kinetic Facilities Limited, part of the Panalux Group, in its acquisition of the Direct Lighting business from Metro Imaging Limited for an undisclosed consideration.  The transaction was led by Pitmans Corporate Partner, Stephanie Perry.

Panalux offers the world of film and television production the very best in lighting rental Equipment and facilities.  With bases located throughout the United Kingdom, this vast production resource is home to a huge inventory of modern equipment maintained by a team of highly skilled, experienced professionals.

A small selection of their portfolio of credits include: X-Men: First Class; Clash of the Titans 1 & 2; Pirates of the Caribbean; Quantum of Solace; Harry Potter Series; Dr Who; Casualty; Holby City.

Commenting on the transaction, Steve Smith, Managing Director of Panalux Worldwide said: “We are immensely proud to have worked alongside Pitmans in order to extend our presence in the photographic market through the acquisition of the UK’s largest photographic rental facility, Direct Lighting, and the subsequent inception of our new brand, Direct Photographic. I have no doubt that we will continue to obtain Pitmans invaluable assistance as we develop and expand all our operations both in the United Kingdom and overseas”.

Stephanie Perry, Pitmans Corporate Partner added: “The Kinetic team are long-standing clients of the firm and we were delighted to help them with this “bolt on” acquisition which will enable the business to expand further”.

Created by Panalux, Kinetic Facilities Limited provides a flexible, competitive service combining an extensive range of cameras, lights and expendables with the support of experienced, friendly staff.

Direct Lighting has a long history of hiring lighting equipment for a range of productions.  Contracts comprise television commercials, broadcast television and feature films, with a small selection including: Prime Suspect 6: The Last Witness; The Inbetweeners; Auf Wiedersehen Pet: Series 4 & Christmas Special; and Two Pints of Lager and a Packet of Crisps. Direct Lighting is a patron sponsor of the British Society of Cinematographers, and an approved lighting contractor to both the BBC and ITV.

Award winning law firm Pitmans LLP has acted on behalf of John Wright and Barbara Wood, the sellers of Thames Travel Limited, a local bus company based in Wallingford, Oxfordshire. The company has been purchased by Go-Ahead plc, one of the UK’s biggest providers of rail and bus services, for an undisclosed consideration. The transaction was led by Pitmans’ Corporate Partner, Philip Weaver, and Corporate solicitor, Carolyn Butler.

Commenting on the transaction, John Wright said “We are very pleased to been able to place the business with one of the UK’s leading public transport operators so that the business can continue to grow and prosper into the future. We would like to thank Philip Weaver and his team for successfully guiding us through a very exacting ‘due diligence’ and would recommend Pitmans to anyone considering a business sale.”

Philip Weaver, Pitmans’ Corporate Partner said: “It was a great pleasure to achieve a successful outcome for John Wright and Barbara Wood. The sale was completed in a short timescale thanks, in part, to my clients’ speed of response when under significant due diligence pressure from Go-Ahead and the demands of continuing to run the business.”

David Brown, Deputy Chief Executive, of Go-Ahead said: “Thames Travel is a strong business with a proud tradition of providing high quality services to the local community. We are delighted that the company will be joining the Go-Ahead family. With the resources of Go-Ahead behind Thames Travel, the business will be in a stronger position to grow over the years ahead.”

In line with Go-Ahead’s devolved business strategy, the company will continue to be run and managed locally. The bus fleet will retain its existing livery and branding and the existing fare structure will remain.

Courtesy of Data Protection Law & Policy – May 2011

Last November, the EU Commission set out its aims to modernise the 1995 EU Data Protection Directive in a November 2010 Communication. Philip James, Partner at Pitmans, reviews some of the responses to the Commissioner’s consultation in relation to a particular conundrum facing the Commission – data portability.

This long-overdue overhaul of the existing data protection framework is intended to address some of the key challenges facing current data privacy regulation, namely: the collection and use of personal data via new technologies, harmonisation and simplification of notification throughout the EU, and globalisation and cross-border data flows.

The purpose is to reinforce an individual’s right to privacy, whilst on the other, to harmonise and simplify data privacy regulation. The Commission has indicated that the revised framework may include a possible EU-wide notification process, involving a central EU Information Commissioner.
 
A key part of this harmonisation process will depend upon the establishment of precedents, template data processing agreements and fair processing notices. In addition, organisations will be required to adopt Privacy Impact Assessments (PIA) and Privacy by Design (PbD) into new technologies from inception through to implementation and day-to-day operation, rather than immediately prior to launch. In short, privacy is to be embedded into the development of business and technology from the word go.

A Refresher of the Review

Key objectives of the modernised data privacy strategy are to:

- Strengthen individuals’ rights and clarify what types of information will fall into the definition of ‘personal data’, such as user profile information.

- Increase transparency for data subjects, for example, by introducing mandatory personal data breach notification.

- Create new responsibilities for data controllers by making the appointment of an independent Data Protection Officer mandatory.

- Place a duty on data controllers to carry out PIA where appropriate, and promote the use of Privacy Enhancing Technologies (PET) and the PbD model of system design.

- Enhance individuals’ control over their data including the socalled ‘right to be forgotten’ and empower users with a right to port their personal information, otherwise known as data portability.

- Raise and finance public awareness and promote the application of approved ‘privacy seals’ for organisations which meet certain minimum privacy standards.

- Ensure informed and free consent (and, in so doing, provide pre-approved data privacy notices on EU standard forms).

- Harmonise the conditions for processing sensitive data and review the categories of information which may be classed as sensitive.

- Make remedies and sanctions more effective and promote an active infringement policy.

- Clarify and simplify the rules for international data transfers.

- Encourage self-regulatory initiatives.

Data Portability

Cloud providers and social network providers will need to pay particular attention to the proposed right for users to port their personal information to an alternative provider, as well as their right to erase their digital footprints, pursuant to their right to be forgotten. It may not have gone unnoticed that Google has recently launched a range of Chrome laptops, in conjunction with Acer and Samsung, which provides users with a suite of solely cloud-based applications, i.e. just the barebones on the machine itself; applications aren’t installed locally but accessed remotely. The service is a direct challenge to Microsoft’s enterprise offering. What is clear is that cloud-based computing isn’t going away anytime soon.

The right for consumers to port their data to a new provider will also be of a specific concern to social networks whose servers continue to brim over with usergenerated content.

In theory, the right for users to require providers to transfer their data to a new provider should promote cloud shopping. This, in turn, will promote greater competition between providers. One of the most effective weapons customers have in their armoury is to switch providers. Permitting users to transfer their personal portfolios of friends, photos and documents to an alternative supplier offering greater control and security will be a powerful means of promoting privacy. This is an ideal that should be pursued.

Data Liberation

Notably, Google is supporting this initiative by means of its Data Liberation campaign. This is to be welcomed, although it remains uncertain whether the genuine motive is to relieve its competitors of their data buckets, rather than liberate its customers’ own data. This will come as no surprise, given the continuing data and PR battle between the digital woolly mammoths, Facebook and Google.

In practice, the story is somewhat different. There are some significant hurdles to truly liberal customer data migration policy. The Commission asked organisations and interested sector groups to respond to its consultation in relation to the Directive review by 15 January 2011. There is a wealth of feedback, and after reviewing some select responses, the following were of particular interest.

Microsoft’s response to the Commissioner’s consultation is particularly helpful on this issue. In recognising the brand value of winning customers’ trust, the report starts with ’Microsoft’s success depends on users having confidence in our ability to responsibly manage and protect their data’ and continues the theme in Section C. (Enhancing control over one’s own data): ’An essential element of a user’s control over that data is the ability to retrieve that data in a simple and costefficient way….Microsoft strives to build capabilities into those services to give the user that control’.

Practical Challenges

However, at the same time, the response outlines the practical and commercial realities that may inhibit data portability:
 
- Any right must draw a distinction between a user’s own data and underlying applications or related metadata or stats generated by use of the service.

- The right should be limited to data held by the provider.

- Any data transferred will depend on the format of the data and APIs (application programme interfaces) in question. Whilst there are industry standard formats and APIs, few service providers store data in the preferred format for data exchange.

- In addition, the richer the data format, the harder it may be to transfer data to a new provider.

The more raw the data, the easier the transfer.

In short, there are significant, technical challenges and users cannot have it both ways – have a specialised, slick user interface, then expect to be able to click a button and transfer their whole data suitcase to a new data ‘hotel’.

The risks of data portability cannot be understated. In Nokia’s response, the risks of failing to identify correctly the user who is requesting the data transfer are significant (page 10). One recommendation is to ensure that only ‘identified individuals’ can exercise their rights. In addition, there may be some benefit to limiting the frequency with which a user can exercise this right.

Promoting a Privacy Market

Cloud customers often marry at haste and repent at their leisure. In other words, unless users are provided with clear information about what will happen to their data at the end of the relationship (call it a ‘data pre-nup’ if you will), privacy is likely to suffer. In reality, a limited number of data oligarchs are likely to retain market control over customers’ data, based on first mover advantage, rather than necessarily providing the most effective platform for maintaining their customers’ privacy. Facilitating data portability will in itself generate healthy competition in relation to privacy enhancing technologies and empower customers’ with control over their data. Comparisons can be drawn with the mobile network market and the ability of customers to switch provider. For a long time, there was great resistance which was eventually overcome.

Industry Standards

Requiring providers to allow competitors access to their technology to produce compatible exchange interfaces and promoting common, standard industry data exchange formats (where reasonably practical) should assist users in migrating to a new provider. However, as ever, where there are associated costs of porting data, such costs should be reasonable and users should be informed of what these costs are in advance of ‘moving in’.

What Questions Should I Ask?

Google has succinctly distilled the questions a user should ask before signing up to a cloud service, in its Data Liberation site, as: 

- Can I get my data out at all?

- How much is it going to cost to get my data out?

- How much of my time is it going to take to get my data out?

These are questions both consumers and businesses should be asking before they embrace the economically attractive cloudbased services on offer. It may come as no surprise that many cloud services offer low introductory fees, whilst the costs to switch to a new provider in the future may be astronomical.

Directive or Regulation?

The Commission will propose legislation this year. It should be borne in mind that the option remains open to the Commission to introduce new legislation in the form of a Regulation, rather than as a Directive. The upshot of this being that the law would be directly applicable and there may be a genuine opportunity for the Commission to achieve greater harmonisation within the EU.

Philip James
Media & Entertainment Partner
+44 (0)207 634 4655
pjames@pitmanssk.com

Award winning law firm Pitmans LLP has acted on behalf of Jemima Rabson on the disposal of the business and assets of Longacre Homecare to Enara Finance Limited, for an undisclosed consideration.  The transaction was led by Pitmans’ Corporate Partner, Adam Dowdney, assisted by Corporate solicitor, Carolyn Butler, Employment Director, Angela Shields and Head of Employment, Mark Symons.

Commenting on the transaction, Keith Rabson said: ”We can only express a huge thank you to Adam and the rest of his team at Pitmans for all their hard work over recent months.  Without their support and calming influence I do not think the transaction would have completed and it has been an absolute pleasure doing business with them.  We always felt that we were in safe hands and Adam’s advice was always prompt, proactive and astute.”

Adam Dowdney, Pitmans’ Corporate Partner added: “I think it is a reflection of the times that no deal is easy to get over the line and this transaction was no exception!  However, it was a pleasure to deal with Jemima and Keith, and their family, during the transaction process and we built up an excellent working relationship with all of them.  I am delighted for Keith and Jemima, and as always am grateful for the help and support of the team at Pitmans, and indeed their patience at times during this deal!”

Longacre Homecare provides customers with the highest quality person centred domiciliary care service in the comfort of their own homes.  They provide 1 hour to 24 hour care and specialise in both night care and the provision of a 24 hour service.  Their prime objective is to enhance the quality of life for customers who are in need of care due to illness or disability, by providing a high quality, professional, personal and practical care service.

Award winning law firm Pitmans LLP has acted on behalf of the 24 selling shareholders on the disposal of the entire issued share capital of Kell Systems Limited to Schneider Electric (UK) Limited, part of the Schneider group of companies, for an undisclosed consideration.  The transaction was led by Pitmans Corporate Partner, Adam Dowdney, assisted by Mark Metcalfe and Mark Symons, Head of Pitmans Employment .

Commenting on the transaction, Steve Kendall, former Chairman of Kell Systems Limited, said: “Adam and Mark were always there with imaginative ideas when we came upon seemingly intractable problems.  They provided a very personal service and we learned to trust their unerring commercial advice.  It was very refreshing to meet a legal team that thought beyond the legalities and always had the clients’ commercial interest at the forefront of their minds”.

Adam Dowdney, Pitmans Corporate Partner added: “It was a pleasure to work with Steve Kendall and the rest of the board on this transaction, even if there were some unusual issues that cropped up along the way!  Selling a private company with 24 shareholders was always going to present its own issues, but the depth of experience of the team and our ability to focus on the key issues for the client enabled us to complete the transaction to the satisfaction of all parties involved and we wish all the shareholders and members of the board every success for the future.”

Kell Systems Limited manufactures acoustic computer enclosures for deployment of servers and network hardware directly in the office workspace to house computer services and network equipment within offices and other environments.  Kell server cabinets remove the need for server rooms and significantly reduce perceived noise and cut capital costs.  The integral cooling system also reduces running costs and improves reliability.