Lexpert Magazine

March/April 2018

Lexpert magazine features articles and columns on developments in legal practice management, deals and lawsuits of interest in Canada, the law and business issues of interest to legal professionals and businesses that purchase legal services.

Issue link: https://digital.carswellmedia.com/i/945258

Contents of this Issue

Navigation

Page 49 of 71

50 LEXPERT MAGAZINE | MARCH/APRIL 2018 | BIG DATA ASSETS | When Amazon acquired Whole Foods in August 2017 for US$13.7 billion, was it interested in more than its upscale gro- ceries? Amazon knew from its core online ordering business which Whole Foods products were most popular (deli turkey and coconut water, it turns out). ere was more that interested Amazon, suggests Richard Austin. "I think they were really interested in the data that Whole Foods would have about its customers," says the Toronto Informa- tion Technology partner at Deeth Wil- liams Wall in Toronto. "So you've got a large set of data with people who are in a good enough financial position that they can shop at Whole Foods. If you are Ama- zon, you now have this massive data set that is information you can use to do all the things that Amazon does as it grows and expands its businesses." Data, however, is so much trickier an asset in a merger or acquisition than dried seaweed snacks, cautions Austin, who spe- cializes in technology mergers, privacy and cyber security. And yet, transactional law- yers should think about data as they would other assets in a transaction. What is its value? What are its risks? How are these to be calculated? Austin suggests that Amazon had to ask itself, would they be able to use Whole Foods' data in new ways? For example: could Amazon use personal information on shoppers in its Marketing initiatives, or would that violate Privacy laws? is would depend on the ways in which the information was collected, and the types attacks on a website the researchers created. 'While programs are typically not permit- ted to read data from other programs, a ma- licious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs.'" Furthermore, "Although both attacks are based on the same general principle, Meltdown allows malicious programs to gain access to higher-privileged parts of a computer's memory, while Spectre steals data from the memory of other ap- plications running on a machine. And while the researchers say that Meltdown of consents that were given. Beyond these questions, there is another one: How reli- able is the data? "ose are really hard ques- tions," says Austin. And then there are the security concerns. DATA SECURITY Wired writer Andy Greenberg explains the recently announced discoveries, by various research teams, of "Meltdown" and "Spec- tre" computer attacks: In January, security researchers revealed that there was a bug in Intel chips, which "allows low-privilege processes to access memory in the comput- er's kernel, the machine's most privileged inner sanctum. eoretical attacks that ex- ploit that bug, based on quirks in features Intel has implemented for faster process- ing, could allow malicious soware to spy deeply into other processes and data on the target computer or smartphone. "And on multi-user machines, like the servers run by Google Cloud Services or Amazon Web Services, they could even al- low hackers to break out of one user's pro- cess, and instead snoop on other processes running on the same shared server." Greenberg continues: "A large team of researchers at Google's Project Zero, uni- versities including the Graz University of Technology, the University of Pennsylva- nia, the University of Adelaide in Australia, and security companies including Cyberus and Rambus together released the full de- tails of two attacks based on that flaw. "'ese hardware bugs allow programs to steal data which [is] currently processed on the computer,' reads a description of the MARTIN KRATZ > BENNETT JONES LLP "Ashley Madison should remind people that there is a liability from being exposed to a breach, and that potential liability should be part of the considerations being assessed in Due Diligence in any M&A transaction." PHOTO: SHUTTERSTOCK

Articles in this issue

Archives of this issue

view archives of Lexpert Magazine - March/April 2018