News & Resources

Publications & Media

“VCs considering data when evaluating funding targets”

Safe and Sound By Margaret Utterback

With major data breaches seemingly in the news every day, venture capitalists are increasingly considering data issues as they evaluate potential investments.

Gone is the era when data privacy concerns were not a priority for VCs, according to arecent post in The Privacy Advisor by Sam Pfeifle. The post noted venture capitalist Andreessen Horowitz’s hiring of Ted Ullyot, former Facebook general counsel, who worked on that company’s settlement with the Federal Trade Commission. The hiring is a sign of the times, Pfeifle wrote.

Yes, it’s becoming clear: While the Digital Age continues to boom, if you want funding to get your firm booming, you’d better make sure your privacy house is in order.

Data security – and possible data breaches – are now such significant business concerns that VCs couldn’t do responsible due diligence if they didn’t consider security issues when performing valuation analyses.

Put another way, if a funding target has been collecting data haphazardly – e.g., the company hasn’t been storing data as it should have – VCs are increasingly factoring potential liability and possible bad press into valuations. The issue has bubbled up to boardrooms; Steve Herrod, a partner at General Catalyst, which funded Snapchat and Kayak among others, told Pfeifle:

“I’ve been working in the tech space for a while,” he said, “and it’s really become a board-level issue for the first time—obviously, in light of well-publicized breaches. In many cases, IT has never been a board-level discussion. That’s changed.”

As VCs change with the times, federal regulators are looking to keep up. As we wrote this spring, the Department of Justice has provided guidance to companies, with a special emphasis on identifying “crown jewels.” Meanwhile, the Federal Trade Commission recently outlined what a business should expect if it’s the subject of an investigation related to data problems.

For VCs, the issue isn’t just whether or how potential funding recipients have covered themselves and possible investors. They’re are also interested in technology that will increase corporate America’s ability to stave off data breaches. Here’s more from Pfeifle:

Jon Brod is a cofounder of Confide, an ephemeral messaging service he describes as being LinkedIn to Snapchat’s Twitter. As he built his privacy-focused firm, “We didn’t even have a pitch deck,” he said of looking for money to grow. “We got absolutely inundated with VC interest.”

And if you still need convincing that data plays a big role in valuations — in varied ways — check out how Uber’s data-mining abilities helped increase that company’s $50 billion valuation earlier this year.