T +1 650 213 0348
T +1 650 815 1061 (mobile)
T +44 20 7532 1000
Robert is a Counsel in the Intellectual Property Group, with a focus on Data Privacy and Technology Transactions.
For over a decade he has advised clients on: regulatory compliance matters such as data privacy, consumer protection, and online / mobile payments and commerce; transactional and other commercial matters, including drafting and negotiating complex IT/IP contracts; and international expansion and associated cross-border and multi-jurisdictional issues.
Robert works for clients in a wide range of sectors, particularly technology, including fintech, adtech, medtech, social media and other data-driven industries, as well as telecommunications, media, and retail.. He is particularly sought after by U.S. technology companies for business-critical advice on U.S., European and cross-border data privacy compliance in the context of their domestic and international operations (including the extent to which their specific data processing activities are subject to particular jurisdictions' legal regimes).
Robert also has deep insight pertaining to European regulatory enforcement, having spent two years on a secondment at the UK's consumer protection regulatory agency.
Helping clients navigate the Health Insurance Portability and Accountability Act, the Health Information Technology for Economic and Clinical Health Act, and related regulation concerning Protected Health Information, as well as associated Business Associate Agreements between Covered Entities and their vendors.
Advising on the impact of the Children's Online Privacy Protection Act on both general audience websites and websites directed to children.
Assisting digital media platforms on compliance with the Video Privacy Protection Act, including in relation to integration and data-sharing with third party social media and other technology platforms.
Helping clients with data security breach notification policies and to manage suspected or actual data security breaches.
Managing responses by domestic and international businesses to law enforcement and litigation discovery requests.
Strategies for multinational businesses to export European personal data to the US and elsewhere around the world in compliance with Europe's data privacy regime (one of the strictest in the world), using mechanisms such as model contracts, binding corporate rules or business-specific analysis of certain legislative derogations.
Preparing global businesses for binding corporate rules applications involving: analyses of the business's data collection, processing, usage and storage activities; identification of gaps in data privacy compliance; and assisting with preparation and implementation of necessary internal compliance procedures such as employee guidelines/training processes, subject access request/complaint procedures and data security policies.
Auditing and documenting businesses' technical and organizational data security measures.
Managing opt-in and opt-out consent mechanisms to enable clients to engage in first and third-party direct marketing activities.
Negotiating, drafting and advising clients on the commercial, data privacy and other regulatory aspects of technology transactions.
"Privacy in the Era of Safe Harbor II", 2016: 13th Annual Stanford E-Commerce Best Practices Conference, Stanford Law School
"GDPR Compliance Countdown – It’s All About the Details Now", 2016: TRUSTe Privacy Risk Summit, San Francisco
"Counsel's Toolbox: Innovation in Managing Digital Privacy Risk", 2016: Legaltech West Coast, San Francisco
"How to Handle Cross-Border Data Transfers Post Safe Harbor and the Birth of the GDPR", 2016: Masters Conference for Legal Professionals – Cybersecurity and Cross Border eDiscovery,
"Privacy By Design", 2016: Berkeley Center for Law & Technology's 5th Annual Privacy Law Forum,
"Changing Rules for Data Privacy: Liability, Reform, and Opportunity", 2016: Autonomous Cars Silicon Valley Conference
"Practical Guidance on International Data Transfers", 2016: Union Square Ventures Legal Lunch,
"European Data Privacy", 2014: Union Square Ventures Legal Lunch,
"Exhaustion of Distribution Rights and Software Downloads", 2013: US Association of Corporate Counsel
"Mobile App Privacy for Developers: EU/US Perspectives", 2013: UK Trade & Industry App Developer Mission,
"Making Social Media Work for You", 2013: US Association of Corporate Counsel
EU Regulatory Agendas: EDPS Priorities 2016 and Article 29 Working Party Work Programme 2016 – 2018, White & Case, February 25, 2016
Introduction of New EU General Data Protection Regulation: Final Stages, White & Case, December 22, 2015
EU Consumer Rights and US Businesses, The Los Angeles|San Francisco Daily Journal, July 8, 2014
Eternal Sunshine of the Spotless Search, The Los Angeles|San Francisco Daily Journal, June 16, 2014
The Proposed Ban on Credit and Debit Card Surcharges, E-Finance & Payments Law & Policy, November 2012
Smarter Thinking – Connected TV, Law and Regulation, Entertainment Law Review, June 2012