Robert W. Rubenstein


Robert focuses on corporate transactional matters and advises clients on technology transactions, data privacy, and security compliance (FTC, GDPR, FFIEC, and the New York DFS Cybersecurity Regulation). He negotiates and drafts various transactional documents, such as software as a service (SaaS) and software licensing agreements, software and technology development agreements, privacy policies and online terms of service, and data licensing agreements. Robert also counsels clients on a broad range of corporate matters, including mergers and acquisitions.

Prior to joining the firm, he was an attorney in the corporate practice group of an international law firm.

Robert earned his bachelor’s degree from Dickinson College and his law degree from Drexel University Thomas R. Kline School of Law. While in law school he was an intern for the Honorable Timothy J. Savage, U.S. District Court for the Eastern District of Pennsylvania.



The New Standard Contractual Clauses Deadline is Approaching [Cyber Law Monitor Blog]

August 15, 2022

On June 4, 2021, the European Commission introduced the new set of Standard Contractual Clauses (“SCCs”), a primary mechanism for lawfully transferring personal data from Europe to the United States under the European Union’s General Data Protection Regulation. These new SCCs replace the three...

SEC Proposes New Cybersecurity Disclosure Rules for Public Companies [Cyber Law Monitor Blog]

March 24, 2022

On March 9, 2022, the SEC proposed new rules (“Proposed Rules”) that would expand cybersecurity disclosures applicable to public companies subject to the reporting requirements of the Securities Exchange Act of 1934 (“Exchange Act”). Existing SEC rules do not explicitly require cybersecurity...

Federal Agencies Announce a New 36-Hour Cybersecurity Incident Rule Reporting Requirement [Cyber Law Monitor Blog]

January 05, 2022

On November 18, 2021, the Office of the Comptroller of the Currency (“OCC”), the Board of Governors of the Federal Reserve System (“Board”), and the Federal Deposit Insurance Corporation (“FDIC”) (collectively, the “Agencies”) issued a new rule (the “Rule”) that requires banking organizations and...

FTC’s Amended Safeguards Rule Imposes Significant Requirements on Covered Entities [Cyber Law Monitor Blog]

December 16, 2021

On October 27, 2021, the Federal Trade Commission (“FTC”) announced new updates to the Gramm-Leach-Bliley Act (“GLBA”) by amending the Standards for Safeguarding Customer Information, known as the “Safeguards Rule,” and issuing a final rule (the “Final Rule”). The Safeguards Rule is designed to...


  • Drexel University Thomas R. Kline School of Law, J.D., 2018
  • Dickinson College, B.A., 2015

Awards & Honors

Sarah Nerino Perseverance Award

  • Pennsylvania
  • U.S. District Court -- Eastern District of Pennsylvania

Hon. Timothy J. Savage, United States District Court for the Eastern District of Pennsylvania