Skip to Main Content

Meet Our Professionals

Robert M. Botkin

Associate
Raleigh | 919.835.4047
Fax | 919.834.4564

Robert Botkin helps clients of all sizes, from Fortune 50 companies to startups, navigate privacy and cybersecurity issues across different industries, including technology, retail, automotive, and finance.

Robert is known for his ability to translate complex technical concepts and issues into actionable tasks that clients can use to establish effective governance programs in a rapidly changing legal landscape. Robert helps drive projects by simplifying large compliance goals into a series of smaller achievable tasks in order to properly assess and mitigate enterprise risks stemming from privacy and cybersecurity. He helps clients achieve their compliance goals while integrating technological advances, like generative artificial intelligence (AI), at speed and scale.

Robert has experience developing privacy notices, responding to security incidents, and implementing data governance programs, as well as reviewing and negotiating master agreements, software-as-a-service (SaaS) agreements, software license agreements, and other related documents. Additionally, he advises on emerging technology regulations, such as AI, biometrics, and Internet of Things (IoT) devices. His mix of regulatory and transactional experience allows him to provide tailored, business-focused, and time sensitive solutions.

Robert is an International Association of Privacy Professionals (IAPP) Certified Privacy Law Specialist (PLS), Certified Information Privacy Technologist (CIPT), IAPP Certified Information Privacy Practitioner/United States (CIPP/US), and Amazon Webs Services (AWS) Certified Cloud Practitioner.

Prior to joining the firm, Robert was an associate at a large transatlantic law firm and an associate vice president of a bulge bracket bank's Legal Data Protection and Sourcing team.

Outside of work, Robert serves on the advisory boards of Chabad Young Professionals of Raleigh and the Plant Era.

Representative Experience

Security Incidents and Breach Response

  • Handled the largest data breach within a sector and advised client during government investigations, data breach remediation, and post-incident information security program considerations.
  • Led a security incident investigation for a SaaS provider and advised on end-user communications, public disclosure requirements, and liability stemming from outages.

Implementing Data Governance Programs

  • Advised multinational corporations on structuring information security and data governance programs.
  • Drafted data processing agreements, information security agreements, and data sharing agreements tailored to the clients’ specific product/service, sophistication, and risk appetite.
  • Drafted website and mobile application terms and conditions, privacy policies, and end-user license agreements, and advised clients on best practices for structuring data flows and user interfaces.

Emerging Technology

  • Advised client on data privacy and cybersecurity considerations during the development of an Internet of Things (IoT) connected device.
  • Drafted guidance and advised clients on best practices and considerations when utilizing emerging technology such as biometrics, virtual reality devices, and artificial intelligence and machine learning models, including Generative AI (GAI) features for talk, text, and images.
  • Advised Fortune 50 company on GDPR and ePrivacy Directive compliance with regard to websites, applications, and virtual reality devices.

Data Privacy and Cybersecurity

  • Advised buy-side and sell-side clients on data privacy and cybersecurity due diligence during the mergers and acquisitions process.
  • Advised clients on streamlining obligations from privacy laws applicable to their business, such as the Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), ePrivacy Directive, California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Utah Consumer Privacy Act (UCPA), Gramm-Leach-Bliley Act (GLBA), Children’s Online Privacy Protection Act (COPPA), Family Educational Rights and Privacy Act (FERPA), state education privacy laws, and state utility privacy laws.
  • Led a review of data security and IT policies for clients across industries for compliance with the NIST Cybersecurity Framework.

Loading content

Loading content

Honors & Awards

  • International Association of Privacy Professionals (IAPP), Certified Information Privacy Practitioner/ U.S., 2021- Present
  • Amazon Web Services Certified Cloud Practitioner, 2021- Present
  • International Association of Privacy Professionals (IAPP), Certified Information Privacy Technologist, 2021-Present
  • Leadership Raleigh, Class of 2025

Memberships and Affiliations

  • The Plant Era, Strategic Advisor, 2021-Present 
  • Chabad Young Professionals Board of Directors, Chairman of the Board, 2018 – Present