Robert Lister

    Robert Lister

    Director

    robert.lister@squirepb.com View Full Bio

    Robert Lister is a director in our Data Privacy, Cybersecurity & Digital Assets Practice, based in our London office.

    Robert’s practice is multidisciplinary and he has extensive experience in providing practical legal and business-focused counsel to top-tier clients on a wide range of data privacy, information security and incident response issues, as well as IP, IT, digital regulatory, e-commerce and broader commercial issues.

    Robert typically advises on international issues, encompassing legal and regulatory compliance, crisis management, transactional and commercial matters, with a focus on the finance, investment, asset management, technology, IT services, healthcare, life sciences, professional services, consumer goods, media, travel and sports sectors. Having spent a significant period of time working on secondment in the US before joining the firm, he also has a deep understanding of, and particular experience advising, US businesses looking to expand or launch new operations, goods or services in the UK and Europe.

    Robert counsels UK, US and other international clients on a full range of data privacy matters, including developing global data protection strategies, implementing compliance programmes, conducting data audits, risk and gap assessments, advising on complex international data transfer and sharing issues, drafting and negotiating data processing and related agreements, and advising on data protection issues related to new products or services, contentious data subject rights requests and electronic direct marketing. He also has a wide range of experience assisting clients in managing, documenting and, where necessary, reporting cross-border IT incidents and data breaches.

    Robert’s practice is on the cutting edge of new and emerging technologies and regulatory regimes, and he regularly advises on issues surrounding digital assets, online intermediary services, the use of AI and ownership of generative AI assets, cybersecurity and the exploitation and protection of data.

    Robert’s extensive experience on complex, high-value buy- and sell-side M&A transactions and private equity investments covers conducting all aspects of IP, IT and data protection buy- and sell-side due diligence, negotiating purchase agreements and TSAs, and remediating significant issues identified during diligence, including in respect of data, IP and technology-driven targets.

    Robert also has particular experience advising on UK and EU IP and commercial law issues and international technology transactions, with specific emphasis on soft IP, brand and technology commercialisation and strategic licensing, technology transfers, distribution and agency, IT and transitional services, e-commerce/procurement, outsourcing, sponsorship, online contracting, website creation/development, product labelling and marketing issues.

    Award Mouse thought multimedia interface book medal screen monitor

    Explore

    Data Privacy and Cybersecurity

    • Acting for a wide range of multinational clients, including asset managers, hedge funds, investment banks, private equity firms, portfolio companies, a major sports league and B2C and B2B businesses across a variety of sectors, on global data protection strategies and implementing and operationalising compliance programmes (or integrating bolt-on acquisitions into existing programmes), including undertaking gap/risk assessments, stress testing existing policies and procedures, drafting compliance documentation, providing training to key stakeholders and advising in relation to ongoing and discreet issues.*
    • Counselling various UK, EU, US and other international clients on assessing, managing, documenting and reporting multijurisdictional data breaches and cybersecurity incidents, including drafting notifications to regulators and affected individuals, as well as working with forensics, strategic, communications, recovery, local and other specialist counsel or advisors.*
    • Advising on complex international data transfer strategies, in particular regarding Schrems II, as well as undertaking transfer risk assessments, implementing transfer mechanisms, advising on certification to the EU-US Data Privacy Framework and successfully assisting clients to obtain binding corporate rules approval from EU regulators.*
    • Assessing vendor management procedures for numerous international controller and processor clients, drafting and negotiating complex data processing and transfer agreements, particularly with major IT and software as a service (SaaS) providers, drafting practical contract templates and negotiation playbooks, and providing related training.*
    • Advising on a wide range of discreet data protection, privacy and adjacent issues, including the application of the EU/UK General Data Protection Regulation (GDPR) to US and other non-EU/UK clients, high-risk processing, data protection officer and representative appointments, data protection impact assessments, legitimate interest assessments, data subject rights and UK and US law enforcement requests, employee monitoring, cookie and tracking technology usage, automated decision-making, profiling, consumer engagement, direct marketing and data sharing, localisation, scraping, licensing and other data commercialisation matters.*
    • Counselling medical centres, universities and healthcare, pharmaceutical and life sciences companies on the application of the EU/UK GDPR to their activities, as well as trial sites and sponsors on trial agreements and privacy notice and consent requirements, including in the context of various novel clinical trials conducted in the EU and the UK, and negotiating data-related aspects of medical device and drug manufacture and distribution agreements.*
    • Regularly drafting, advising on and, where needed, negotiating the data protection and direct marketing aspects of asset management and fund documentation, including private placement memoranda, investor portal notices and subscription, manager, administration, depositary and other agreements, as well as advising on GDPR compliance programmes in connection with the establishment of new EU/UK funds.*

    Digital Assets

    • Advising various clients, including financial institutions, asset managers and a global brand protection company, on new and upcoming UK and EU digital regulatory, data and cybersecurity legislation, such as the AI Act, Digital Services Act, Online Safety Act, Digital Operational Resilience Act, NIS2 Directive, Cyber Resilience Act, Data Act, Data Governance Act and Financial Data Access framework.*

    IP, Commercial and Technology Transactions

    • Drafting and negotiating supply of goods/services and technology contracts for various clients on both the provider and customer sides, including software development and integration, managed services, IT consultancy, SaaS platform and master services/framework agreements.*
    • Advising various international professional services and asset management clients entering into UK IT vendor contracts, including regarding on-premises software licence and SaaS services and maintenance agreements, data centre/hosting agreements, end user licence agreements, terms of use, purchase orders and service level agreements.*
    • Advising a US investment management firm in the negotiation of a complex master services and data processing agreement and initial purchase orders with a new SaaS asset management platform services provider.*
    • Advising a major pharmaceutical company on the outsourced development, sponsorship and subsequent licensing and sale of its proprietary software, including drafting and negotiating the primary transaction documentation and related sponsorship, licence and transfer agreements.*
    • Advising a well-known UK beauty brand on, and negotiating relevant agreements regarding, the outsourced design, development and hosting of new international websites, as well as the marketing, sale and distribution of its products in the UK, Europe and North America.*
    • Negotiating cloud services agreements for a number of high-profile clients, including a leading multinational pharmaceutical and biotechnology company and a US hedge fund, in particular with market-leading IT service providers.*
    • Advising a high-profile US talent agency and various sports content distributors on the development, licensing and other exploitation of IP assets, software and data.*
    • Advising various US and other international clients across a variety of sectors on significant changes to their IT infrastructure, in particular in the context of outsourced services and moving servers or hosting services into or out of Europe.*
    • Advising on discrete trademark, design, copyright and database rights issues, including in the context of IP commercialisation, antitrust investigations and insolvencies, as well as in relation to the registration and perfection of security interests over IP.*
    • Acting for a leading performance sportswear brand in the drafting and negotiation of kit and replica shirt sponsorship agreements, including with Premier League and Bundesliga 2 football and Premiership rugby teams.*

    *Denotes a matter handled prior to joining the firm.

    Education

    • College of Law, London, LL.B. (Hons.), Law, with first class honours, 2010
    • College of Law, London, L.P.C., with distinction, 2010
    • College of Law, London, G.D.L., with distinction, 2009
    • University of Nottingham, B.A. (Hons.), Modern Language Studies, 2007

    Admissions

    • England and Wales, 2014

    Related Services
    Award Mouse thought multimedia interface book medal screen monitor