About

Judith G. Rubin is Senior Counsel in the Privacy & Cybersecurity Group and a member of the Technology Media & Telecommunications group.

Judith counsels clients…

Judith G. Rubin is Senior Counsel in the Privacy & Cybersecurity Group and a member of the Technology Media & Telecommunications group.

Judith counsels clients across a wide range of industries, including financial services, technology, medical devices, pharmaceuticals and media, on privacy and cybersecurity laws and best practices in the US and Europe. She routinely advises clients in corporate transactions such as complex public and private asset or stock acquisitions, divestitures and cross-border mergers about deal- and business-related privacy and cybersecurity risks, regulatory developments and enforcement trends.

Another focus of Judith’s practice is the facilitation of internal privacy compliance programs, including data mapping, risk assessments, internal privacy and cybersecurity policies and procedures, data use and sharing agreements, vendor due diligence and contract revisions. She has advised clients in various sectors on marketing compliance, including requirements for data brokers, advertising best practices, marketing to children, cookies and chatbots.

Judith helps companies respond to data breaches, prepare for such incidents, and develop and implement global privacy programs and policies aimed at protecting data and mitigating risk under a range of regulatory regimes. She has represented clients in regulatory enforcement actions across a variety of jurisdictions. She also provides counsel on interactions with regulators and law enforcement, as well as company stakeholders, affected individuals and the public.

Judith previously practiced at several Am Law 100 firms in the United States and in Europe. Fluent in German, she served as a judicial clerk for two years in the Bundesverfassungsgericht, the German Supreme Constitutional Court in Karlsruhe. She also speaks basic Russian, French, Bosnian and Polish.

Judith is a Certified Information Privacy Professional in the United States (CIPP/US) and Europe (CIPP/E), and a Certified Information Privacy Technologist (CIPT).

Show more Show less

Latest Post

On May 27, 2026, Connecticut Governor Ned Lamont signed Senate Bill 4, now Public Act No. 26-64 (the “Act”),[1] significantly expanding the Connecticut Data Privacy Act (CTDPA).

The Act creates a California Delete Act-style, but Connecticut-specific, data broker registration and deletion-mechanism regime. It also restricts the sale, sharing, transfer, and provision of access to precise geolocation data;[2] imposes facial recognition transparency requirements; adds surveillance-pricing prohibitions and disclosure obligations; narrows the CTDPA’s “publicly available information” exclusion; adds rules for certain employment-related processing and profiling decisions; expands consumer deletion rights; and regulates direct-to-consumer (DTC) genetic testing companies.

At a high level, the Act adds compliance obligations for data brokers, CTDPA controllers and processors, retailers, third-party delivery services, and DTC genetic testing companies.[3]

These amendments follow shortly after the July 1, 2026 effective date for separate CTDPA amendments enacted in 2025 through SB 1295, which expanded coverage thresholds, added profiling impact assessment obligations, and imposed minors-related requirements. Companies should thus treat SB 4 as part of a broader 2026 Connecticut compliance cycle, rather than a standalone update.

About

Judith G. Rubin is Senior Counsel in the Privacy & Cybersecurity Group and a member of the Technology Media & Telecommunications group.

Judith counsels clients…

Judith G. Rubin is Senior Counsel in the Privacy & Cybersecurity Group and a member of the Technology Media & Telecommunications group.

Judith counsels clients across a wide range of industries, including financial services, technology, medical devices, pharmaceuticals and media, on privacy and cybersecurity laws and best practices in the US and Europe. She routinely advises clients in corporate transactions such as complex public and private asset or stock acquisitions, divestitures and cross-border mergers about deal- and business-related privacy and cybersecurity risks, regulatory developments and enforcement trends.

Another focus of Judith’s practice is the facilitation of internal privacy compliance programs, including data mapping, risk assessments, internal privacy and cybersecurity policies and procedures, data use and sharing agreements, vendor due diligence and contract revisions. She has advised clients in various sectors on marketing compliance, including requirements for data brokers, advertising best practices, marketing to children, cookies and chatbots.

Judith helps companies respond to data breaches, prepare for such incidents, and develop and implement global privacy programs and policies aimed at protecting data and mitigating risk under a range of regulatory regimes. She has represented clients in regulatory enforcement actions across a variety of jurisdictions. She also provides counsel on interactions with regulators and law enforcement, as well as company stakeholders, affected individuals and the public.

Judith previously practiced at several Am Law 100 firms in the United States and in Europe. Fluent in German, she served as a judicial clerk for two years in the Bundesverfassungsgericht, the German Supreme Constitutional Court in Karlsruhe. She also speaks basic Russian, French, Bosnian and Polish.

Judith is a Certified Information Privacy Professional in the United States (CIPP/US) and Europe (CIPP/E), and a Certified Information Privacy Technologist (CIPT).

Show more Show less
Connect: https://www.proskauer.com/professionals/judith-rubin
Subscribe: Subscribe via RSS
Blogs
Firm/Org