• Share
  • Email
  • Print

Rob Pulham

Special Counsel
Fax +61.3.9205.2055
Rob Pulham is an experienced corporate advisory and transactional lawyer with an active technology and privacy practice representing companies in the energy, manufacturing, mining, retail, health and financial services sectors, as well as government and not for profit organisations. He has extensive experience advising customers and vendors in the technology industry, with particular focus on software licensing, data privacy and protection, and systems integration projects. In his role as a senior corporate lawyer, Mr. Pulham reviews organisational policies and practices regarding data privacy to identify key risks, develops and implements strategies to mitigate privacy and cybersecurity risks, and advises clients in the investigation of, and response to, data breaches.

Mr. Pulham also serves as a strategic advisor to his clients, regularly advising on large outsourcing and technology procurement matters including negotiating software licensing terms with ERP and CRM vendors such as Oracle, SAP and Salesforce, and on major systems integration transactions. He advises his clients on all facets of their technology practices, procurement and needs, including key technology procurement requirements and licensing issues (acting for both customer and service provider clients), marketing and advertising in compliance with Australian competition and consumer laws, website content and terms of use, and general commercial intellectual property and software licensing matters.

Professional Background

Prior to joining the firm, Mr. Pulham spent many years at a top tier national Australian law firm, working primarily in the firm's intellectual property and technology team. He has also gained valuable in-house experience working on various substantial client secondments including with the Victorian Bushfires Royal Commission, and with clients in the banking, food and beverage manufacturing and health sectors.

Professional/Civic Activities

  • Member of the International Association of Privacy Professionals
IT / Enterprise Resource Projects
  • Advising Papua New Guinea's largest oil and gas exploration and development company in relation to the negotiation of a system implementation and services agreement for its ERP implementation project.
  • Advising several clients in relation to procurement of Microsoft cloud-based software solutions and the impact of Microsoft's standard Australian contracting terms on the particular client's circumstances. 
  • Advising a national healthcare provider in relation to its negotiation of terms for the design, provision and implementation of a cloud-based relationship management system.
  • Assisting business units and procurement teams at one of the major Australian banks to acquire technology systems and services, including website and applications development agreements and compliance with privacy laws, as part of secondments to the bank's internal technology legal team.
  • Advising and negotiating agreements for a client in the online education sector in implementing an online customer relationship management system with Salesforce.
  • Conducting due diligence reviews of organisations' information and communications technology spend, licences, services agreements and technology requirements, and advising clients on key risks in seeking to acquire or divest those organisations.
  • Advising a large online marketplace in relation to its procurement of a cloud-based website and email traffic redirection service for protection against malicious attacks such as distributed denial of service attacks.
  • Advising clients acquiring substantial levels of telecommunications services, including considering tender responses from leading telecommunications service providers in Australia, including Vodafone, Optus and Telstra.
Data Protection, Privacy and Cybersecurity
  • Providing advice to a Victorian government agency concerning its general privacy obligations under the Information Privacy Act 2000 (Vic) and the Health Records Act 2001 (Vic), including:
    • providing detailed advice about what impact the proposed use of cloud computing solutions would have on the agency's privacy obligations
    • advising on its privacy obligations for promotional projects and information collection forms, drafting general privacy policies, and privacy policies specifically in relation to telecommunication carrier licence obligations, and advising in relation to Victorian Privacy Commissioner audits.
  • Advising leading national sporting bodies on compliance with privacy requirements when collecting and processing personal information provided to or from their associated clubs, conducted presentations on privacy reform and key issues in privacy law.
  • Advising a Victorian state sporting club on compliance with privacy requirements when collecting and processing personal information provided to or from its associated clubs in relation to a software application being developed for use by supporters and other individuals associated with the clubs.
  • Conducting privacy presentations and training for a reseller in the Victorian utilities sector and assisting the reseller in designing its privacy reform project.
  • Assisting a Western Australian utility organisation to address aspects of its privacy reform project.
  • Providing various advices to an Australian charity in relation to its privacy practices, including:
    • the adequacy of its agreements and processes to be adopted for conducting fundraising campaigns with the assistance of third parties, including issues regarding transborder data flows
    • collecting personal details and sending cards to individuals on behalf of other individuals
    • general spam and privacy issues regarding direct marketing via email using personal information collected from donors.
  • Advising an Australian charity in relation to its privacy practices and the implementation of a privacy project to comply with recent privacy reforms.
  • Presenting to clients and industry, and advising a large number of clients, about the effect of the changes to the Privacy Act 1988 (Cth) in March 2014, which are the most significant reforms since the Privacy Act was extended to cover the private sector in 2001.
  • Reviewing privacy practices and policies for various clients and advising on required amendments to comply with recent reforms to the Privacy Act. 
  • Advising a health service provider in relation to the inadvertent disclosure of emails containing personal information of one individual to a separate individual.