Edwards Wildman Palmer LLP

Thomas J. Smedinghoff Edwards Wildman Palmer LLP Partner Chicago Tel 312.201.2021 Fax 855.593.0972 Download VCard

Thomas Smedinghoff is a partner at Edwards Wildman, where his practice focuses on the new legal issues relating to the developing field of information law and electronic business activities. Tom is internationally recognized for his leadership in addressing emerging legal issues regarding electronic transactions, privacy, information security, and online authentication issues from both a transactional and public policy perspective. He has been retained to structure and implement first-of-their-kind e-commerce initiatives, electronic transactions, and identity management and information security legal infrastructures for the federal government, and national and international businesses including banks, insurance companies, investment companies, and certification authorities. He has also been actively involved in developing legislation and public policy in the area of electronic business at the state, national, and international levels.

• Chair of the American Bar Association Identity Management Legal Task Force, and working with private sector, federal government, and international organizations to address the challenges of developing an identity management legal framework
  
  
• Serves as counsel for companies, government agencies, and trade associations throughout the world in addressing new and developing legal issues relating to electronic business activities, online electronic transactions, identity management, information security, and data privacy.
  
  
• Has worked extensively with clients in newly developing legal areas such as identity management and online authentication, electronic negotiable instruments, digital signatures and voice signatures, PKI, e-notarization, and other unique forms of electronic transactions and e-business activities.
  
  
• Was a pioneer in the subject of PKI and digital signature law, representing the federal government, national banks, and certification authorities in developing first-of-their-kind public key legal infrastructures.
  
  
• Chaired the Illinois Commission on Electronic Commerce & Crime, and in that capacity wrote the Illinois Electronic Commerce Security Act (enacted in 1998). This Act had a significant influence on national and global e-commerce legislation, including the Uniform Electronic Transactions Act in the U.S., the European Union Electronic Signature Directive, the United Nations UNCITRAL Model Law on Electronic Signatures, the Canadian Personal Information Protection and Electronic Transactions Act, and the Singapore Electronic Transactions Act.
  
  
• Helped to negotiate the 2005 United Nations Convention on the Use of Electronic Communications in International Contracts as part of the U.S. Delegation to the United Nations Commission on International Trade Law. This is the first international treaty that focuses on general cross-border e-commerce and electronic transactions, and is expected to have a major impact on international business.
  
  
• Assisted in development of a new identity management legal structure for browser-based online authentication. Resolved rights, responsibilities, and liabilities of participants in system to allow website users to verify the identity of the company they are dealing with, in order to address the problem of phishing and to promote secure commerce.

Reported Decisions

• Central Point Software, Inc. v. Nugent, 903 F. Supp. 1057; 37 U.S.P.Q.2D (BNA) 1051; Copy. L. Rep. (CCH) P27,478, E.D. Tex. 1995

Professional Activities
United Nations

• Member, U.S. Delegation to the United Nations Commission on International Trade Law (UNCITRAL), participating in the Working Group on Electronic Commerce, 1997–present
  
  
• Member, World Customs Organization - UNCITRAL Joint Legal Task Force, 2008-present
  
  
• Member, Legal Working Group of the United Nations Center for Trade Facilitation and Electronic Business (UN/CEFACT), 2004–present

Uniform Law Commission (National Conference of Commissioners on Uniform State Laws)

• ABA Advisor to Committee to Implement the UN E-Commerce Convention, 2008-present
  
  
• ABA Advisor to Drafting Committee on Uniform Electronic Transactions Act (now adopted in 47 states), 1997–1999

State of Illinois

• Chair, Illinois Commission on Electronic Commerce and Crime, 1996–1998

American Bar Foundation

• Fellow, American Bar Foundation, 2004-present

Academic Appointments

• Adjunct Assistant Professor of Business Law, Brennan School of Business, Dominican University, 2004–present
  
  
• Adjunct Professor, The John Marshall Law School, Chicago, 1985–2002

Editorial Boards

• Member, Board of Editors, BNA Electronic Commerce & Law Report, 2000–present
  
  
• Member, Editorial Board, Internet Law & Business, 1999–present
  
  
• Member, Board of Editors, Privacy & Data Security Law Journal, 2005–present
  
  
• Member, Board of Editors, BNA Privacy & Security Law Report, 2009-present
  
  
• Member, Board of Editors, The SciTech Lawyer, ABA Section of Science & Technology Law, 2008-present

American Bar Association

• Chair, Federated Identity Management Legal Task Force, Section of Business Law, 2009–present
  
  
• Co-Chair, Cyber Security Subcommittee, Section of Business Law, 2011-present
  
  
• Chair, Section of Science & Technology Law, 1999–2000
  
  
• Chair, Electronic Commerce Division, Section of Science & Technology Law, 1995–2003
  
  
• Chair, International Policy Committee, Section of Science & Technology Law, 2003–2011
  International Technology Law Association

International Association of Privacy Professionals

Chicago Bar Association

• Chair, Computer Law Committee, 1984–1985

Recognized In

• Best Lawyers in America 2011 (Information Technology Law)
  
  
• Chambers USA 2012: America’s Leading Business Lawyers (Privacy & Data Security Law; Technology Law)
  
  
• Chambers Global: The World’s Leading Lawyers 2011 (Technology Law)
  
  
• International Who's Who of Internet & e-Commerce Lawyers, 2011 & 2012
  
  
• Legal Media Group: Guide to the World’s Leading Technology, Media and Telecommunications Lawyers (Information Technology Law)
  
  
• Leading Lawyers (Computer & Technology Law; International & Business Trade Law)
  
  
• SuperLawyers 2011 and 2013, (Illinois) (Information Technology/Outsourcing, International, Intellectual Property)
  
  
• Who’s Who in American Law 2011, Marquis Who’s Who
  
  
• Who’s Who in the World 2011, Marquis Who’s Who

Books

• INFORMATION SECURITY LAW: THE EMERGING STANDARD FOR CORPORATE COMPLIANCE, (IT Governance Publishing, 2008).
  
  
• ONLINE LAW: THE LEGAL GUIDE TO DOING BUSINESS ON THE INTERNET (editor and principal author); (Addison-Wesley, 1996, 6th printing 2000) (Japanese translation published by Shichiken Publishing Co., 1998).
  
  
• MULTIMEDIA LAW HANDBOOK (Wiley Law Publications 1995).
  
  
• THE SOFTWARE PUBLISHERS ASSOCIATION LEGAL GUIDE TO MULTIMEDIA (Addison-Wesley, 1994).
  
  
• THE LEGAL GUIDE TO DEVELOPING, PROTECTING AND MARKETING SOFTWARE (John Wiley & Sons, Inc. 1986).

Book Chapters

• “Ambiguities in State Security Breach Notification Statutes,” published as chapter in Thomson, Ed., DATA BREACH AND ENCRYPTION HANDBOOK (American Bar Association, 2011)
  
  
• "Legal and Regulatory Obligations," published as chapter in Axelrod, Bayuk and Schutzer. Ed, ENTERPRISE INFORMATION: SECURITY AND PRIVACY (Artech House, 2009)
  
  
• "Defining the Legal Standard for Information Security: What Does "Reasonable" Security Really Mean?," published as chapter in Chander, Gelman and Radin, Ed., SECURING PRIVACY IN THE INTERNET AGE, (Stanford University Press, 2008)
  
  
• “Analysis of Article 9 of the United Nations Convention on the Use of Electronic Communications in International Contracts,” and “Role of Information Security in the Electronic Communications Convention,” published as chapters in Boss and Kilian, Ed., THE UNITED NATIONS CONVENTION ON THE USE OF ELECTRONIC COMMUNICATIONS IN INTERNATIONAL CONTRACTS: AN IN-DEPTH GUIDE AND SOURCEBOOK (Kluwer Law International, 2008)
  
  
• “Structuring International E-Transactions,” published as chapter in “Inside the Minds” book titled INTERNATIONAL TRADE LEGAL STRATEGIES (Aspatore Books, Nov. 2007)
  
  
• “Developing a Legally Compliant Corporate Information Security Program,” published as chapter in book titled THE IN-HOUSE COUNSEL’S ESSENTIAL TOOLKIT (American Bar Association, July 2007)
  
  
• “E-Commerce Law” (co-author), published as Chapter 29 in 4-volume treatise titled UNITED STATES LAW OF TRADE AND INVESTMENT (William S. Wm. S. Hein & Co, 2001)
  
  
• “Creating Enforceable Electronic Transactions” published as chapter in book titled INTERNET LAW FOR THE BUSINESS LAWYER (American Bar Association, 2001).

Recent Articles

• "Massachusetts to Retailers: ZIP Codes Are Personal Info," quoted, Ad Age, April 4, 2013.
  
  
• “Computing and the Law: Privacy and Data Security," co-author, Computer Magazine, March 2012.
  
  
• “European Data Protection Reform Update: Summary of the 25 January 2012 Announcement,” co-author, Edwards Wildman Palmer LLP Client Advisory, January 2012.
  
  
• “Solving the Legal Challenges in Verifying Online Identity,” The SciTech Lawyer, Volume 8, Number 2, Fall 2011.
  
  
• “WikiLeaks Incident - Two Key Legal Lessons for Business,” Client Bulletin, December 2010.
  
  
• "Developing a Comprehensive Written Information Security Program," The Computer & Internet Lawyer, Vol. 27, No. 11, November 2010.
  
  
• "Building an Online Identity Legal Framework: The Proposed National Strategy," BNA Privacy & Security Law Report, July 12, 2010.
  
  
• “Federated Identity Management: Balancing Privacy Rights, Liability Risks, and the Duty to Authenticate,” (SSRN, August 21, 2009).
  
  
• "New Data Security Regulations Create Compliance Challenges for Businesses," The Secure Times, Winter 2009 (Co-Author).
  
  
• “Defining the Legal Standard for Information Security: What Does “Reasonable” Security Really Mean?,” published as chapter in Chander, Gelman and Radin, Ed., Securing Privacy in the Internet Age, (Stanford University Press, 2008).
  
  
• "New State Regulations Signal Significant Expansion Of Corporate Data Security Obligations," BNA Privacy & Security Law Report, October 20, 2008 (Co-Author).
  
  
• “The Legal Challenges of Implementing Electronic Transactions,” UCC Law Journal, Vol. 41, No. 1, September 2008.
  
  
• “Addressing The Legal Challenges of Federated Identity Management,” BNA Privacy & Security Law Report, March 3, 2008.
  
  
• “The State of Information Security Law: A Focus on the Key Legal Trends,” EDPACS, The EDP Audit, Control, and Security Newsletter, January-February 2008.
  
  
• “It's All About Trust: The Expanding Scope of Security Obligations in Global Privacy and E-Transactions Law,” Michigan State Journal of International Law, December 2007.
  
  
• “Structuring International E-Transactions,” International Trade Legal Strategies, Aspatore Books, November 2007.
  
  
• “Director Responsibilities For Data Security: Questions the Board Should Ask,” Director’s Monthly, April 2007.
  
  
• “Where We’re Headed – New Developments and Trends in the Law of Information Security,” Privacy & Data Security Law Journal, January 2007.
  
  
• “Security Breach Notification Law—Defining a New Corporate Obligation,” World Data Protection Report, September 2006.
  
  
• “E-Transactions: The Key Rules for Ensuring Enforceability,” Electronic Banking Law & Commerce Report, June 2006.
  
  
• “Online Access to Corporate Information: New Legal Rules for Authentication,” Privacy & Data Protection Legal Reporter, May 2006.
  
  
• “Online Transactions: The Rules for Ensuring Enforceability in a Global Environment,” The Computer & Internet Lawyer, April 2006.
  
  
• “The Challenge of Electronic Data: Corporate Legal Obligations to Provide Information Security,” The Wall Street Lawyer, March 2006.

Recent Presentations

• “Computing and the Law: Privacy and Data Security,” speaker, Computer Magazine Podcast, March 2012.
  
  
• "Protecting Personal Information," Illinois State Bar Association Online Course (March 14, 2012).
  
  
• “Data Breach Laws: Will They Save or Sink You in a Massive Attack?," RSA Conference 2012 (February 29, 2012, San Francisco)
  
  
• “Tackling the Identity Management Liability Problem," RSA Conference 2012 (February 29, 2012, San Francisco)
  
  
• "Solving the Legal Challenges of Identity Management,"  ABA Cyberspace Law Committee Institute and Winter Working Meeting, January 20-21, 2012
  
  
• “Recent Developments in Cyber Risk,”  Edwards Wildman Palmer LLP Webinar, November 17, 2011.
  
  
• “State & Federal Law Privacy Update,” PLI Twelfth Annual Institute on Privacy & Data Security Law (July 18-19, 2011, Chicago and May 23, 2011, San Francisco) Conference Co-Chair
  
  
• “Social Media Issues,” PLI Corporate Compliance and Ethics Institute 2011 (May 12-13, 2011, Chicago)
  
  
• “Online Trust: A National Imperative,” National Association of State CIOs (NASCIO) (May 5, 2011, Washington DC)
  
  
• “Legal Roadblocks to NSTIC: Exploring Privacy, Security and Liability for an Online Trusted Identity,” TechAmerica (April 26, 2011, Washington DC)
  
  
• “What Is an Identity Trust Framework? Addressing the Legal and Structural Challenges,” 2011 Identity Protection and Management Conference, Information Assurance Directorate at the National Security Agency (April 19, 2011, Orlando)
  
  
• “Addressing the Legal Risks of Identity Management” RSA Security Conference (February 16, 2011, San Francisco)
  
  
• “Identity Management: The Next Frontier for International E-Commerce,” United Nations Commission on International Trade Law (February 14, 2011, New York)
  
  
• “Identification and Authentication; Emerging Trends in Identity Management,” International Association of Privacy Professionals, Privacy Academy 2010 (September 30, 2010, Baltimore)
  
  
• "Data Security Law: Developing a Comprehensive Information Security Program," PLI 11th Annual Institute on Privacy & Data Security Law (May 24-25, San Francisco, and July 19-20, 2010, Chicago) (Conference Co-Chair and Speaker)
  
  
• "Making Federated Identity Management Work: Balancing Privacy Rights and Legal Obligations," International Association of Privacy Professionals, Global Privacy Summit (April 21, 2010, Washington DC)
  
  
• "Legal Risks of User and Enterprise Oriented Identity Management Systems," RSA Security Conference (March 3, 2010, San Francisco)
  
  
• “State Security Laws and Regulations – The New Deal,” PLI 10th Annual Institute on Privacy & Data Security Law (June 1-2, San Francisco, and July 20-21, 2009, Chicago) (Conference Co-Chair and Speaker)
  
  
• “Privacy and Identity Management: New Role and New Obligations for the Notary,” The 5th International Forum on eNotarization, eSecurity and eApostilles (June 11, 2009, Las Vegas)
  
  
• “Information Security Law: The Emerging Global Standard for Compliance,” RSA Security Conference (April 22, 2009, San Francisco)
  
  
• “Drafting Identity Management Contracts: Understanding the Legal Challenges,” RSA Security Conference (April 21, 2009, San Francisco)
  
  
• “The Emerging Law of Data Security: From Corporate Obligations to Provide Security to Breach Notification Requirements,” PLI 9th Annual Institute on Privacy & Security Law (July 21-22, 2008, Chicago) (Conference Co-Chair and Speaker)
  
  
• “The Common Law Perspective on Cross-Border E-Signatures,” The 4th International Forum on eNotarization, eApostilles and Digital Evidence (May 29-30, 2008, New Orleans)
  
  
• “The Legal Challenges of Moving Transactions to an Electronic Environment,” 41st Annual Uniform Commercial Code Institute (April 16-17, 2008, Washington DC)
  
  
• “Solving the Legal Problems Raised by Using Identity Management in E-Commerce,” RSA Security Conference, San Francisco, April 8-11, 2008.
  
  
• “The Legal Challenges and Opportunities of Technological Change: The Impact of Globalisation, Interconnectivity and Harmonisation,” Centre for Commercial Law Studies, Queen Mary University of London, February 7-8, 2008.
  
  
• “Board Oversight of IT Governance,” 2007 NACD Corporate Governance Conference, Washington D.C., October 15-16, 2007.
  
  
• “Information Compliance Overload: Making Sense of Privacy and Security laws and Regulations,” PLI 8th Annual Institute on Privacy & Security Law, Chicago, July 16-17, 2007.
  
  
• "Digital Evidence: Signer Authentication Requirements and Strategy," Third International Forum on e-Apostilles and e-Notarization, Los Angeles, May 31 - June 2, 2007.
  
  
• “Creating Online Enforceable E-Transactions,” 40th Annual Uniform Commercial Code Institute, Chicago, April 27, 2007.
  
  
• “It’s All About Trust: Global Trends in the Law of Privacy, Security, and E-Transactions,” Michigan Symposium: “E-Commerce: Challenges to Privacy, Integrity, and Security in a Borderless World,” Michigan, February 23, 2007.
  
  
• “Can Identity Management Enable Spontaneous Contracting?” RSA Security Conference, San Francisco, February 5-9, 2007.
  
  
• “Where We’re Headed: New Developments and Trends in the Law of Information Security,” Georgetown Conference on Emerging Trends in Information Security & the Law, Washington, D.C.; November 9–10, 2006.
  
  
• “What Is Electronic Commerce? Methods of Contracting and Transactions Online, and E-Authentication: Risk and Fraud,” Conference on E-Commerce, sponsored by the U.S. Department of Commerce Commercial Law Development Program and The Arab Council for Judicial and Legal Studies, Manama, Bahrain; September 11–12, 2006.
  
  
• “New Domestic Information Privacy and Security Legislation and Policy,” PLI 7th Annual Institute on Privacy Law, Chicago; July 17–18, 2006. Served as Conference Co-Chair.
  
  
• “Electronic Signatures and the New UN Convention,” Second International Forum on eNotarization and eApostilles, Washington, D.C.; May 27–29, 2006.
  
  
• “Contentious Issues in World Regulation of the Internet,” World Computer & Internet Law Congress, San Francisco; May 4–5, 2006.
  
  
• "Electronic Transactions: Ensuring Enforceability in a Global Environment," Conference on Judicial Strategies for the Application of the Egyptian E-Signature Law, sponsored by the United States Department of Commerce Commercial Law Development Program, The Egyptian Ministry for Judicial Studies; Cairo, Egypt, March 8-9, 2006.

• More Publications...

Tom is married and has four children, and lives in the Western suburbs of Chicago. He likes to camp and to hike in the mountains. He continues to hope that someday the Cubs will win the World Series.