Thomas J. Smedinghoff

View Thomas J. Smedinghoff 's Martindale-Hubbell Connected Profile
Chicago,  IL  U.S.A.

Peer Rating
AV® Preeminent

Client Rating

Featured AV Peer Review Rated Lawyer IconFeatured AV Peer Review Rated Lawyer Icon
Printer Friendly VersionEmail this PageDownload to My Outlook ContactsAdd lawyer to My FavoritesCompare this lawyer to other lawyers in your favorites

Experience & Credentials Ratings & Reviews

Practice Areas

  • Intellectual Property
  • Privacy & Data Protection
  • Technology
  • Cloud Computing & Managed IT Services
  • Media & Telecommunications
  • Digital Media and E-Commerce
  • Compliance for Risk Management
University Knox College, B.A., Math
Law SchoolUniversity of Michigan, J.D.
Admitted1978, Illinois


United Nations
Uniform Law Commission
American Bar Foundation
American Bar Association
International Technology Law Association
International Association of Privacy Professionals
Chicago Bar Association

BornChicago, Illinois, 1951

Thomas Smedinghoff is a partner at Edwards Wildman, where his practice focuses on the new legal issues relating to the developing field of information law and electronic business activities. Tom is internationally recognized for his leadership in addressing emerging legal issues regarding electronic transactions, identity management, privacy, information security, and online authentication issues from both a transactional and public policy perspective. He has been retained to structure and implement first-of-their-kind e-commerce initiatives, electronic transactions, and identity management and information security legal infrastructures for the federal government, and national and international businesses including banks, insurance companies, investment companies, and certification authorities. He has also been actively involved in developing legislation and public policy in the area of electronic business at the state, national, and international levels.
•Chair of the American Bar Association Identity Management Legal Task Force, and working with private sector, federal government, and international organizations to address the challenges of developing an identity management legal framework

•Serves as counsel for companies, government agencies, and trade associations throughout the world in addressing new and developing legal issues relating to electronic business activities, online electronic transactions, identity management, information security, and data privacy.

•Has worked extensively with clients in newly developing legal areas such as identity management and online authentication, electronic negotiable instruments, digital signatures and voice signatures, PKI, e-notarization, and other unique forms of electronic transactions and e-business activities.

•Was a pioneer in the subject of PKI and digital signature law, representing the federal government, national banks, and certification authorities in developing first-of-their-kind public key legal infrastructures.

•Chaired the Illinois Commission on Electronic Commerce & Crime, and in that capacity wrote the Illinois Electronic Commerce Security Act (enacted in 1998). This Act had a significant influence on national and global e-commerce legislation, including the Uniform Electronic Transactions Act in the U.S., the European Union Electronic Signature Directive, the United Nations UNCITRAL Model Law on Electronic Signatures, the Canadian Personal Information Protection and Electronic Transactions Act, and the Singapore Electronic Transactions Act.

•Helped to negotiate the 2005 United Nations Convention on the Use of Electronic Communications in International Contracts as part of the U.S. Delegation to the United Nations Commission on International Trade Law. This is the first international treaty that focuses on general cross-border e-commerce and electronic transactions, and is expected to have a major impact on international business.

•Assisted in development of a new identity management legal structure for browser-based online authentication. Resolved rights, responsibilities, and liabilities of participants in system to allow website users to verify the identity of the company they are dealing with, in order to address the problem of phishing and to promote secure commerce.

Reported Decisions
•Central Point Software, Inc. v. Nugent, 903 F. Supp. 1057; 37 U.S.P.Q.2D (BNA) 1051; Copy. L. Rep. (CCH) P27,478, E.D. Tex. 1995

Professional Activities

United Nations
•Member, U.S. Delegation to the United Nations Commission on International Trade Law (UNCITRAL), participating in the Working Group on Electronic Commerce, 1997-present

•Member, World Customs Organization - UNCITRAL Joint Legal Task Force, 2008-present

•Member, Legal Working Group of the United Nations Center for Trade Facilitation and Electronic Business (UN/CEFACT), 2004-present

Uniform Law Commission (National Conference of Commissioners on Uniform State Laws)
•ABA Advisor to Committee to Implement the UN E-Commerce Convention, 2008-2010

•ABA Advisor to Drafting Committee on Uniform Electronic Transactions Act (now adopted in 47 states), 1997-1999

State of Illinois
•Chair, Illinois Commission on Electronic Commerce and Crime, 1996-1998

American Bar Foundation
•fellow, American Bar Foundation, 2004-present

Academic Appointments
•Adjunct Assistant Professor of Business Law, Brennan School of Business, Dominican University, 2004-present

•Adjunct Professor, The John Marshall Law School, Chicago, 1985-2002

Editorial Boards
•Member, Board of Editors, BNA Electronic Commerce & Law Report, 2000-present

•Member, Editorial Board, Internet Law & Business, 1999-present

•Member, Board of Editors, Privacy & Data Security Law Journal, 2005-present

•Member, Board of Editors, BNA Privacy & Security Law Report, 2009-present

•Member, Board of Editors, The SciTech Lawyer, ABA Section of Science & Technology Law, 2008-present

American Bar Association
•Chair, Federated Identity Management Legal Task Force, Section of Business Law, 2009-present

•Co-Chair, Cyber Security Subcommittee, Section of Business Law, 2011-present

•Chair, Section of Science & Technology Law, 1999-2000

•Chair, Electronic Commerce Division, Section of Science & Technology Law, 1995-2003

•Chair, International Policy Committee, Section of Science & Technology Law, 2003-2011

International Association of Privacy Professionals

Chicago Bar Association
•Chair, Computer Law Committee, 1984-1985

Recognized In
•Best Lawyers in America 2003-2014 (Information Technology Law)

•Chambers USA 2003-2014: America's Leading Business Lawyers (Privacy & Data Security Law; Technology Law)

•Chambers Global: The World's Leading Lawyers 2007-2014 (Technology Law)

•International Who's Who of Internet & e-Commerce Lawyers, 2001-2012

•Legal Media Group: Guide to the World's Leading Technology, Media and Telecommunications Lawyers (Information Technology Law)

•Leading Lawyers (Computer & Technology Law; International & Business Trade Law)

Super Lawyers 2006-2014, (Illinois) (Information Technology/Outsourcing, International, Intellectual Property)

•Who's Who in American Law 1996-2014, Marquis Who's Who

•Who's Who in the World 2011, Marquis Who's Who


•Information Security Law: The Emerging Standard for Corporate Compliance (IT Governance Publishing, Oct. 2008)

•Online Law: The Legal Guide to Doing Business On The Internet (editor and principal author); (Addison-Wesley, 1996, 6th printing 2000) (Japanese translation published by Shichiken Publishing Co., 1998)

•Multimedia Law Handboo k(Wiley Law Publications 1995)

•The Legal Guide to Developing, Protecting and Marketing Software (John Wiley & Sons, Inc. 1986)

Book Chapters
•“Data Security and Lawyers' Legal and Ethical Obligations to Clients,” published as Chapter 3 in The ABA Cybersecurity Handbook - A Resource for Attorneys, Law Firms & Business Professionals (American Bar Association, 2013)

•“Ambiguities in State Security Breach Notification Statutes,” published as Chapter 6 in Thomson, Ed., Data Breach and Encryption Handbook (American Bar Association, 2011)

•“Legal and Regulatory Security Obligations,” published as Chapter 8 in Axelrod, Bayuk, and Schutzer. Ed, Enterprise Information: Security and Privacy (Artech House, 2009);

•“Defining the Legal Standard for Information Security: What Does “Reasonable” Security Really Mean?,” published as Chapter 1 in Chander, Gelman and Radin, Ed., Securing Privacy in the Internet Age (Stanford Univ. Press, 2008)

•“Analysis of Article 9 of the United Nations Convention on the Use of Electronic Communications in International Contracts,” and “Role of Information Security in the Electronic Communications Convention,” published as chapters in Boss and Kilian, Ed., The United Nations Convention on the Use of Electronic Communications in International Contracts: An In-Depth Guide and Sourcebook (Kluwer Law International, 2008)

Selected Recent Articles
•“Solving the Legal Challenges of Trustworthy Online Identity,” 28 Computer Law & Security Review (2012) at pp 532-541

•“ Solving the Legal Challenges in Verifying Online Identity ,” The SciTech Lawyer, Fall 2011

•“ Building an Online Identity Legal Framework: The Proposed National Strategy ,” BNA, Privacy & Security Law Report, 9 PVLR 28 (July 12, 2010); Reprinted in Data Protection Law & Policy, Vol. 7, No. 11 (Nov. 2010)

•“ Developing a Comprehensive Written Information Security Program ,” published in PLI 11th Annual Institute on Privacy & Data Security Law (May 2010); Reprinted in The Computer & Internet Lawyer, Vol. 27, No. 11 (Nov. 2010)

Selected Recent Presentations
•“Cybersecurity in the US and Around the Globe,” 11th Annual Stanford E-Commerce Best Practices Conference (June 16, 2014, Stanford, California)

•“The Latest Developments in Cybersecurity,” PLI Fifteenth Annual Institute on Privacy and Data Security Law (May 19-20, San Francisco, and July 14-15, 2014, Chicago) Conference Co-Chair

•“Identifying the Corporate Cybersecurity Risk Portfolio,” 7th Annual White Collar Crime + Corporate Governance Conference (April 17, 2014, Chicago)

•“Emerging Cybersecurity Regulatory and Enforcement Activities: The Growing Authority of the State AG Offices,” ACI Cyber & Data Risk Insurance Conference (March 24-25, 2014, Chicago)

•“Deciphering the Legal Framework that Governs Online Identity Systems,” RSA Security Conference (February 24 - 28, 2014, San Francisco)

•“Identity Trust Framework Legal/Policy Considerations,” 2013 Transglobal Secure Collaboration Symposium (Nov. 14-15, 2013, Washington DC)

•“Operationalizing Identity Trust Frameworks and Scheme Rules,” UK Cabinet Office O5 Internet Summit (October 10, 2013, London)

•“Information Security: Complying with the Latest Legal Requirements,” PLI Fourteenth Annual Institute on Privacy and Data Security Law (May 20-21, San Francisco, and July 15-16, 2013, Chicago) Conference Co-Chair

•“Data Breach Law Update - Global Trends, Legal Complexities,” RSA Security Conference (February 25 -- March 1, 2013, San Francisco)

•“Identity Trust Frameworks: Alternative Approaches to Achieve the Panacea,” RSA Security Conference (February 25 -- March 1, 2013, San Francisco)

•“Internet Governance: Who Will Lead the Way?,” American University Washington College of Law Conference on “America the Virtual: Security, Privacy & Interoperability in an Interconnected World” (October 25, 2012, Washington DC)

•“Legislative and Regulatory Trends in U.S. Privacy and Security Law,” PLI Thirteenth Annual Institute on Privacy and Data Security Law (July 16-17, 2012, Chicago) Conference Co-Chair

•“Tackling the Identity Management Liability Problem,” RSA Security Conference (Feb 27 - Mar 2, 2012, San Francisco)

•“Enabling Trust in Cyberspace: Building an Online Trust Framework,” Interdisciplinary Centre for Law and ICT (ICRI) (November 14-15, 2011, Leuven Belgium)

•“Building the Legal Framework for Identity Federation,” Aerospace & Defense Industry Transglobal Secure Collaboration Program (October 13, 2011, The Hague, Netherlands)

•“State & Federal Law Privacy Update,” PLI Twelfth Annual Institute on Privacy & Data Security Law (July 18-19, 2011, Chicago and May 23, 2011, San Francisco) Conference Co-Chair

•“Social Media Issues,” PLI Corporate Compliance and Ethics Institute 2011 (May 12-13, 2011, Chicago)

•“Online Trust: A National Imperative,” National Association of State CIOs (NASCIO) (May 5, 2011, Washington DC)

•“What Is an Identity Trust Framework? Addressing the Legal and Structural Challenges,” 2011 Identity Protection and Management Conference, Information Assurance Directorate at the National Security Agency (April 19, 2011, Orlando)

•“Addressing the Legal Risks of Identity Management” RSA Security Conference (February 16, 2011, San Francisco)

•“Identity Management: The Next Frontier for International E-Commerce,” United Nations Commission on International Trade Law (February 14, 2011, New York)

•“Identification and Authentication; Emerging Trends in Identity Management,” International Association of Privacy Professionals, Privacy Academy 2010 (September 30, 2010, Baltimore)

•“Data Security Law: Developing a Comprehensive Information Security Program,” PLI 11th Annual Institute on Privacy & Data Security Law (May 24-25, San Francisco, and July 19-20, 2010, Chicago) (Conference Co-Chair and Speaker)

•“Making Federated Identity Management Work: Balancing Privacy Rights and Legal Obligations,” International Association of Privacy Professionals, Global Privacy Summit (April 21, 2010, Washington DC)

Besides Edwards Wildman

Tom is married and has four children, and lives in the Western suburbs of Chicago. He likes to camp and to hike in the mountains. He continues to hope that someday the Cubs will win the World Series.


Documents by this lawyer on

Subscribe to this feed

New California Requirements Shake Up Breach Notification and Data Safeguards
Karen L. Booth,Karen L. Booth,Ellen Marie Giblin,Ellen Marie Giblin,Laurie A. Kamaiko,Laurie A. Kamaiko,Mark E. Schreiber,Mark E. Schreiber,Thomas J. Smedinghoff,Thomas J. Smedinghoff, October 28, 2014
Recent amendments to California statutes governing breach notification and data safeguards impose new obligations by: (1) enhancing breach notification requirements relating to offerings of “identity theft prevention and mitigation services”; (2) expanding the statutory requirement to...

Major Amendments to Florida Breach Notification Statute: Unique Requirements and Short Deadlines Take Effect July 1
Theodore P. Augustinos,Karen L. Booth,Mark E. Schreiber,Thomas J. Smedinghoff, July 1, 2014
Florida Governor Rick Scott recently signed the Florida Information Protection Act of 2014 (SB 1524, the “Act”) into law, amending Florida’s breach notification statute effective July 1, 2014. The amendments are significant, including the first statutory requirement to provide...

View Ratings & Reviews
Profile Visibility
#400 in weekly profile views out of 39,282 lawyers in Chicago, Illinois
#20,054 in weekly profile views out of 1,587,858 total lawyers Overall

Office Information

Thomas J. Smedinghoff

225 West Wacker Drive, Suite 3000
ChicagoIL 60606


Professional Networking for Legal Professionals Only

Quickly and easily expand your professional
network - join the premier global network for legal professionals only. It's powered by the
Martindale-Hubbell database - over 1,000,000 lawyers strong.
Join Now