Thomas J. Smedinghoff

Thomas J. Smedinghoff focuses his practice on legal issues involving digital identity management, privacy, cybersecurity, and electronic business activities. He is internationally recognized for his leadership in addressing emerging digital legal issues, and has been retained to structure and implement first-of-their-kind e-commerce initiatives, and identity management and information security legal infrastructures for the federal government and for national and international businesses. He...See more

Thomas J. Smedinghoff focuses his practice on legal issues involving digital identity management, privacy, cybersecurity, and electronic business activities. He is internationally recognized for his leadership in addressing emerging digital legal issues, and has been retained to structure and implement first-of-their-kind e-commerce initiatives, and identity management and information security legal infrastructures for the federal government and for national and international businesses. He assisted in development of the identity management legal infrastructure for PKI browser-based online entity identity (EV SSL), which is designed to resolve rights, responsibilities, and liabilities of participants in the system to allow website users to verify the identity of the company they are dealing with in order to promote secure online commerce. Tom also has been actively involved in developing e-business, e-signature, identity management, and data security legal policy both in the U.S. and globally. As an advisor of the U.S. Delegation to the United Nations Commission on International Trade Law (UNCITRAL), he helped to negotiate the 2022 UNCITRAL Model Law on the Cross-Border Recognition of Identity Management and Trust Services, and the first international treaty that addresses general cross-border e-commerce known as the 2005 United Nations Convention on the Use of Electronic Communications in International Contracts. He currently is working on new UNCITRAL projects to develop legal rules for the use of artificial intelligence in international contracting, and for cross-border data transfers. He previously served as the American Bar Association's advisor to the Uniform Law Commission committee that drafted the Uniform Electronic Transactions Act in 1999. He also wrote the Illinois Electronic Commerce Security Act enacted in 1998 when he chaired the Illinois Attorney General's Commission on Electronic Commerce and Crime. He currently chairs the Identity Management Legal Task Force of the ABA Business Law Section, and serves on the ABA Cybersecurity Legal Task Force (which he co-chaired from 2019-2020). A longstanding leader in the ABA Science & Technology Law Section, Tom served as the Section Chair from 1999 to 2000 and the Electronic Commerce Division Chair from 1995 to 2003. In addition to publishing numerous articles on electronic transactions, identity management, privacy, and data security law, Tom is the co-editor of the book Guide to Cybersecurity Due Diligence in M&A Transactions (ABA 2017), author of the book Information Security Law: The Emerging Standard for Corporate Compliance (IT Governance Publishing 2008), and the editor and primary author of the book Online Law (Addison-Wesley, 1996). Based in Chicago, Tom continues to consult on selected legal issues following his 2021 retirement from Locke Lord LLP. See less