Privacy and Information Security: Basics, Practice Tips, & Hot Topics

Faculty:

David A. Wheeler focuses his practice on e-commerce, information technology, and privacy matters. His experience includes domain name and trademark disputes and registrations, trade secrets litigation, information privacy and identity management, data breach notification compliance, software licensing and outsourcing agreements. Prior to practicing law, David served as a software engineer for a Virginia-based defense contractor and later traded spot currencies as an electronic market maker for the First National Bank of Chicago. He also served as telecommunications consultant for the Bank of America.

David has also litigated consumer financial services matters including Telephone Consumer Protection Act and Fair Credit Reporting Act class-action matters.

C. Steven Baker is Director of the Federal Trade Commission's Midwest Region in Chicago, a position he has held since 1988. 

The Region covers the central United States, and the office does primarily consumer protection work for the Commission, concentrating on consumer fraud matters such as telemarketing and spamming.  The office works extensively on Cross-border fraud, and Mr. Baker is one of the founders of the Toronto Strategic Partnership. He is the senior regional director at the FTC.  In June he received the Consumer Advocate of the Year award from the National Association of Consumer Agency Administrators.

Steve Baker joined the Federal Trade Commission in Washington, D.C. in 1982 as a staff attorney in the Bureau of Consumer Protection, where he was engaged in Federal Court cases involving telemarketing fraud.  He later served as an attorney advisor to Chairman James C. Miller III and Chairman Daniel Oliver.     

Prior to joining the FTC, Mr. Baker served as a law clerk to U.S. District Judge D. Brook Bartlett in Kansas City, Missouri.

Mr. Baker is a graduate of Missouri Valley College, and obtained his law degree from the University of Iowa College of Law in 1981, where he was a Note and Comment Editor for the Iowa Law Review.  He is a member of the bar of the State of Iowa.

Steven W. Teppler is a partner at Edelson McGuire LLC, a high-tech litigation boutique with offices in Chicago, New York City, and Los Angeles, and directs the firm’s electronic litigation and digital evidence consultation practice.

Mr. Teppler has practiced law since 1980, is admitted to the bars of New York, the District of Columbia and Florida, and advises private and public sector clients about risk, liability, and compliance issues unique to electronic data generation, alteration, transmission and archiving. He also lectures nationwide on evolving theories of computer generated information and evolving theories of liability, practice and evidence in an electronic data universe.  Mr. Teppler holds six patents in the field of content authentication, and is the founder and CEO of a content authentication provider. 

Mr. Teppler is the Co-Chair of the eDiscovery and Digital Evidence Committee of the American Bar Association, co-Vice Chair of the Information Security Committee of the American Bar Association, a founding member of the Information Assurance Consortium, and a co-author of the ANSI X9F4 trusted timestamp guideline standards for the financial industry.

Mr. Teppler is the Vice Chair of the Florida Bar Professional Ethics Committee, and contributed to Advisory Opinion 06-02 (Metadata Mining) and to Advisory Opinion 07-2 (Off-Shoring). 

Mr. Teppler’s recent publications include: Digital Evidence as Hearsay, Digital Evidence and Electronic Signature Law Review (October 2009) Volume 6, The HIPAA Technology Challenge: Protecting the Integrity of Health Care Information, California Health Law News – Volume XXVI, Issue 1, Winter 2007/2008; Spoliation in the Digital Universe, The SciTech Lawyer, Science and Technology Law Section of the American Bar Association, Fall 2007; Life After Sarbanes-Oxley – The Merger of Information Security and Accountability (co-author), 45 Jurimetrics J. 379 (2005); Digital Signatures Are Not Enough (co-author), Information Systems Security Association, January 2006; State of Connecticut v. Swinton: A Discussion of the Basics of Digital Evidence Admissibility (co-author), Georgia Bar Newsletter Technology Law Section, Spring 2005; The Digital Signature Paradox (co-author), IETF Information Workshop (The West Point Workshop) June 2005; Observations on Electronic Service of Process in the South Carolina Court System, efiling Report, June 2005. 

Mr. Teppler is also a contributing author of the book “Foundations of Digital Evidence” (American Bar Association, July 2008) and co-author of  “Digital Evidence Lifecycle Management: A Guide for Attorneys, Enterprise, and Technologists (exp. pub. Winter 2010). 

Mr. Teppler received his Bachelor of Arts in Political Science Summa Cum Laude from the City College of New York, Phi Beta Kappa, and received his Juris Doctor from the Benjamin N. Cardozo School of Law in New York City.

Thomas J. Smedinghoff is a partner in the Privacy, Data Security, and Information Law Practice at the law firm of Wildman Harrold in Chicago.  His practice focuses on the developing field of information law and electronic business activities, with an emphasis on electronic transactions, identity management, data security, privacy, and corporate information governance issues. 

Mr. Smedinghoff has been actively involved in developing e-business and information legal policy both in the U.S. and globally.  He currently serves as a member of the U.S. Delegation to the United Nations Commission on International Trade Law (UNCITRAL), where he participates in the Working Group on Electronic Commerce and recently completed negotiation of an international treaty titled the United Nations Convention on the Use of Electronic Communications in International Contracts. 

He is also co-chair of the Federated Identity Management Legal Task Force of the American Bar Association (ABA) Section of Business Law, and chair of the International Policy Committee of the ABA Section of Science & Technology Law.  Previously, he was chair of the ABA Section of Science & Technology Law (1999-2000) and chair of the ABA Electronic Commerce Division (1995-2003).  He is also the ABA Advisor to the Uniform Law Commission Committee to Implement the UN E-Commerce Convention (2008 – present).

Mr. Smedinghoff is the author of the new book titled INFORMATION SECURITY LAW: THE EMERGING STANDARD FOR CORPORATE COMPLIANCE, (IT Governance Publishing, 2008). 

He is also the editor and primary author of the e-commerce book titled ONLINE LAW: THE LEGAL GUIDE TO DOING BUSINESS ON THE INTERNET (Addison Wesley, 1996), as well as numerous articles on electronic transactions, privacy, and data security law issues.

Peter McLaughlin is Senior Counsel with Foley & Lardner LLP and a member of the firm's Privacy, Security & Information Management Practice. His experience as a corporate lawyer and business advisor includes international privacy, IT compliance, IT transactions, and information security.

Prior to joining Foley, Mr. McLaughlin was in-house counsel for over eight years, including two years as assistant general counsel and the first global privacy leader for Cardinal Health, Inc., a Fortune 20 company.

Mr. McLaughlin received his J.D. from Georgetown Law Center and his bachelor's degree from Columbia University. Mr. McLaughlin is a Certified Information Protection Professional (CIPP).

Vicky Gage-Bernheimer is one of the leaders of Allstate’s Privacy Office, and began working for Allstate’s Chief Privacy Officer in 2002.   Ms. Gage-Bernheimer was one of the first privacy professionals to receive the Certified Information Privacy Professional (CIPP) designation.   Allstate’s Privacy office provides enterprise wide governance and helps ensure the protection of Allstate's customer, employee, and others' personally identifiable information.  Ms. Gage-Bernheimer has responsibility for privacy compliance with new laws, as well as compliance with HIPAA HITECH, OFAC, and GLB.  Ms. Gage-Bernheimer designed Allstate’s privacy incident response program and vendor risk management programs working with her security partners. 

Ms. Gage-Bernheimer joined Allstate’s Litigation Services Department in 1988 and left it in 2000 to work as liaison for two years between Allstate’s litigation services division and various technology entities within Allstate.  During her career as an attorney for Allstate, Ms. Gage-Bernheimer defended Allstate and its insureds while working as counsel in Louisiana.  She then began working on privacy related projects in 2002 and helped establish Allstate’s Privacy Office in 2003.

Ms. Gage-Bernheimer graduated with a B. A. in Political Science from Louisiana State University, and received her J.D. from the Paul M. Hebert School of Law.   Ms. Gage-Bernheimer has been licensed to practice law in Louisiana since 1988, and in Illinois since May 2000.