William J. Cook

Partner

Related Content

Practices

Industries

International

Education

Creighton University School of Law, JD, 1973
Creighton University, BA, History, 1968

Admissions

Illinois
U.S. Court of Appeals for the 6th Circuit
U.S. Court of Appeals for the 7th Circuit
U.S. Supreme Court

Affiliations

President, Infragard - Chicago (F.B.I. computer crime unit community reach out program)

Founding Member, U.S. Secret Service Chicago Electronic Crimes Task Force

Member, American Bar Association

Member, Illinois State Bar Association

Member, Chicago Bar Association

Critical Infrastructure Protection and the Law Committee, National Science Foundation, 2001-2003

Member, Illinois Commission on Electronic Commerce and Crime, July 1996

Member, USA Triathlon Association

Member, U.S. Army Ranger Association

Bill is head of the firm's data privacy and security team. He focuses his practice on IP litigation, internal investigations, data security and privacy counseling and litigation and export and import regulatory compliance and litigation.

Bill has provided data privacy and security counseling to the following industry sectors: Aviation, Advertising, Automotive, Construction, Defense Contractors, Education, Entertainment, Food Service and Distribution, Finance, Government (White House, DOD, GSA, NSA, NSF, FCC and FTC), Healthcare, Hospitality, Information Management and Security, Insurance, Internet Sales and Auctions, Not for Profit, Retail, Utilities (Power, Gas and Electric) and Telecommunications.

He has counseled clients with respect to specific security controls under the PCI-DSS, state privacy laws and federal HIPAA/HITECH, PCII and FTC regulations. As an intellectual property litigator, he handles cases involving trade secrets, industrial espionage, copyrights, patents, malvertising, privacy rights, and unfair competition before federal and state courts and the FTC. He conducts internal corporate investigations involving industrial espionage, employee misconduct, computer intrusions and corporate security audits.

Internationally, he works with clients in Canada, United Kingdom, France, Spain, Brussels, Germany, Italy and Israel on ISO 27001, PIPEDA and the EU Data Privacy Act on security compliance. His international investigations have additionally involved China, Japan, Russia, Bulgaria, Poland and Saudi Arabia.

Each year since 2008, he has been recognized as a "Leader in the Field" by Chambers USA and Global for his security and privacy practice.

Prior to entering into private practice. He served as an assistant U.S. attorney in Chicago, serving for 14 years in the Special Prosecutions Unit of that office. He has tried 85 cases as a prosecutor and in private practice. While with the Justice Department, he headed the Computer Fraud & Abuse Task Force in Chicago and served as the Counter-Terrorism and Counter-Espionage Coordinator in the Chicago U.S. Attorney’s Office. He also acted as the Justice Department Liaison for business continuity planning to FEMA.

In private practice he counsels corporate clients regarding business continuity planning and co-authored Critical Information Infrastructure Protection and the Law, published by the National Research Council.

He has handled white collar criminal matters for victims and defendants concerning industrial espionage, healthcare fraud, defense contracting fraud, mail fraud and violations of U.S. export restrictions.

Bill also advises clients on export and import regulations and compliance with respect to the Commerce Department’s Export Administration Regulations and the State Department’s International Traffic in Arms requirements. He litigates export and import compliance matters, as well as new shipper review designations.

Bill testified before the U.S. House Judiciary Committee, the FCC and the National Science Foundation on Internet law and liability. He has taught Internet and Web Law as an adjunct professor at the University of Illinois Law School, been a guest lecturer on Information Security Law and Liability at Bell Laboratories, Harvard, Yale, Purdue, the University of Illinois and the University of Salzburg.

Prior to his legal career, Bill served in the U.S. Army Infantry from 1968 to 1970. As an Airborne Ranger, he was deployed as a combat infantry platoon leader with the 25th Infantry Division in the Republic of South Vietnam. As a result of his service, he was awarded a Combat Infantry Badge, three Bronze Stars, two Purple Hearts, two Army Commendation Medals and the Vietnamese Cross of Gallantry.

vCard

T: +1 312 750 2750F: +1 312 698 4536wcook@mcguirewoods.com77 West Wacker Drive
Suite 4100
Chicago, IL 60601-1818

Complex, internal investigations into alleged violations of Payment Card Industry Data Security Standards by Fortune 500 oil, health, office supply and sporting goods companies, as well as health club and fashion retailers. Following the internal investigations, handles settlement negotiations with Visa and MasterCard, and represents the retailers before the FTC in Washington.

Privacy and data security liability audit of international construction company's intranet and extranet, including evaluation of ramifications of new state employee privacy protection requirements, as well as an evaluation of Commerce Department export control issues surrounding international intranet/extranet exchanges of technical information.

Deemed export audit of international chemical manufacturing company, established Commerce Department required export control and information security program and handled the company's voluntary self-disclosure (VSD) petition with the Commerce Department's Office of Export Enforcement.

Advices U.S. corporation and foreign corporations regarding encryption export control requirements.

Advice to a U.S. corporation on U.S. and foreign entities on privacy and security laws regarding employee privacy expectations in personal communications devices used for company business.

Defense of a U.S. company charged with illegally importing commodities from China and impeding Commerce Department's new shipper review investigation.

Investigation into cloud computing data loss from a Fortune 500 telecommunications manufacturer as a result of security vulnerabilities with their CRM vendor.

Appointed receiver by Judge John Grady over a multimillion dollar telephony telemarketing fraud case brought by the FTC.

Named to "Illinois Super Lawyers," Securities & Corporate Finance, Super Lawyers, Thomson Reuters, 2013

Listed as a "Leader in the Field," Privacy & Data Security, Chambers USA & Global, 2008-2012

Special Commendation and Special Achievement Awards, U.S. Justice Department

Commendation for Computer Fraud Prosecutions and Establishing Chicago FBI/ InfraGard Program, Federal Bureau of Investigation

U.S. Customs Commissioner’s Award for Export Prosecutions

Award for Commerce Commodity Control Litigation, U.S. Commerce Department

Award for Law Enforcement Assistance, U.S. Secret Service

Co-author, "Bring your own device: Bringing solutions or problems?," The Privacy Advisor, October 1, 2012

Author, Increased Federal Scrutiny, Sanctions & Penalties for High Tech Companies, June 2, 2011

Author, Critical Information Infrastructure Protection and the Law, National Research Council, 2003

Co-author, Competitive Intelligence Law

Bill has published more than 62 articles on information security law and liability in national and international journals.

Co-presenter, "DPA Findings in the UK, France, Belgium, US, Saudi Arabia and India & Likely Impact of New EU Data Protection Regulation," Second Annual London Data Privacy and Security Conference, May 15, 2013

Co-presenter, "Cross-border Transfers and the Status of the European Acceptance of Safe Harbor & HIPPA and its Effect on EY Organizations," Second Annual London Data Privacy and Security Conference, May 15, 2013

Co-presenter, "Computer Hacking Techniques and Hostile Technology & President Obama’s Executive Order and the EU Cyber Security Directive," Second Annual London Data Privacy and Security Conference, May 15, 2013

Speaker, "Data Protection Liabilities for Indian Businesses in the U.S., UK and India," A Passage to India (and Back), December 5, 2012

Speaker, "Data Breach: Let the Finger Pointing Begin!," SOURCE Security Conference and Training, September 13, 2012

Presenter, "Specific U.S. Security Regulatory Protocols (SEC, HIPAA and PCI) and Their UK Impact," Mind the Gap: Navigating Data Privacy and Security Policies, May 24, 2012

Co-presenter, "Use and Significance of Attorney-Client Privilege to Protect Security Breach Investigation," Mind the Gap: Navigating Data Privacy and Security Policies, May 24, 2012

Co-presenter, "Current Threat of Cybercrime and Its Impact on Regulatory Requirements," Mind the Gap: Navigating Data Privacy and Security Policies, May 24, 2012

Co-presenter, "Best Practices, Standards of Care and Due Diligence in the EU and U.S. to Respond to Cybercrime," Mind the Gap: Navigating Data Privacy and Security Policies, May 24, 2012

Speaker, "Data Security and Privacy," Charlotte ACC, November 2, 2011

Speaker, "Cloud Computing – Legal Best Practices," SC International Congress Conference, 2010

Speaker, "Legal Incident Response to Computer Intrusion from the Cloud," SC International Congress Conference, November 11, 2010

Speaker, "Data Breaches: Lessons Learned and Guidelines for Developing an Incident Response Plan," PLI 10th Annual Institute on Privacy & Security Law, July 21, 2009

Speaker, "Internal Investigations and Breach Liability," IDGA Cyber Security Conference for National Defense Contractors, May 19, 2009

Speaker, "Current Information Security Threats and Security Laws and Liabilities," International Corporate Executive Program, May 7, 2009

Speaker, "Internal Investigation Of PCI Compliance and Data Breaches," VeriSign's Corporate Briefing Series, March 26, 2009

Speaker, "Internal Investigations into Data Breaches and Liability Exposures," Litigation Management Super Course, Network of Trial Law Firms, Carefree, October 31, 2008

Speaker, "Internet Liability and Future Issues," President's National Security and Telecommunications Committee, November 2007

Speaker, "Internet Liability Issues," Executive Forum of the International Computer Emergency Response Teams, November 2007

Speaker, "Internet Law and Liability Circa 2007," Northwestern University, October 2007

Speaker, "Scope of HIPAA and Internet Liability," Marsh Health Care Liability Conference, June 2007

Speaker, "Internet Privacy and Liability," International Association of Privacy Professionals, June 2007

Speaker, "Internet Security Standards and Enforcement," Remington Security Roundtable, May 2007

Speaker, "Payment Card Industry Security Standards," Petroleum Industry Attorneys, April 2007

Speaker, "Legal Aspects of the Payment Card Industry Standards," PCI Expert Forum, March 2007

Speaker, "Data Security Liability," National Science Foundation Cybersecurity Summit, February 2007

Top 10 Data Privacy & Security Predictions for 2013, April 1, 2013

Cybersecurity Executive Order Impacts Business, February 27, 2013

A Significant Step Forward for Personal Data Protection in the European Union, February 21, 2012

Deadline Looms for Cloud Computing and IT Service Contract Compliance, February 10, 2012

A Stronger Protection for Personal Data, January 6, 2012

Corporate Response to Hacker Attacks and Potential Liability, June 6, 2011

Increased Federal Scrutiny, Sanctions & Penalties for High Tech Companies, June 2, 2011

ICO Investigates Sony for Security Breach: Data Controllers Should Review Procedures to Avoid Investigations, Fines, May 5, 2011