skip to main content
Experience List
  • Email Page
  • Create PDF
  • Print Page

Admitted to Practice

  • District of Columbia, 2013
  • Virginia, 2012
  • U.S. District Court Eastern District of Virginia, 2013
  • U.S. Court of Appeals 2nd Circuit, 2015

William W. Hellmuth

Will Hellmuth, CIPP/US, concentrates his practice on privacy and data security matters. Will works with clients to guide data breach responses, including by conducting forensic investigations and resolving regulatory enforcement actions on both the state and federal levels. He also counsels clients—such as restaurants, retailers, entrepreneurial ventures, hospitals, and health care providers—on various matters such as implementing and updating privacy policies and procedures, reviewing domestic and international regulatory and legislative compliance, and assessing privacy and data security concerns in the context of mergers and acquisitions. In addition to his privacy and data security practice, Will also has experience in complex commercial litigation.

Representative Experience

General privacy and information security counseling

Counseling clients’ compliance with general privacy and security laws, including the FTC Act, the Family Educational Rights and Privacy Act (FERPA), the Protection of Pupil Rights Amendment (PPRA), the Video Privacy Protection Act (the VPPA), the Children’s Online Privacy Protection Act (COPPA), the Fair Credit Reporting Act (FCRA), the California Online Privacy Protection Act (CalOPPA) and the Massachusetts data security standards, among others. (Ongoing)

Incident response

Assisting clients with responding to privacy and information security incidents, including preparing incident response plans, communication plans, and notifications to consumer, governmental entities, and consumer reporting agencies. (Ongoing)

Merger and acquisition privacy and data security compliance review

Assisting clients prepare for mergers, acquisitions, and refinancing deals through review of their privacy and data security practices and compliance. (Ongoing)


Part of a team that prepared and submitted amicus brief to the 4th Circuit regarding the application of safe harbors created by the Digital Millennium Copyright Act and the imposition of contributory liability in the context of internet service providers. (2016)

Additional experience (2012-2015)*

  • Responded to regulatory enforcement investigations following data security incidents
  • Submitted an amicus brief to the 2nd Circuit on behalf of six public interest nonprofits regarding the Fourth Amendment implications of the government’s use of warrants to copy entire hard drives and retain the collected information indefinitely
  • Collaborated with a former FTC commissioner and a former director of the FTC’s Bureau of Consumer Protection to prepare an expert report on the proper reach of regulatory enforcement actions
  • Advocated on behalf of the Trustee in liquidation proceedings to recover stolen funds in a major international bankruptcy matter
  • Represented a client at a jury trial in a patent litigation regarding infringement of a computer patent, among other matters
* Denotes experience completed at a prior firm

Additional Qualifications

  • Associate, Baker & Hostetler LLP, Washington, D.C., 2012-2015
  • Summer Associate, Baker & Hostetler LLP, Washington, D.C., 2011
  • Legal Intern, Smithsonian Institution, Office of the General Counsel, Washington, D.C., 2011

Professional & Community Activities

  • American Bar Association
  • International Association of Privacy Professionals
  • LGBT Bar Association of DC

Professional Recognition

  • Selected to "Washington, D.C. Rising Stars," Thomson Reuters, 2018
Blog for insight and commentary on information management and protection
View State Data Breach Notice Statues