My work @ W3C
Legal Counsel
As W3C's Legal Counsel I give advice to the management on most legal aspects of the Consortium's operations. This includes contractual relationsships, licensing, consulting in legal matters, strategy planning and steering of litigation. By default, W3C's Legal Counsel is also the chair of all Patent Advisory Groups created. Patent Advisory Groups address issues created by essential patent claims reading on W3C Technologies.
Privacy Activity Lead
I am also W3C's Privacy Activity Lead. I was staff contact for P3P from 1999 until 2006. P3P 1.1 is now published as a Working Group Note, but work on privacy continues. I coordinated W3C's efforts in European privacy research, namely in the PRIME Project (2004-2008) and the PrimeLife Project (2008-2011). I organized several Workshops on Privacy:
- 2006: W3C Workshop on Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement
- 2009: W3C Workshop on Access Control Application Scenarios
- 2010: W3C Workshop on Privacy and data usage control
I was involved in the organization of the following Workshops
- 2010: W3C Workshop on Privacy for Advanced Web APIs
- 2011: W3C Workshop on Web Tracking and User Privacy
I tried to clarify my position with a paper to the API Workshop. But evidently this does not cover all aspects of Privacy on the Web.
European governmental relations
In Europe, there is a roundtable of standardization organizations called the Information and Communication Technologies Standards Board (ICTSB). I'm the official representative of W3C at the ICTSB. This implies multiple relationsships to the ESOs : CEN, CENELEC & ETSI and to the European Commission. Recently, I participated in an EU Study on the specific policy needs for ICT standardisation as a member of the Steering Group. The study let to a whitepaper. The whitepaper was the basis for a legal package for the renovation of the standardization system in Europe.
Policy Analysis
Finally, I'm doing some policy analysis for the Technology & Society Domain, looking at background information and discussing strategies.
Contact information
- Email:
- [email protected]
- Postal address:
- ERCIM
2004, route des Lucioles
BP 93
06902 Sophia-Antipolis Cedex
France - PGP/GPG:
- My GnuPGP key and signature is available on-line.
Short Bio
I studied Law at the University of Saarland (Germany) and Nancy II(France)
and passed the first german law state examination 1992 in Saarbrücken.
Subsequently, in german law studies, there is an extensive internship that I
accomplished from 1992 - 1995. During this time, I was also a research
assistant to the chair
of french civil law of Prof. Dr. Claude Witz mainly focusing on
International Civil Law, French Law and with a certain interest for Droit
local
, a mixture of french and old german law in the departements of Alsace
and Moselle. In parallel, I was working with the Law Web Saarbrücken, one of the very
early law related portals. I'm still involved in this project. This forced me
into the legal issues of the Internet which turned into the center of my
interest. After the second state examination, I moved on to the Institute for
penal law and worked on arbitration, mediation and data protection.
Beginning of 1997 I moved on to the Institute of Law
and Informatics thus combining my education on international law with the
international legal issues of the Internet. One of the last projects I was
involved with for the Institute of Computing and Law was the web site of
Germany's Federal Constitutional
Court.
I joined W3C in 1999 with a focus on Privacy, Security and European
governmental affairs. While the initial work was mostly technical, my law
background became more and more useful to the Consortium over time. In 2006
I became W3C's staff counsel and in 2007 the Legal counsel.
Dormant or out of area Interests
Security
As data protection in the initial sense also includes data security, I cover sometimes Thomas Roessler from the Security Activity if he is not available. My initial interest was the securing of documents from a legal point of view. The paper-society secures documents with hand-written signatures. I followed most of the evolution in this area and was an observer to ETSI TC ESI since 1999.
My main interest in Security slided from this initial crypto-centered securing of documents to the notion of identity and trust. In fact, the work on P3P raised many issues around
Identity
and P3P 1.1 contains a revised chapter about identity and identification. Now, we see social networking sites, things like FOAF and the systematic googling of persons before a decision is made about them. This raises many issues if one takes the human rights question into account. So allowing people to express and trade trust on the one hand and still permit some privacy and right to be left alone is a challenge. My main interest in this area is to leverage the Semantic Web to address this field of constant tension between opposite goals.Rights Management
DRM is and will remain a hot topic simply because there is so much money involved in content creation, trading and distribution. It is clear that in an information society, the decision on content distribution is a decision on power in this society. DRM is just another constraint to the information flow, like privacy and access control. So there is some communalities with data protection. Like in the trust/reputation scenario, the evaluation of social consequences of a certain type of technology is of prime interest to me. Today's DRM systems default to
closed
and it is a large effort for the content provider to give a liberal license. This shows the bias in design caused by the angry requirements of a certain industry. But for me, Creative Commons is DRM too as it carries special semantics Now you might understand that issues related to Security and to Privacy lead to some interest into DRM. I kept an eye on DRM after the successful organization of a DRM Workshop for W3C in 2001 (that still is a landmark IMHO).