My work @ W3C

  1. Legal Counsel

    As W3C's Legal Counsel I give advice to the management on most legal aspects of the Consortium's operations. This includes contractual relationsships, licensing, consulting in legal matters, strategy planning and steering of litigation. By default, W3C's Legal Counsel is also the chair of all Patent Advisory Groups created. Patent Advisory Groups address issues created by essential patent claims reading on W3C Technologies.

  2. Privacy Activity Lead

    I am also W3C's Privacy Activity Lead. I was staff contact for P3P from 1999 until 2006. P3P 1.1 is now published as a Working Group Note, but work on privacy continues. I coordinated W3C's efforts in European privacy research, namely in the PRIME Project (2004-2008) and the PrimeLife Project (2008-2011). I organized several Workshops on Privacy:

    I was involved in the organization of the following Workshops

    I tried to clarify my position with a paper to the API Workshop. But evidently this does not cover all aspects of Privacy on the Web.

  3. European governmental relations

    In Europe, there is a roundtable of standardization organizations called the Information and Communication Technologies Standards Board (ICTSB). I'm the official representative of W3C at the ICTSB. This implies multiple relationsships to the ESOs : CEN, CENELEC & ETSI and to the European Commission. Recently, I participated in an EU Study on the specific policy needs for ICT standardisation as a member of the Steering Group. The study let to a whitepaper. The whitepaper was the basis for a legal package for the renovation of the standardization system in Europe.

  4. Policy Analysis

    Finally, I'm doing some policy analysis for the Technology & Society Domain, looking at background information and discussing strategies.

Contact information

Postal address:

2004, route des Lucioles
BP 93
06902 Sophia-Antipolis Cedex

My GnuPGP key and signature is available on-line.

Short Bio

I studied Law at the University of Saarland (Germany) and Nancy II(France) and passed the first german law state examination 1992 in Saarbrücken. Subsequently, in german law studies, there is an extensive internship that I accomplished from 1992 - 1995. During this time, I was also a research assistant to the chair of french civil law of Prof. Dr. Claude Witz mainly focusing on International Civil Law, French Law and with a certain interest for Droit local, a mixture of french and old german law in the departements of Alsace and Moselle. In parallel, I was working with the Law Web Saarbrücken, one of the very early law related portals. I'm still involved in this project. This forced me into the legal issues of the Internet which turned into the center of my interest. After the second state examination, I moved on to the Institute for penal law and worked on arbitration, mediation and data protection.
Beginning of 1997 I moved on to the Institute of Law and Informatics thus combining my education on international law with the international legal issues of the Internet. One of the last projects I was involved with for the Institute of Computing and Law was the web site of Germany's Federal Constitutional Court.
I joined W3C in 1999 with a focus on Privacy, Security and European governmental affairs. While the initial work was mostly technical, my law background became more and more useful to the Consortium over time. In 2006 I became W3C's staff counsel and in 2007 the Legal counsel.

Dormant or out of area Interests

  • Security

    As data protection in the initial sense also includes data security, I cover sometimes Thomas Roessler from the Security Activity if he is not available. My initial interest was the securing of documents from a legal point of view. The paper-society secures documents with hand-written signatures. I followed most of the evolution in this area and was an observer to ETSI TC ESI since 1999.

    My main interest in Security slided from this initial crypto-centered securing of documents to the notion of identity and trust. In fact, the work on P3P raised many issues around Identity and P3P 1.1 contains a revised chapter about identity and identification. Now, we see social networking sites, things like FOAF and the systematic googling of persons before a decision is made about them. This raises many issues if one takes the human rights question into account. So allowing people to express and trade trust on the one hand and still permit some privacy and right to be left alone is a challenge. My main interest in this area is to leverage the Semantic Web to address this field of constant tension between opposite goals.

  • Rights Management

    DRM is and will remain a hot topic simply because there is so much money involved in content creation, trading and distribution. It is clear that in an information society, the decision on content distribution is a decision on power in this society. DRM is just another constraint to the information flow, like privacy and access control. So there is some communalities with data protection. Like in the trust/reputation scenario, the evaluation of social consequences of a certain type of technology is of prime interest to me. Today's DRM systems default to closed and it is a large effort for the content provider to give a liberal license. This shows the bias in design caused by the angry requirements of a certain industry. But for me, Creative Commons is DRM too as it carries special semantics Now you might understand that issues related to Security and to Privacy lead to some interest into DRM. I kept an eye on DRM after the successful organization of a DRM Workshop for W3C in 2001 (that still is a landmark IMHO).