I'm the Legal counsel of W3C. But W3C itself is a cooperation between hosting institutions, namely MIT, ERCIM, Keio University and Beihang University). I am attached to the ERCIM host. This means I also have responsibility for legal matters within ERCIM.
The position reserves a very diverse set of fields of action, including licensing, contract creation, contract management, and HR issues. Of course, policy, including public policy considerations play a big role. By its nature, this part of my activities is hardly visible to the outside world. The most visible part is that I'm the chair of most of the Patent Advisory Groups of W3C. (See the XML Security PAG e.g.)

From joining W3C in 1999 until November 2013, I was responsible for all Privacy works within W3C mainly working on the P3P and later on Tracking Protection (DNT) where I pushed to make DNT usage compatible with a European Consent mechanism for the Directive on Electronic Communications I'm still proud of my participation in the PRIME project and the PrimeLife project.

I'm now the technical coordinator of the STREWS project, a EU research project and support action that is targeted towards Web Security. For me IT Security and data protection are very much related.

As I participated in the works on the reform of the European Standardisation system since 2006, the European Commission selected me as an expert from W3C into the European Multistakeholder Platform for Standardisation.

Other things

Having only missed 3 times the EDV-Gerichtstag I am a fan and in the Board of the Association carrying the conference.