| Co-chair, Privacy and Consumer Advisory Group (PCAG) to the Government Digital Service and GOV.UK (2024). | The Privacy and Consumer Advisory Group (PCAG) advises the government on how to provide users with a simple, trusted and secure means of accessing public services. PCAG has acted as a critical friend for a range of government privacy, data and identity related proposals including identity proofing for the NHS App, the development of data sharing proposals in the Digital Economy Act and the development of the National Data Strategy.
I have been a member of PCAG since 2010 and was its co-chair between 2014 and 2024. |
| Member, One Login Inclusion and Privacy Advisory Group (OLIPAG) to the Government Digital Service and GOV.UK (2025). | In 2023 PCAG became OLIPAG and I co-chaired OLIPAG until November 2024, stepping down to become a regular member. In February 2025, OLIPAG was disbanded by the Department for Science, Innovation and Technology (DSIT).
OLIPAG had acted as a critical friend for the development of GOV.UK One Login
|
| Member, Cabinet Office Digital Economy Act 2017 Debt and Fraud Information Sharing Review Board (2025). |
I am an ex-officio member of this review board which assesses proposals to use data sharing powers under the Digital Economy Act and considers whether the requirements to use the powers are met. It makes recommendations to the Minister for the Cabinet Office on whether proposals should be accepted for implementation, accepted subject to amendments, or declined. All approved proposals must proceed as pilots in the first instance. The board meets monthly to review proposals.
I have been representing privacy and consumer issues on the board since 2018.
I have reflected on the implications of this work in 2023-BS1 |
| Member, Scottish Government Digital Identity Scotland Expert Group (2025). | The expert group provides advice to inform the design, direction and prioritisation of the Scottish Government’s Digital Identity Scotland Programme. Realising Scotland’s full potential in a digital world: a digital strategy for Scotland is committed to work with stakeholders, privacy interests and members of the public to develop a robust, secure and trustworthy mechanism by which people can demonstrate their identity online to access digital public services.
I have been a member since the beginning of this work in 2018 |
| Member, DCMS UK digital identity and attributes trust framework policy development working group (2025). | DCMS (now DSIT) launched the alpha version of the UK digital identity and attributes trust framework in February 2021. It has organised a number of working groups to help with the development of the framework.
I have been a member of the privacy and civil society working group since 2021. |
| Advisory Board Member, Ada Lovelace Institute: Ryder Review of Biometric Regulation (2022). | This independent legal review of the governance of biometric data in the UK, led by Matthew Ryder QC, examined the existing regulatory framework for biometrics and identified options for reform that will protect people from misuse of their biometric data, such as facial characteristics, fingerprints, iris prints and DNA.
I was an Advisory Board member for this work between 2019 and 2022. The resulting review is 2022-R1 |
| Advisor, Ada Lovelace Institute: Checkpoints for vaccine passports Requirements that governments and developers will need to deliver in order for any vaccine passport system to deliver societal benefit (2021). | I was an advisor to this report that built on the earlier work on vaccine passports, particularly reviewing the socio-technical environment within which any such proposals would operate.
The resulting report is 2021-R2 |
| Rapid Evidence Review Expert, Ada Lovelace Institute: What place should COVID-19 vaccine passports have in society? (2021). | I was a member of the expert group who produced this influential rapid evidence review. This built on the Exit through the App Store report focussing on vaccine passports (an extension of immunity certificates).
The resulting report is 2021-R1 |
| Rapid Evidence Review Expert, Ada Lovelace Institute: Exit through app store (2020). | I was a member of the expert group who produced this influential rapid evidence review. My particular contribution focussed on the discussion of immunity certification (chapter 5) and its relationship to digital identity.The resulting report is 2020-R1 |
| Member, Open Banking Strategic Working Group Data Expert Panel (2022). | The Data Expert Panel was formed in 2022 to support the work of the SWG to help shape the future of open banking.
I was specifically invited to become a member of this panel in light of my expertise in data governance and open banking |
| DSIT Oversight group for the Public Dialogue on Trust in Digital Identity Services (2023). | In 2023 DSIT commissioned independent research to examine public trust in digital identity services and created an oversight group to monitor the research. I am one of three academics in this group. |
| Member, Administrative Data Research Network, Information Assurance Expert Group (2017). | The purpose of the Information Assurance Expert Group was to provide the Administrative Data Research Network (ADRN) with expert advice on Information Assurance and Statistical Disclosure Control (SDC) in relation to research outputs from the ADRN secure infrastructure.
I was a member of the group between 2014 and 2017. |
| Consortium Member, British Standards Institute Online Age Checking Code of Practice (2018). | The consortium developed a BSI standard code of practice for online age checking (PAS 1296:2018). This standard is increasingly being adopted by industry for age verification purposes.
Between 2015 and 2018 I was an academic member of the consortium. |
| Member, GDS Privacy and Inclusion Advisory Forum (2023). |
As the UK digital identity policy for accessing government services develops, GDS created the Privacy and Inclusion Advisory Forum to ensure regular and meaningful engagement with key to
help shape the development of a new cross-government single sign-on and digital identity assurance system (known as ‘One Login for Government’).
I was a member of the group from its launch in June 2021 until November 2023 when it was merged with OLIPAG. |
| Participant, Open Policy Making Process for Digital Economy Bill, including reviewer of Government analysis of responses to Consultation (2014-2015) (2015). | In 2014 a group of civil society representatives, experts and government officials met to plan the data sharing policy process as an open policy making process. This resulted in a series of policy workshops bringing together academics, civil servants and civil society representatives.
I participated in these workshops between 2014 and 2015. |
| Member of External Advisory Group for the Better Use of Data in Government Consultation (2016). | At the end of the Open Policy Making Process described above, the Government launched a consultation around the proposed next steps and, as a continuation of open policy making, created an External Advisory Group to review its analysis of the consultation responses.
I was a member of this group in 2016
I have reflected on the implications of this work in 2022-BS1 |
| Independent observer, DCMS Document Checking Service pilot (2020). | As part of the development of the UK digital identity policy DCMS launched a pilot for non-public sector organisations that want check if British passports are valid by accessing the Government’s Document Checking Service.
I was an independent observer for the evaluation of the applications to participate in the pilot study.
The pilot evaluation took place between 2019 and 2020. |
| Member, DCMS National Data Strategy Forum (2022). | As the UK government continues to refine its National Data Strategy it has launched a forum to work through the details of the strategy development.
I have been a member of this forum since its launch in 2021. |
| US-UK Scientific Forum on Researcher Access to Data (2023). (available at https://www.nasonline.org/programs/scientific-forum/researcher-access.html) | I was an invited participant for this joint event organised by the US National Academy of Sciences and the UK Royal Society |
| Consortium Member, British Standards Institute Publicly Available Specification on RFID technology (2013). | The consortium developed a BSI Publicly Available Specification on Implementing privacy impact assessment (PIA) frameworks in radio frequency identification (RFID) applications (PAS 94:2013).
I was the sole academic member of the consortium between 2011 and 2013. |
| Member, BCS Information Privacy Expert Panel (2015). | The panel helps guide the policy work of BCS in the area of information privacy on a range of issues.
I was a member of the panel between 2008 and 2015. |