What We Do
International standards rarely arrive fully formed. They are negotiated, piloted, and operationalized over years, and the organizations that engage early help determine how they end up working in practice. We bring clients into that process — whether they are an industry player implementing a designation, a regulator running a pilot, or a foundation funding research that informs policy.
Our team has worked across the full lifecycle: drafting position papers, building multi-stakeholder working groups, running first-of-their-kind pilot tests, and standing up the internal capabilities that compliance actually requires.
How We Help
Clients engage us when the standard in question is genuinely new, the stakes are high, and there is no off-the-shelf playbook. We bring the technical literacy to understand what compliance actually requires, the policy fluency to engage credibly with regulators, and the product discipline to ship something that holds up under scrutiny.
Representative Work
Working Paper is a small firm by design. The work below reflects what you're hiring when you hire us — engagements led at Working Paper, and the senior careers our principals and senior consultants brought with them.
AI reliability and quality at ISO/IEC JTC 1/SC 42. We sit as US National Body Experts and Liaison Officers at ISO/IEC JTC 1/SC 42, the international subcommittee on AI standards. We are drafters of ISO/IEC TS 42119-8 on quality assessment of prompt-based text-to-text generative AI systems, contributors to WG 1 on frontier risk, and authors of U.S. national-body contributions to SC 42 through INCITS.
AI reliability benchmarking with MLCommons. We lead product, program, and policy strategy for AILuminate, the open AI reliability benchmark from MLCommons — including the v1.0 Jailbreak Benchmark, multimodal extension, and the consortium governance artifacts (Responsible Disclosure Policy, Taxonomy Maintenance Process) that make benchmark releases legible to industry, regulators, and the public.
Digital Services Act, end to end. We designed and led the DSA compliance strategy for two designated Very Large Online Platforms, working with C-suite leaders to establish new organizations, internal capabilities, performance measurement tools, and response processes. We subsequently ran the only pilot test of the DSA's data access mandates, conducted on behalf of the European Digital Media Observatory and the French (ARCOM and CNIL), Dutch (ACM and AP), and Irish (DPC and Coimisiún na Meán) regulators. Inside Meta, we led the interpretation and compliance strategy for DSA Article 40 and authored position papers that informed the EDMO report on a Code of Conduct for Researcher Access to Platform Data.
GDPR Article 40 code of conduct. We wrote the initial strategy for, founded, and helped lead the EDMO multi-stakeholder working group that brought together civil society (Access Now, Future of Privacy Forum, GESIS), academia (University of Amsterdam, Sheffield, George Washington), and industry (Meta, Google, Twitter) to define an ethical, lawful process for research data sharing under GDPR and the DSA.
Privacy regulation across jurisdictions. We have managed privacy strategy and program implementation against GDPR, CCPA, the EU AI Act, and FTC requirements for product companies — including residential access-control startup Durin.ai — and have advised global privacy practitioners and regulators through the Future of Privacy Forum's NSF- and DOE-funded Research Coordination Network on Privacy Enhancing Technologies.
Consensus standards for community health information systems. We led a Delphi study among an international panel of experts representing leading global health institutions, to establish consensus on the core features and interoperability priorities for community health information systems. These are now the most widely used health information systems in many low- and middle-income countries. The study, published in BMJ Global Health, employed a structured consensus-building method widely used in standards development, demonstrating a reusable approach for building consensus across institutions, regions, and disciplines where no formal standards body has yet convened.
Clinical data standards for cancer diagnostics. We co-chaired the Blood Profiling Atlas in Cancer consortium and co-authored the minimum technical data elements standard for liquid biopsy data submitted to public databases — a standard adopted to accelerate FDA approval of less invasive cancer diagnostics.