SMEs

Leading IEC SC62 D JWG 36 and support IEC SC62A JWG 9 as an expert

The sectors of Digital Twins, Virtual Worlds/Citiverse, IoT and Data Spaces are fragmented, especially the uneven uptake of NGSI‑LD, Smart Data Models/SAREF and governance models creates a barrier for cross‑domain interoperability in cities. Therefore, I focus on harmonising these layers within ITU‑T Citiverse and EU Local Digital Twin  (LDT) Toolbox. I also contribute to aligning LDT and Data Space governance with UNE 0087:2025 and the Gaia‑X Trust Framework to operationalise sovereignty, compliance and automated conformance. Moreover, I contribute to mapping LDT/MIM8, NGSI‑LD, SIMPL and Citiverse deliverables to speed deployment and avoid duplicate or conflicting specs. 
 

This fellowship supports my role as a convener of ISO TCC307 WG3. The priority is to organise the appropriate ballots and meetings to allow the experts to discuss and reach a consensus based on the comments received for the projects in ISO TC 307 WG3. Another priority is to complete the norms with the attendance list and verify that all experts in the meeting were duly registered in the portal and authorised to participate in the meetings.

One of the main challenges of this work has been overcoming the cultural barriers and language differences encountered during this period, particularly through various meetings and ad hoc meetings for the three projects, which are ongoing in preparation for the final stage to publication. 

The focus of my fellowship was to support the Integration of IoT, data interoperability, and standardisation practices into agricultural digital transformation frameworks.
The main gaps addressed through this fellowship were the lack of national policy alignment, weak participation in standardisation processes, and limited awareness of ICT interoperability frameworks in the Western Balkans, particularly Kosovo. Until recently, standardisation in agriculture was not part of the national digitalisation agenda, leaving many innovations fragmented and incompatible with EU frameworks.
In this context, I contributed to the national consultation and standardisation alignment process that shaped the Digital Agriculture Programme and Action Plan 2025–2028 in Kosovo, referencing European standards such as SAFE4Agri, ETSI SAREF4Agri, and ISO/IEC 30141.
Through the fellowship, I helped initiate dialogue between national authorities, FAO–AKIS, and regional organisations to begin integrating ICT standardisation principles into agriculture policy. 
The challenge was not only technical but also institutional and educational — to convince policymakers and agricultural associations of the value of adopting open European standards. As one of the first developers to successfully deploy smart irrigation IoT solutions in Kosovo, I used practical examples to demonstrate the benefits of standardisation and its role in improving interoperability, transparency, and SME innovation.
This fellowship therefore contributed to bridging the policy gap between innovation and regulation, ensuring that Western Balkan countries begin integrating EU ICT standardisation frameworks into their national digital-agriculture strategies.
 

In the framework of this fellowship, I worked on a Technical Report (TR) that addresses critical gaps and challenges in the international standards landscape for digital content identification and binding mechanisms.
The absence of a common terminology across standardisation communities poses a major challenge. Different communities use inconsistent language when describing how content is connected with its metadata or other associated information. Whereas the C2PA initiative uses its own distinct terminology, other standardisation communities (e.g. W3C or OAIS) have different interpretations of what bindings mean. This terminological divergence leads to interoperability and mutual understanding barriers. The TR is establishing a comprehensive taxonomy that provides a neutral reference framework for multiple standardisation efforts, facilitating clearer communication across standardisation communities.
A gap the TR is addressing, is the limited comprehension of how binding mechanisms respond to content transformations. Digital content undergoes frequent alterations through compression, format conversion, and editing. Traditional identifier systems often fail when these changes occur, particularly when embedded metadata is stripped. The Working Group systematically analyses characteristics and limitations of different binding approaches, from cryptographic hashing to robust fingerprinting to watermarking techniques. This analysis will help stakeholders to make informed architectural decisions tailored to their specific requirements.
Moreover, the fellowship further contributes to positioning the recently published ISCC standard (ISO 24138:2024) within a broader global context. The TR serves as an educational resource, helping stakeholders understand how similarity-preserving identification methods complement established identification systems and address emerging needs in content provenance and authenticity verification, particularly relevant with current growth of AI-generated content.
 

This was a short-term fellowship supporting my convernorship. During the period, I contributed to the following activities: 
Ensuring the sustainability of the standards developed within the IEC/JTC1/SC7/WG19 working group,
Identifying existing difficulties and proposing solutions to resolve them,
Raising awareness among the various members of the working group of the need to use OSD in future standards development,
Coordinating actions with the WG19 secretary and reporting to the SC7 secretariat.
 

This fellowship targets consumer-centric privacy by design in international standards work. Moreover, the Specific priorities, gaps and challenges identified are: 

• Consumer trust and privacy gaps: Fragmented practice and fast-moving online services erode user trust; legal principles (e.g., privacy by design, accountability) are not consistently translated into usable, testable requirements. 
• Stakeholder involvement: Consumer organisations and SMEs face high barriers to engage in lengthy, technical processes; national mirrors vary widely in how consumer voices are integrated. 
• Skills & usability deficits: Lack of shared patterns (consent, transparency UX, data control) and uneven digital skills hinder meaningful participation and compliant implementations. 
• Landscape fragmentation: Overlapping activities across SDOs make it hard for newcomers to find entry points, slowing delivery on e-privacy, safety, and transparency outcomes. 

How the fellowship addressed these

This fellowship supports my engagement as the chair of Chair of  ISO/IEC JTC 1/SC 44. The group’s Strategic Business Plan (SBP) aims to respond the the challenges identified above in the following manners: 

• Th TC establishes an inclusive, modular work approach that supplements ISO 31700-1 with smaller, technology-/sector-specific deliverables—lowering thresholds for participation and speeding time-to-impact on safety, transparency, and e-privacy. 
• Low-threshold stakeholder mechanisms: Communications/outreach plan and light-touch consultation formats to systematically bring in consumer groups and civil society, aligned with ISO/COPOLCO and relevant liaisons. 
• SME: A stepwise, outcome-oriented approach envisaged in the SBP to accommodate different maturity levels and resource constraints, easing adoption by SMEs. 
• Early scoping of verticals: Following the September 2025 SC 44 meetings in Kunming, first preliminary work is being initiated with additional verticals to follow.

The fellowship tackles the lack of international, or European, standard or technical specification that focuses explicitly on privacy and data protection capabilities of DLT systems. With this regards, ISO TS 24946 “Requirements and guidance for improving, preserving, and 
assessing the privacy capability of DLT systems” has now reached CD stage (July 2025) and will endeavour to move through this process and be completed in 2026. This process requires continued support from experts to ensure delivery, as scheduled. In this sense, the priority of this activity focuses  at the European level, CEN/CENELEC  JTC 19/WG3 to produce a European standard on PII protection within DLT which is strongly influenced by ‘DIN Spec 4997 - Privacy by Blockchain Design’ and the aforementioned ISO TS 24946. This European specification will seek to harmonise the GDPR and recent EDPB guidance to produce a technical specification intended for the European DLT ecosystem. 
This European specification will provide much needed clarity for the DLT ecosystem as regards data protection and privacy capabilities, affordances, and assessment. Further harmonisation between the international specification at ISO and the European standard will support interoperability, and ensure that privacy and data protection capabilities are harmonised globally. The main challenges concerns exacting requirements from regulations such as Article 76(3) of MiCAR, as well as Article 79(1) of the European AMLR will require navigation. Standards 
require alignment and compatibility with those legal texts, as well as corresponding regulations regarding personal data, data markets, and trust services (e.g., GDPR, Data Act, eIDAS2). Ensuring there are no gaps between regulatory texts and the proposed European standards will be a primary focus. Also, it must be ensured that there are no substantial gaps between international specifications and European standards will be the second focus. Standards alignment between ISO and CEN/CENELEC is viewed as a key outcome to benefit the global DLT ecosystem, and one that requires strong consensus building, given slightly different international privacy perspectives and preferences.

The main priorities of my fellowship are to support the development of two European standards for AI systems, Risk Management and Cybersecurity, which will enable organisations to manage risks and address cybersecurity concerns in alignment with the AI Act.

In this fellowship the original objective is to start to prepare a NWI to address the age approriate topic and start the standard development. The aim is to improve the benefits and reduce the risks in the digital world for young users up to the age of 18. The solution is to adapt the content delivered by online products and services according to the age of users. Moreover, the process requires establishing the age/capacity of users, including age verification and age estimation. The CWA does NOT define age estimation and verification processes (Out of scope) but requires to select an appropriate age assurance tools/approach in conformity with established standards and official guidance.