My name is Heather Burns and I am a tech policy wonk based in Glasgow, Scotland. I work for an open web built around international standards of human rights, privacy, accessibility, and freedom of expression. That means I advocate for policy and technology developments which keep the internet open, globally connected, secure, and trustworthy.
This is my personal site, and the content and opinions on it do not reflect the opinions of any current contractor or previous employer.
I’m currently freelancing and am fully booked up for the rest of 2023. Yay!
If you’re thinking ahead for 2024, the usual filters apply: I don’t work with big tech or anti-big tech campaigns, I don’t work in corporate compliance, I don’t work with government or regulators, I don’t work for all-white-male golf course boys’ clubs (yes, this still needs to be said in Scotland, and it shouldn’t), and I am not a lawyer or an academic. I work hybrid/remote from Glasgow.
In 2022 I completed the inaugural Internet Society Mid-Career Fellowship, a seven-month executive education programme on leadership in internet governance. I’m looking forward to putting the learning into practice.
The Book is out (!) and you can get your copy here.
Past work
- 2022: Head of Policy and Governance, MaidSafe
- 2020 – 2021: Policy Manager, Open Rights Group
- 2015 – 2020: Freelance tech policy and regulation specialist for clients across the startup, digital rights, privacy, digital agency, and games sectors
- 2011 – 2020: Open source software contributor and community member
- 2007 – 2015: Full-time web designer and developer
- 2000 – 2005: Worked in international relations and community development

In August 2018 I was flattered to be named as Smashing Magazine’s Person of the Week for my work on GDPR and privacy. Photo taken by some Geordie in a Belgrade dive bar run by two refugees from Reading ’94.
Past side projects
- afterbrexit.tech – side blog on EU-derived internet regulation throughout the Brexit process
- UNICEF global working group on developing a manifesto on children’s data governance
- WP Core-Privacy team
- WP 4.9.6 GDPR and privacy tool suite
- Cross-project open source privacy coalition
- Mozilla Open Leaders programme
Current interests
- Intermediary liability, particularly in an international context (e.g. the OSB vs the DSA)
- Privacy privilege in law and academia
- Ethics washing, as is apparent in the post-Brexit legislative context
- Legal endogeneity, e.g. when the interpretation of internet legislation drafted without practitioner involvement is, nevertheless, delegated to them
Contact information

Locations: Glasgow, Scotland, Europe; also Manchester, England, UK
Email: contact at webdevlaw.uk
Social: LinkedIn // Twitter: @webdevlaw // Zuckervegan (I’m not on FB, IG, WhatsApp, or Threads)
I have Mastodon accounts but I’m not using them due to the Mastodonsplaining. Seriously, guys.
I’m no longer doing writing gigs or conference speaking.
I’m not doing any media appearances or journo requests for the time being.
Portrait photography © Julie Broadfoot – www.juliebee.co.uk