One of the Web’s greatest strengths is its generality—its openness to new links and unexpected uses. Openness also means that different applications and users have different security goals and threat models: a mash-up that’s desired by one may be dangerous to another. As stewards of the Open Web Platform, W3C aims to accommodate these different needs through modular components, including work on user security and authentication, cooperative policy enforcement, and platform-level reviews. W3C’s Wendy Seltzer explores design patterns and modularity to support a platform for trustworthy application development. We'll discuss what’s already been done, what’s in progress, and where we’re looking next to support an environment for trustworthy application development. We will also talk about broader patterns. While we can’t guarantee the security of “the Web” as an application platform, we can make it easier for authors to write secure web apps and for users to distinguish those they trust. Can we take the hard-earned lessons of web security to other emerging environments, such as the burgeoning universe of connected things and cars? Can we get both security and space for innovation? Wendy Seltzer is policy counsel to the World Wide Web Consortium (W3C) at MIT, where she leads the Technology & Society Domain’s focus on privacy, security, web payments, and social web standards. Wendy researches openness in intellectual property, innovation, privacy, and free expression online. As a fellow with Harvard’s Berkman Center for Internet & Society, Wendy founded the Lumen Project (formerly Chilling Effects Clearinghouse), helping bring transparency to online content removal requests. She serves on the board of directors of the Tor Project, which promotes privacy and anonymity research, education, and technology. Wendy seeks to improve technology policy in support of user-driven innovation and communication.