Versions Compared

Old Version 15

changes.mady.by.user John Wunderlich

Saved on

compared with

New Version 16

changes.mady.by.user John Wunderlich

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
  •  Any member of the workgroup may create a candidate requirement for discussion by the group. For instructions on how to create a requirement see: Sample Requirements
#StatementScopePrimary ConsiderationOther ConsiderationsLinkStatusTasks
1_B_CCThe Issuer must ensure the existence of functionality allowing selective data release.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
Allow selective data release

Status

colourYellow

title

Candidate

Submitted

  •  Type your task here, using "@" to assign to a user and "//" to select a due date
2_ABC_ISAll identifying data shall be transacted through encrypted channels.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
Encrypted channels

Status

colourYellow

title

Candidate

Submitted

  •  Type your task here, using "@" to assign to a user and "//" to select a due date
3_C_OTTransparency to Holder at mobile credential presentment
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
Transparency at presentment

Status

colour

Yellow

title

Candidate

Submitted

  •  Type your task here, using "@" to assign to a user and "//" to select a due date
4_A_DMVerifiers shall not request more than the strictly necessary PII for the provision of their services, such as a proof of age.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance
)
Status
colourYellow
titleCandidate
5
  • )
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
5_A_CC

Verifiers shall request user consent prior the transmission of their PII. User consent shall be requested in a clear and comprehensible way. If PII are disclosed for different purposes, the specific PII and respective purposes shall be displayed to the user.

  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance
)
Status
colourYellow
titleCandidate
  •  Type your task here, using "@" to assign to a user and "//" to select a due date
67
  • )
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
6_A_URVerifiers shall state a retention period for PII in their consent request.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
Status
colourYellow
titleCandidate
  •  Type your task here, using "@" to assign to a user and "//" to select a due date
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
7_A_URVerifiers shall not store any PII when it is not required for the provision of their services.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance
)
Status
colourYellow
titleCandidate
  •  Type your task here, using "@" to assign to a user and "//" to select a due date
8
  • )
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
8_A_PLVerifiers shall not fall into collusive practices with Issuing Authorities or other Verifiers for user re-identification.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance
)
Status
colourYellow
titleCandidate
  •  Type your task here, using "@" to assign to a user and "//" to select a due date
910
  • )
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
9_A_IS

Verifiers shall adopt appropriate measures to ensure the security of stored PII.

  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
Status
colourYellow
titleCandidate
  •  Type your task here, using "@" to assign to a user and "//" to select a due date
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
10_A_OTVerifiers shall guarantee appropriate means to ensure that user can access and request the erasure of their PII.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance
)
Status
colourYellow
titleCandidate
  •  Type your task here, using "@" to assign to a user and "//" to select a due date
11
  • )
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
11_A_ACVerifiers shall maintain appropriate registries and ensure access to Law Enforcement Authorities for accountability purposes.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
12_A_DMVerifiers shall not combine any PII for the purpose of re-identifying the data subject, unless specifically informed and justified.
  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)
  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Status
titleSubmitted

  •  Requirement using template to be created
  •  
13





  •  Type your task here, using "@" to assign to a user and "//" to select a due date