Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Statement: Verifiers shall not request more than the strictly necessary PII to provide their services.

Review meeting(s):

Status:
Status
titleDraft

Verifiers minimize collection

Statement (Single phrase or sentence)

Verifiers shall not request more than the strictly necessary PII to provide their services.

Description

Verifiers shall only request the strictly necessary PII to provide the services according to justified purposes for data processing. When no identification of the user is needed, Verifiers should accept the isolated proof of attributes via selective disclosure techniques or when possible, zero-knowledge proofs.

Scope (applies to)

  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers

Select the Primary Consideration*

  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Reference

07_V_CL

Select other relevant considerations

  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation)
  •  AQ (Accuracy and quality)
  •  OT (Openness, transparency, and access)
  •  IA (Individual access & participation)
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Select impacted Identifiers

  •  Direct
  •  Indirect
  •  Unique

Related Requirements


Explanatory Notes (Text or Link)


...