You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
Version 1
Next »
Status: SUBMITTED
Item | Description |
---|
Statement (Single phrase or sentence) | Verifiers shall not request more than the strictly necessary PII for the provision of their services. |
Description | Verifiers shall only request the strictly necessary PII for the provision of the services according to justified purposes for data processing. When no identification of the user is needed, Verifiers should accept the isolated proof of attributes via selective disclosure techniques, or when possible, zero-knowledge proofs. |
Scope (applies to) | - Part A: Verifiers
- Part B: Issuers
- Part C: Providers
|
Select the Primary Consideration* | - CC (Consent and Choice)
- PL (Purpose legitimacy and specification)
- CL (Collection limitation)
- DM (Data minimization)
- UR (Use, retention, and disclosure limitation)
- AQ (Accuracy and quality)
- OT (Openness, transparency, and access)
- IA (Individual access & participation)
- AC (Accountability)
- IS (Information Security)
- PS (Privacy compliance)
|
Select other relevant considerations | - CC (Consent and Choice)
- PL (Purpose legitimacy and specification)
- CL (Collection limitation)
- DM (Data minimization)
- UR (Use, retention, and disclosure limitation)
- AQ (Accuracy and quality)
- OT (Openness, transparency, and access)
- IA (Individual access & participation)
- AC (Accountability)
- IS (Information Security)
- PS (Privacy compliance)
|
Select impacted Identifiers | |
Reference (#_Scope_Consideration_Ref #) |
|
Related Requirements |
|
Explanatory Notes (Text or Link) |
|
*For descriptions download the publicly available version of ISO/IEC 29100