• Rough draft
  • PEMC Requirements Status Report

    I prepared this from the requirements so far entered into our confluence page. It is worth noting:

    • We have no requirements yet where AQ (Accuracy and Quality), IA (Individual access & participation), or PS (Privacy compliance) are the primary considerations. This suggests to me some gaps in our coverage so far.

    • 13 of the 16 requirements apply to verifiers, which aligns with the group’s decision to focus on verifiers first.

    • Items 7 and 16 appear to be candidates for being merged, but note that the authors identified them with different primary considerations. Worth discussing?

     

    #

    Title

    Ref

    Verifiers

    Issuers

    Providers

    Primary

    CC

    PL

    CL

    DM

    UR

    AQ

    OT

    IA

    AC

    IS

    PS

    1

    Selective Data Release

    1_BC_CC

    FALSE

    TRUE

    TRUE

    CC

    Primary

     

     

    Secondary

     

     

    Secondary

     

     

     

     

    2

    Encrypted Channel Transactions

    2_ABC_IS

    TRUE

    TRUE

    TRUE

    IS

     

     

     

     

     

    Secondary

     

     

    Secondary

    Primary

     

    3

    Transparency at presentment

    3_C_OT

    FALSE

    FALSE

    TRUE

    OT

     

    Secondary

     

     

     

     

    Primary

     

    Secondary

     

     

    4

    Verifier Identification

    4_A_AC

    TRUE

    FALSE

    FALSE

    AC

     

     

     

     

     

    Secondary

     

     

    Primary

     

     

    5

    Inform users of verifier policies

    5_C_PL

    FALSE

    FALSE

    TRUE

    PL

     

    Primary

     

     

     

     

    Secondary

     

     

     

     

    6

    Verifiers must attest their use cases

    6_A_UR

    TRUE

    FALSE

    FALSE

    UR

     

    Secondary

     

     

    Primary

     

    Secondary

     

    Secondary

     

     

    7

    Veriferes minimize collection

    7_A_CL

    TRUE

    FALSE

    FALSE

    CL

     

    Secondary

    Primary

    Secondary

    Secondary

     

     

     

     

     

     

    8

    Context for user consent

    8_A_CC

    TRUE

    FALSE

    FALSE

    CC

    Primary

    Secondary

     

     

     

     

     

     

     

     

     

    9

    Declare Retention Period

    9_A_UR

    TRUE

    FALSE

    FALSE

    UR

     

     

     

    Secondary

    Primary

     

     

     

     

     

     

    10

    Justifialbe PII storage

    10_A_UR

    TRUE

    FALSE

    FALSE

    UR

     

    Secondary

     

     

    Primary

     

     

     

    Secondary

     

     

    11

    Segregated Accountability

    11_A_PL

    TRUE

    FALSE

    FALSE

    PL

     

    Primary

     

     

     

     

     

     

    Secondary

     

     

    12

    Secure Storage

    12_A_IS

    TRUE

    FALSE

    FALSE

    IS

     

     

     

     

     

     

     

     

     

    Primary

     

    13

    Data Subject Rights

    13_A_OT

    TRUE

    FALSE

    FALSE

    OT

     

     

     

     

     

     

    Primary

     

     

     

    Secondary

    14

    Data Registry

    14_A_AC

    TRUE

    FALSE

    FALSE

    AC

     

     

     

     

     

     

     

     

    Primary

     

    Secondary

    15

    Separate data

    15_A_DM

    TRUE

    FALSE

    FALSE

    DM

    Secondary

    Secondary

     

    Primary

     

     

     

     

     

     

     

    16

    Verifiers must only request the minimum data required for their transaction

    16_A_DM

    TRUE

    FALSE

    FALSE

    DM

     

     

    Secondary

    Primary

    Secondary