Skip to content

Commit

Permalink
Advise about PII leakage and preference for VCs that prevent leakage.
Browse files Browse the repository at this point in the history
  • Loading branch information
@msporny
msporny committed Apr 20, 2024
1 parent 63d1463 commit cd6116c
Showing 1 changed file with 18 additions and 7 deletions.
25 changes: 18 additions & 7 deletions index.html
View file
Expand Up @@ -5256,13 +5256,13 @@ <h3>Personally Identifiable Information</h3>

<p>
Data associated with [=verifiable credentials=] stored in the
`credential.credentialSubject` field is susceptible to privacy
violations when shared with [=verifiers=]. Personally identifying data, such
as a government-issued identifier, shipping address, and full name, can be
easily used to determine, track, and correlate an [=entity=]. Even
information that does not seem personally identifiable, such as the
combination of a birthdate and a postal code, has very powerful correlation
and de-anonymizing capabilities.
`credential.credentialSubject` field is susceptible to privacy violations when
shared with [=verifiers=]. Personally identifying data, such as a
government-issued identifier, shipping address, and full name, can be easily
used to determine, track, and correlate an [=entity=]. Even information that
does not seem to be personally identifiable, such as the combination of a
birthdate and a postal code, has very powerful correlation and de-anonymizing
capabilities.
</p>

<p>
Expand All @@ -5283,6 +5283,17 @@ <h3>Personally Identifiable Information</h3>
transit, as well as encryption or data access control mechanisms to protect
the data in a [=verifiable credential=] while at rest.
</p>

<p>
In general, individuals are advised to assume that a [=verifiable credential=],
like most physical credentials, will leak personally identifiable information
when shared. To combat this leakage, the [=verifiable credential=], and the
securing mechanism, need to be specifically designed to avoid correlation.
[=Verifiable credentials=] that are specifically designed to prevent the leakage
of personally identifiable information do exist. Individuals and implementers
are urged to prefer these types of credentials over ones that are not designed
to protect personally identifiable information.
</p>
</section>

<section class="informative">
Expand Down

0 comments on commit cd6116c

Please sign in to comment.