Add section addressing PII in schemas (#168)

decentralgabe · andresuribe87 · TallTed · web-flow · commit 9a34f7706cb0 · 2023-06-22T17:34:32.000-05:00
* add section on pii

* Update index.html

Co-authored-by: Andres Uribe &lt;andresuribe87@gmail.com&gt;

* Update index.html

Co-authored-by: Ted Thibodeau Jr &lt;tthibodeau@openlinksw.com&gt;

---------

Co-authored-by: Andres Uribe &lt;andresuribe87@gmail.com&gt;
Co-authored-by: Ted Thibodeau Jr &lt;tthibodeau@openlinksw.com&gt;
diff --git a/index.html b/index.html
@@ -777,7 +777,28 @@ <h2>Privacy Considerations</h2>
             This section details the general privacy considerations and specific privacy
             implications of deploying this specification into production environments.
          </p>
-         <section class="informative">
+         <section>
+            <h3>Personally Identifiable Information</h3>
+            <p>
+               Data associated with schemas and <a>verifiable credentials</a> are susceptible
+               to privacy violations when shared. Personally identifying data, such as a
+               government-issued identifier, address, or name, can be used to track and correlate
+               entities. Even less overt personal data such as a birthdate or postal code has
+               the ability to result in correlation and de-anonymization.
+            </p>
+            <p>
+               Implementers are strongly advised to avoid constructing schemas with any personally
+               identifiable information (PII).
+            </p>
+            <p>
+               If such personally identifiable information is necessary in a schema, or a credential
+               schema, implementers are strongly advised to use mechanisms while storing and
+               transporting <a>verifiable credentials</a> that protect the data from those who should
+               not access it such as Transportation Layer Security (TLS) or other means of encrypting
+               the data whether in transit or at rest.
+            </p>
+         </section>
+         <section>
             <h3>Verifier Caching</h3>
             <p>
                Since schemas are immutable, they are highly cachable.
@@ -788,7 +809,7 @@ <h3>Verifier Caching</h3>
                <a>verifier</a>-based access patterns on the schema. 
             </p>
          </section>
-         <section class="informative">
+         <section>
             <h3>Content Distribution Networks</h3>
             <p>
                The use of content distribution networks by <a>issuers</a> can increase the
@@ -808,7 +829,7 @@ <h2>Security Considerations</h2>
             not understanding the implications of this section can result in
             security vulnerabilities.
          </p>
-         <section class="informative">
+         <section>
             <h3>Issuer Impersonation</h3>
             <p>
                It is possible for a schema to become authoritative, such as schemas
