Pillar 2: Privacy - Wallet Consent Management #41
Comments
tlodderstedt
changed the title
|
Other means will need to be used to seek redress from the relying party, such as GDPR. The wallet can provide evidence that consent has been withdrawn, which can be used by the relevant authorities. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
and others
"Preventing Misuse of Data: By giving users the ability to manage consent, it reduces the risk of data misuse. Holders can withdraw consent if they believe their data is not being used appropriately."
How does a withdrawn consent prevent abuse? The data has already been transfered to the respective verifier/relying party. If this entity misbehaves, it will just ignore the withdrawal. In my opinion, user consent ensures users know where her data go and for what purpose, but if something goes wrong, there needs to be functions to complaint with an authority or even file a law suite. As a basis for that, the user must reliably know the verifier's/RP's identity and have some evidence that data was shared.
The text was updated successfully, but these errors were encountered: