Add/fill in privacy considerations sections in OID4VC specs

[OIDF-automation]

Imported from AB/Connect bitbucket: https://bitbucket.org/openid/connect/issues/1926

Original Reporter: KristinaYasuda

Add/fill in privacy considerations sections in OID4VC specs

[OIDF-automation]

Imported from AB/Connect bitbucket - Original Commenter: mh67df3w

We could start with OECD Privacy guidance availale at https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0188

‌

The high level set of principles from that document are:

• Collection Limitation
• Data Quality
• Purpose Specification
• Use Limitation
• Security Safeguards
• Openness
• Individual Participation
• Accountability

‌

[OIDF-automation]

Imported from AB/Connect bitbucket - Original Commenter: KristinaYasuda

thank you! the challenge is always how to translate these principles into the requirements relevant at the protocol level.

[OIDF-automation]

If the WG is supportive that far at least I'm happy to have a go at taking those to a more practical & relevant level

[Sakurann]

probably would be good to enhance privacy session before ID3, just like we did for VCI ID1