Merge branch 'R5' into 'RDM-2024-0057-New_requirement_for_data_ownership_and_right_to_be_deleted'

# Conflicts: # TS-0002-oneM2M-Requirements.md

Merge branch 'R5' into 'RDM-2024-0057-New_requirement_for_data_ownership_and_right_to_be_deleted'
ff67689f · JaeSeung Song · 2a756724 · c343fcbb · ff67689f
Commit ff67689f authored 4 months ago by JaeSeung Song
--- a/TS-0002-oneM2M-Requirements.md
+++ b/TS-0002-oneM2M-Requirements.md
@@ -709,7 +709,13 @@ NOTE3: The solution would be complete and will be a part of the oneM2M core func
 |SER-082<br />See ARC--2018-0062 |The oneM2M System shall support M2M Service Subscriber and M2M Service User profiles specifying their restrictions (e.g. privacy restrictions, max number and/or types of applications and devices the M2M Service Subscriber and its authorized M2M Service Users are allowed to register to the M2M System, the maximum number of resources or bytes of data that the M2M Service Subscriber can store in the M2M System, etc.) and their default configurations (e.g. access control policies, expiration times, max number of content instances, etc.). | |
 |SER-083<br />See RDM-2019-0054R01 |The oneM2M System shall support access control and authorization mechanisms for the M2M Service Subscriber or M2M Service User information, based on dynamic parameters (e.g. on/off duty time schedule, location, role or job position etc.). |Rel-4 |
 |SER-084<br />See RDM-2019-0054R01 | The oneM2M System shall be able to access M2M Service Subscriber information or M2M Service User information based on dynamic parameters (e.g. on/off duty time schedule, location, role or job position, etc.) from M2M Applications. |Rel-4 |
-|SER-0xx<br />See TR-0062 | The oneM2M System shall provide mechanisms to immediately delete privacy-related data upon request from the data owner, supporting the "right to be forgotten" as required by regulations like the GDPR and Personal Information Protection Act. |Rel-4 |
+<<<<<<< TS-0002-oneM2M-Requirements.md
+|SER-085<br />See TR-0062 | The oneM2M System shall support the ability to apply pseudonymisation and anonymisation techniques to data based on specified privacy preferences, ensuring compliance with applicable privacy regulations (e.g., GDPR) and protecting data subject identity. |Rel-4 |
+|SER-086<br />See TR-0062 | The oneM2M System shall ensure that "additional information" used for pseudonymisation is securely stored and access-controlled, allowing only authorized entities to link pseudonymised data back to the data subject while maintaining separation from the main data set. |Rel-4 |
+|SER-087<br />See TR-0062 | The oneM2M System shall be able to store, manage and access user's consent information for data processing activities associated with oneM2M resources in compliance with requirements from relevant regulations. |Rel-4 |
+|SER-088<br />See TR-0062 | The oneM2M System shall provide mechanisms for managing consent information, including the ability to update or withdraw consent, specify the scope and purpose of processing activities, and associate each processing activity with one or more oneM2M resources. |Rel-4 |
+|SER-089<br />See TR-0062 | The oneM2M System shall provide mechanisms to immediately delete privacy-related data upon request from the data owner, supporting the "right to be forgotten" as required by regulations like the GDPR and Personal Information Protection Act. |Rel-4 |
+>>>>>>> TS-0002-oneM2M-Requirements.md

 NOTE 1:    The above requirement does not cover items outside of the oneM2M System, e.g. Underlying Networks.