RDM-2024-0057-New_requirement_for_data_ownership_and_right_to_be_deleted

Coversheet	Value
Meeting ID	RDM #67
Work-item	WI-0001
Reason	This contribution proposes to add a new requirement to TS-0002 v5.3.0 to address issues related to data ownership and right to be forgotten.

TS-0002-oneM2M-Requirements.md

@@ -714,10 +714,9 @@ NOTE3: The solution would be complete and will be a part of the oneM2M core func
 |SER-086<br />See TR-0062 | The oneM2M System shall ensure that "additional information" used for pseudonymisation is securely stored and access-controlled, allowing only authorized entities to link pseudonymised data back to the data subject while maintaining separation from the main data set. |Rel-4 |
 |SER-087<br />See TR-0062 | The oneM2M System shall be able to store, manage and access user's consent information for data processing activities associated with oneM2M resources in compliance with requirements from relevant regulations. |Rel-4 |
 |SER-088<br />See TR-0062 | The oneM2M System shall provide mechanisms for managing consent information, including the ability to update or withdraw consent, specify the scope and purpose of processing activities, and associate each processing activity with one or more oneM2M resources. |Rel-4 |
+|SER-089<br />See TR-0062 | The oneM2M System shall provide mechanisms to immediately delete privacy-related data upon request from the data owner, supporting the "right to be forgotten" as required by regulations like the GDPR and Personal Information Protection Act. |Rel-4 |
 >>>>>>> TS-0002-oneM2M-Requirements.md
 
-
-
 NOTE 1:    The above requirement does not cover items outside of the oneM2M System, e.g. Underlying Networks.
 
 NOTE 2:    Geographical location information can be more than simply longitude and latitude.