This issue is being filed as part of PING wide review.
The privacy considerations section seems to prohibit implementations from deleting or clearing user storage.
End-users MUST decide whether to remove the information stored by the user agent, corresponding to any MiniApp instance.
Since this information can include user identifiers and other sensitive information (depending on the purpose of the MiniApp), this seems to prevent implementors from taking steps to limit the lifetime of these stored identifiers (or take other steps on behalf of users to improve user privacy). Requiring users, and only users, to manage what data is stored on their device seems to place a significant responsibility on users to understand the risks and usefulness of long term (and possibly rarely accessed data) which seems to invite possible harm. It seems equivalent to preventing browsers, for example, from clearing long-lived cookies or other similar interventions.
More broadly, I urge the group to revise this text, so that privacy-focused implementations can take steps on behalf of users to protect user privacy, especially in cases where users may be poorly equipped to manage (or even understand) the data themselves.
If the above is not possible, it would be useful to understand why