--- a/encrypted-media/encrypted-media.html	Mon Aug 11 14:55:53 2014 -0700
+++ b/encrypted-media/encrypted-media.html	Mon Aug 11 16:02:03 2014 -0700
@@ -1570,6 +1570,14 @@
       <dt>Encryption or obfuscation of Key System stored data</dt>
       <dd>User agents should treat data stored by Key Systems as potentially sensitive; it is quite possible for user privacy to be compromised by the release of this information. To this end, user agents should ensure that such data is securely stored and when deleting data, it is promptly deleted from the underlying storage.</dd>
     </dl>
+    
+    <p>User agent and CDM implementations that allow the CDM to persist data should:</p>
+    <ul>
+      <li>Ensure it is restricted to the origin for which it was created.</li>
+      <li>Ensure it is restricted to the current profile and does not leak to or from Incognito/Private Browsing sessions.</li>
+      <li>Allow the user to clear it, preferably by origin.</li>
+      <li>Treat it like other site data, including presenting it along with cookies, including it in "remove all data", and presenting it in the same UI locations.</li>
+    </ul>
 
     <h3 id="privacy-secureorigin">7.3. Use Secure Origin and Transport</h3>
     <p>In order to protect identifiers and other information discussed in previous sections, user agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.

--- a/encrypted-media/encrypted-media.xml	Mon Aug 11 14:55:53 2014 -0700
+++ b/encrypted-media/encrypted-media.xml	Mon Aug 11 16:02:03 2014 -0700
@@ -1544,6 +1544,14 @@
       <dt>Encryption or obfuscation of Key System stored data</dt>
       <dd>User agents should treat data stored by Key Systems as potentially sensitive; it is quite possible for user privacy to be compromised by the release of this information. To this end, user agents should ensure that such data is securely stored and when deleting data, it is promptly deleted from the underlying storage.</dd>
     </dl>
+    
+    <p>User agent and CDM implementations that allow the CDM to persist data should:</p>
+    <ul>
+      <li>Ensure it is restricted to the origin for which it was created.</li>
+      <li>Ensure it is restricted to the current profile and does not leak to or from Incognito/Private Browsing sessions.</li>
+      <li>Allow the user to clear it, preferably by origin.</li>
+      <li>Treat it like other site data, including presenting it along with cookies, including it in "remove all data", and presenting it in the same UI locations.</li>
+    </ul>
 
     <h3 id="privacy-secureorigin">7.3. Use Secure Origin and Transport</h3>
     <p>In order to protect identifiers and other information discussed in previous sections, user agents may choose to only support the EME APIs and/or specific Key Systems (i.e. based on privacy and security risks) on secure origins.