diff --git a/draft-looker-oauth-jwt-cwt-status-list.md b/draft-looker-oauth-jwt-cwt-status-list.md
index d1d33f8..be3d315 100644
--- a/draft-looker-oauth-jwt-cwt-status-list.md
+++ b/draft-looker-oauth-jwt-cwt-status-list.md
@@ -342,7 +342,7 @@ A malicious Issuer could bypass the privacy benefits of the herd privacy by gene
 
 ## Verifier tracking {#privacy-verifier}
 
-Once the Verifier gets the Referenced Token, this enables him to request the Status List to validate the status of the Token through the provided "uri" property and look up the corresponding "index". However, the Verifier may persistently store the "uri" and "index" of the Referenced Token to request the Status List again at a later time. By doing so regularly, the Verifier may create a profile of the Referenced Token's validity status. This behaviour may be inteded as a feature, e.g. for a KYC process that requires regular validity checks, but might also be abused in cases where this is not intended and unknown to the Holder, e.g. profiling the suspension of a driving license or checking the employment status of an employee credential. This behaviour could be constrained by adding authorization rules to the Status List, see [](#security-authorization).
+Once the Verifier gets the Referenced Token, this enables him to request the Status List to validate the status of the Token through the provided "uri" property and look up the corresponding "index". However, the Verifier may persistently store the "uri" and "index" of the Referenced Token to request the Status List again at a later time. By doing so regularly, the Verifier may create a profile of the Referenced Token's validity status. This behaviour may be inteded as a feature, e.g. for a KYC process that requires regular validity checks or irrelevant, e.g. for organisations or machines. However, it might also be abused in cases where this is not intended and unknown to the Holder, e.g. profiling the suspension of a driving license or checking the employment status of an employee credential. This behaviour could be constrained by adding authorization rules to the Status List, see [](#security-authorization) or contained through a regular reissuance of the Referenced Token and the corresponding Status List by the Issuer.
 
 ## Correlation Risks and Tracking