WCAG 2.2 Security and Privacy guidelines

[Imhiralmehta]

In WCAG 2.2, some new guidelines were added under 'Conformance' section, namely 'Security considerations' https://www.w3.org/TR/WCAG22/#security-summary
and 'Privacy considerations' https://www.w3.org/TR/WCAG22/#privacy-summary
These both are non-normative sections. The particular WCAG of interest here are 1.3.5 Input purpose, 2.2.1 Timing adjustable and 1.1.1 Non-text content.
I would like to have some more details on these, what does those summary under non-normative section means? How does it affect conformance to WCAG 2.2, if an organization is concerned about privacy/security?