HOME

TheInfoList



Click Here for Items Related To - Data Minimization
OR:
Data Minimization on:   [Wikipedia]   [Google]   [Amazon]

Data minimization is the principle of collecting, processing and storing only the necessary amount of personal information required for a specific purpose. The principle emanates from the realisation that processing unnecessary data is creating unnecessary risks for the data subject without creating any current benefit or value. The risks of processing personal data vary from identity theft to unreliable inferences resulting in incorrect, wrongful and potentially dangerous decisions. The principle of data minimization is a global, universal principle of data protection, and can thus be found in almost every legal or regulatory text on data protection/privacy.


The data minimization principle in regulatory texts worldwide (selection)

* The data minimization principle is the second of the six fundamental privacy principles set forth in the
General Data Protection Regulation The General Data Protection Regulation (GDPR) is a European Union regulation on data protection and privacy in the EU and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and of human rights law, in partic ...
and the UK GDPR. * The OECD Privacy Guidelines refer to the data minimization principle as the ''Collection Limitation Principle'' (part two, article 7). * The
American Data Privacy and Protection Act The American Data Privacy and Protection Act (ADPPA) was a United States proposed federal online privacy bill that, if enacted into law, would have regulated how organizations keep and use consumer data. The bipartisan, bicameral bill was the f ...
(ADPPA), a United States proposed federal online privacy bill that was not enacted included data minimisation as a main principle. * The APEC Privacy Framework includes the data minimization principle, referred to as the ''Collection Limitation'' principle, as principle III. * The
American Privacy Rights Act The American Privacy Rights Act (APRA) is a comprehensive data privacy law proposed in the United States. It would place limitations on the kinds of data companies can collect about their users, create processes for users to access or remove dat ...
(APRA), a comprehensive data privacy law proposed in April 2024 in the United States, includes a section on data minimisation. * The Canadian
Personal Information Protection and Electronic Documents Act The ''Personal Information Protection and Electronic Documents Act'' (PIPEDA; french: Loi sur la protection des renseignements personnels et les documents électroniques) is a Canadian law relating to data privacy. It governs how private sector ...
(PIPEDA) includes the principle as ''Principle 4 - Limiting Collection''.


References

Internet Data security {{Internet-stub de:Datensparsamkeit