Ethyca Team
June 17, 2020Data Minimization
Data Minimization is a privacy concept that’s written into GDPR and is a best-practice for privacy-conscious businesses worldwide. It holds that businesses should collect and process only the bare minimum amount of data needed to accomplish a goal.
Data Minimization is a privacy concept that’s written into GDPR and is a best-practice for privacy-conscious businesses worldwide.
It holds that businesses should collect and process only the bare minimum amount of data needed to accomplish a goal.
That means you should:
- Collect only the data you need
- Store it for only the amount of time you need it
- Give data access to only the people who need it for a business task
Seems straightforward, right? In practice, data minimization is a pretty radical change for a lot of businesses. It forces them to take a “ready, aim, fire” approach to the data they use instead of the scatter gun approach that was common before digital privacy became a concern.
Data Minimzation’s Impact On Business Practices
In particular, adhering to a principle of data minimization forces businesses to get serious about Data Entitlements within their organization. Sharing data internally becomes a closely controlled process. Questions like, “Could you put that list of email addresses on this flash drive?” or “Could I get your login for the CRM?” can no longer be answered with a yes — in fact, they can no longer be asked.
In Europe, there have been GDPR fines specifically for “non-adherence to the principles of data minimization.” While there aren’t similar penalties under the CCPA or other US privacy laws, it remains an excellent business practice to ensure that a business’s data operation is lean, efficient, and low-risk.
Recently, Ethyca CEO was in conversation with the Regional Head of BCG Venture, Paul Hunyor, at the World Economic forum in Davos Switzerland. Their conversation touched on challenges posed by Data Minimization and other privacy best practices. You can listen below:
Announcing faster, better privacy support@ethyca.com
Read MoreToday we’re announcing faster and more powerful Data Privacy and AI Governance support
Fides 2.28 Release: user experience enhancements
Read MoreSee new feature releases enhancing user experience, adding new integrations and support for IAB GPP
Fides 2.27 Release: customer privacy experience enhancements
Read MoreLearn more about the privacy and data governance enhancements in Fides 2.27 here.
Fideslang: an open ontology for data privacy and AI governance
Read MoreRead Ethyca’s CEO Cillian Kieran describe why and how an open data governance ontology enables companies to comply with data privacy regulations and frameworks.
Webinar Recap: Unpacking Privacy Engineering for Lawyers
Read MoreEthyca sponsored the Unpacking Privacy Engineering for Lawyers webinar for the Interactive Advertising Bureau (IAB) on December 14, 2023. Our CEO Cillian Kieran moderated the event and ran a practical discussion about how lawyers and engineers can work together to solve the technical challenges of privacy compliance. Read a summary of the webinar here.
LinkedIn Live Recap: Unpacking the European AI Act for Governance & Data Teams
Read MoreEthyca’s CEO Cillian Kieran hosted a LinkedIn Live about the newly agreed upon EU AI Act. Read a summary of his talk and find a link to his slides on what governance, data, and engineering teams need to do to comply with the AI Act’s technical risk assessment and data governance requirements.
Ready to get started?
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!
Request a Demo