Ethyca Team
June 17, 2020Data Minimization
Data Minimization is a privacy concept that’s written into GDPR and is a best-practice for privacy-conscious businesses worldwide. It holds that businesses should collect and process only the bare minimum amount of data needed to accomplish a goal.
Data Minimization is a privacy concept that’s written into GDPR and is a best-practice for privacy-conscious businesses worldwide.
It holds that businesses should collect and process only the bare minimum amount of data needed to accomplish a goal.
That means you should:
- Collect only the data you need
- Store it for only the amount of time you need it
- Give data access to only the people who need it for a business task
Seems straightforward, right? In practice, data minimization is a pretty radical change for a lot of businesses. It forces them to take a “ready, aim, fire” approach to the data they use instead of the scatter gun approach that was common before digital privacy became a concern.
Data Minimzation’s Impact On Business Practices
In particular, adhering to a principle of data minimization forces businesses to get serious about Data Entitlements within their organization. Sharing data internally becomes a closely controlled process. Questions like, “Could you put that list of email addresses on this flash drive?” or “Could I get your login for the CRM?” can no longer be answered with a yes — in fact, they can no longer be asked.
In Europe, there have been GDPR fines specifically for “non-adherence to the principles of data minimization.” While there aren’t similar penalties under the CCPA or other US privacy laws, it remains an excellent business practice to ensure that a business’s data operation is lean, efficient, and low-risk.
Recently, Ethyca CEO was in conversation with the Regional Head of BCG Venture, Paul Hunyor, at the World Economic forum in Davos Switzerland. Their conversation touched on challenges posed by Data Minimization and other privacy best practices. You can listen below:
One Company, One Data Language: The Foundation of Trustworthy AI Innovation
Read MoreTrustworthy AI starts with speaking the same data language across the organization.
Navigating the New Federal AI Landscape: Implications for Businesses and the Role of Trust
Read MoreAligning enterprise strategy with the next era of federal AI oversight.
Europe’s €200 Billion AI Bet: What It Means for Global Privacy and Trust
Read MoreRedefining global trust through strategic AI investment at scale.
Measuring the Success of AI Initiatives: Highlights from Consero’s Chief Data & AI Officer Executive Summit
Read MoreHighlights from Consero’s Chief Data & AI Officer Executive Summit
GRC Complications for 23andMe
Read MoreThe profound implications of 23AndMe’s bankruptcy.
A Technical Foundation for Trust: Solving the Toughest Problems in Data Privacy
Read MoreEthyca announces fundraise, doubles annual revenue with new enterprise clients, and reveals new brand.
Ready to get started?
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!
Speak with UsSign up to our Newsletter
Stay informed with the latest in privacy compliance. Get expert insights, updates on evolving regulations, and tips on automating data protection with Ethyca’s trusted solutions.
