Privacy Tips for Businesses: Data Minimisation in Practice
A culture of data minimisation comes with significant business benefits, like risk mitigation, better customer relations, and decreased costs of compliance. But many businesses aren’t accessing these benefits. We’re seeing a trend of longer, more complex privacy policies and disclosures instead of genuine attempts to minimise data collection. This article will outline what data minimisation looks like in practice and how your business can achieve it.
Data Minimisation Meaning: What is the principle of data minimisation?
Data minimisation is the practice of limiting the collection, processing, and storing of personal information to that which is adequate, relevant and necessary to accomplishing the specified purpose. This means you should collect the data that you need to achieve your purpose – no more, no less.
Data Minimisation and the GDPR
The exact meaning of data minimisation – and what practical steps are required – does vary from jurisdiction to jurisdiction. Article 5(1)(c) of Europe’s General Data Protection Regulation (GDPR) requires that personal data collected be “adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed”.
Why is data minimisation important?
The more information you hold about a person, the more identifiable they are – and the greater the risk of exposure in the event of a data breach. By minimising the amount of personal information data your business holds, you minimise risk to your reputation and your legal risk too.
How to implement data minimisation in your business
Start with a culture of data minimisation
Your company should make business decisions with data minimisation in mind. In practice, this requires you to ask a series of questions before you start to collect personal information:
- Why does the business need this data? Answering this question is imperative to collecting and storing data with purpose.
- How will this data be used?
- Can I achieve this same purpose without collecting the data?
- If I can’t, how long does the data need to be stored to achieve the specified purpose?
The earlier in the product development or project cycle these questions are asked, the better.
Bear in mind that data minimisation comes with significant business benefits. You aren’t collecting and storing data without purpose – which can result in an oversupply of data and reduced access to valuable insights. Instead, you’re collecting the data you need and will use.
De-identify the data you hold
If you can achieve what you need to achieve with de-identified data, you should implement processes to do so at the earliest possible stage.
A taxi company in Denmark was fined under the GDPR because it retained customer phone numbers for longer than the specified period. The company had deleted other personal information but retained the phone numbers because it used them as an account identifier. The fine was levied (partially) on the basis that the phone number could easily be substituted with another account number and achieve the same purpose.
If you’ve adopted lazy data management because de-identifying the data you hold is difficult, it’s beneficial to update your processes.
Manage the data you hold
The longer you store data, the less likely it is that the data is accurate. Your company should implement policies and processes to ensure that data is stored only while it is needed and either deleted, reduced, or updated at regular intervals.
In 2017, misconfiguration of a backup of the RedCross DonateBlood website resulted in personal details of 550,000 prospective donors who had made an appointment to donate blood via the website between 2010 and 2016 publicly available. Not only were these details unlikely to be accurate, there was no reason for them to be stored on the website for the length of time that they were. The application of data minimisation principles would have significantly reduced the risk of harm from the disclosure.
Data minimisation was also one of the key issues for the Joint Australian and Canadian Privacy Commissioner investigation into the Ashley Madison breach, which exposed the details of over 36 million users of the site in 2015. Of particular interest to the regulators was Ashley Madison’s retention and use of personal information even after profiles had been deactivated or deleted, as well as its failure to confirm the accuracy of data held before collecting or using it.
Privacy108 Can Help Your Business Implement Data Minimisation Practices
Your business can benefit from reducing the amount of data you hold and creating a culture of data minimisation. Privacy108 will work with you to design and implement programs to uplift your privacy maturity including governance, policies, training and privacy assessments.
We use Privacy by Design Principles when developing your business privacy program:
Privacy by design principles
Want to receive updates like this in your inbox? Subscribe