Choose Index below for a list of all words and phrases defined in this glossary.
Data minimization - The principle of "data minimization" means that a data controller should limit the collection of personal information to what is directly relevant and necessary to accomplish a specified purpose. They should also retain the data only for as long as is necessary to fulfil that purpose. In other words, data controllers should collect only the personal data they really need, and should keep it only for as long as they need it.
The data minimization principle derives from Article 6.1(b) and (c) of Directive 95/46/EC and Article 4.1(b) and (c) of Regulation EC (No) 45/2001, which provide that personal data must be "collected for specified, explicit and legitimate purposes" and must be "adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed".
[Category=Data Security ]
Source: European Data Protection Supervisor, 27 July 2011 08:55:45, http://www.edps.europa.eu/EDPSWEB/edps/cache/off/EDPS/Dataprotection/Glossary
Data Quality Glossary. A free resource from GRC Data Intelligence. For comments, questions or feedback: dqglossary@grcdi.nl