Ask any board of directors how the company manages privacy risks. They will probably mention cybersecurity, staff training, and privacy notices. You might even hear about cookie consent and international data transfers.
What you probably won’t hear much about is ‘data minimisation’ or ‘storage limitation’.
That’s a shame, because the most effective way to reduce your privacy risk level is to minimise the personal data you collect and store. This approach is also required by most privacy laws, including the GDPR (UK and EU) and PIPEDA (Canada).
The principle is straightforward: don’t collect and store personal data unless it’s for a specific and legal purpose.
Why is data minimisation important?
You can’t hurt anyone with personal data you don’t have. Criminals can’t steal it. Employees can’t leak it. Corrupt governments can’t seize it and reuse it for purposes you never dreamed of.
Why don’t more organisations do it?
First, it has never been easier to collect masses of personal data. Cookies and conversion APIs tell you what customers like, what they want, and how to sell it to them.
Second, we live in an era of cheap and practically limitless data storage. Remember the 1.44MB floppy disk? That’s how most computer users stored their data in the 1990s. Today, you can buy a 10 TB hard drive (equivalent to more than 7,000,000 floppies) for about £160.
Third, sorting through and deleting old data can be time-consuming, expensive, and commercially risky. Buying more storage space looks much cheaper (in the short term, anyway).
Keeping personal data “just in case” it becomes useful is illegal.
With so much cheap data storage available, it’s tempting to keep everything in case you need it later. However, storing personal data is against the law unless you have a specific and lawful purpose.
Adopting a data-minimisation mindset can reduce compliance risk while still letting you use the data your business needs. To do this, ask yourself:
– What kind of data is this?
– Who is this data about?
– What are we trying to achieve with this data? Be specific.
– Are these purposes lawful?
– Can we accomplish our goals without using this data?