The following provides examples of technical or organizational measures in support of data minimization. It is not intended to be complete but rather to render the principle more concrete:
- Know what data are necessary for the purposes: Knowing which data is actually necessary is only possible with a precise and narrow definition of the purposes. To work out what is really needed is a measure in support of data minimization that is typically implemented during the conception or design phase of a processing activity.
- Collect only necessary data: During the design phase and the selection, implementation, and/or configuration of software, data acquisition, for example through input forms or dialogs, shall be designed such as to collect only the necessary data at the necessary level of detail.
- Delete data and reduce information content between phases of processing[1]: Plan and implement the functionality to delete unnecessary data at the end of processing phases or otherwise reduce their information content.
- Protect against exceeding the maximal storage period: As a second line of defense, define a maximal storage period[2] and implement a procedure that alerts you about the presence of data that has exceeded this period. This measure protects against failures of deletion, for example those caused by a software bug that manifests in certain cases, a system crash during the deletion operation, or the restauration of data from a backup after a system crash although the data was previously already deleted.
References
1Note that this statement is relative to the overall data held by the controller. It is also assumed here that data are collected only once from/about data subjects and that no later data collection (e.g., as the need arises) takes place. The statement does not exclude that different phases or processing steps use only a subset of the overall data. ↑
2Note this could be directly “the period for which the personal data will be stored” according to Art. 13(2)(a) or if the storage period depends on criteria, the maximal time when it can be expected that these conditions must have been met. ↑