12 Minimization

Minimization is the act of ensuring that the data being gathered is only what is needed for the purpose intended and what the subject consented to, without gathering any unnecessary additional information.

Article 5 of the GDPR, Principles relating to the processing of personal data, states in Item 1 the following: “Personal data shall be: (c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimization’).”

Figure 12.1: The fields we don’t require are redacted

In this chapter, we’re going to look at the privacy regulations that should be observed with regard ...

Get Threat Modeling Gameplay with EoP now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Threat Modeling Gameplay with EoP by Brett Crawley

12

Minimization

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly