Data Exploitation Principle #2

Principle or Recommendation

Systems should be designed to minimise data generation, processing, and access.

Data minimisation is the most effective way to build more secure and privacy respecting systems. From the perspective of the individual, it also decreases the risk that data will be used in ways that is different from what an individual expects. Fewer sensors generating data and less connectivity opening channels for sharing means reduced attack surfaces. Less data generation and processing means less data that can be misused or breached. Data minimisation is not antithetical to innovation. It ensures trust in and helps to build systems that are easier to protect from malicious attackers and which match the understanding and expectations of the individual.