top of page

Practice Data Minimization

data minimization

Even if you’re not a full-blown hoarder, it’s reasonable to assume that you have an attic, or a garage, or even just a junk drawer where all those things that don’t fit anywhere else, but you’re sure you’ll need someday, live. None of us are immune to accumulating ‘stuff’ that can become clutter. It’s a byproduct of consumption—of changing fashions, priorities, bodies, and budgets. But clutter can be a distraction, delay productivity and in some cases be dangerous. It can become a fire hazard, or a health and safety hazard. Think of the box of ‘household items/ misc’ you may have lugged from apartment to apartment and never unpacked. The trappings of life can drag us down emotionally and psychologically and the mere thought of parsing though the mess, organizing and ultimately parting with some of our belongings can be painful and overwhelming.

Data hoarding, too, presents its own set of anxieties and hazards for organizations. Data storage can be expensive. Staff and other resources are needed to ingest, digest, analyze and otherwise make sense of data.  Amassing data indiscriminately can make an organization susceptible to claims they are not processing data with a ‘lawful basis’. The accumulation of data, especially sensitive data and data maintained in unsecure legacy systems, can increase the risk data breaches and other security issues.

For the physical clutter in our lives, there’s a new patron saint of organizing: Marie Kondo, the bestselling author of The Life-changing Magic of Tidying Up, the star of Tidying Up with Marie Kondo, and the creator of the Konmari method—a system for bringing order to chaos and for purging possessions that don’t ‘spark joy.’ Her method has helped countless individuals consume more intentionally, and part with objects that are just taking up space.

In the data privacy world, Konmari has a kindred spirit in the concept of data minimization—not only an important requirement of the EU GDPR, but a principle that can be used to guide strategic decisions around data collection and use. For global companies, data minimization means limiting personal data collection, storage, and usage to data that is relevant, adequate, and necessary for carrying out the purpose for which the data is processed.

In this article, we’ll look at five ways to practice data minimization. Taking inspiration from the Konmari method, organizations can employ a ‘getting to less’ methodology through less data collection, less data use, less data sharing, and less data retention.

Collect Only What You Need

Just like you probably don’t need to collect every ‘collector’s edition’ that comes across a late night home shopping channel, organizations don’t need to collect every morsel of data on every individual customer. To get the most out of data collection—and to minimize risks of breaches, or collecting unverified data—organizations should develop standards around approved data sets tied to specific business purposes.  Anything that falls outside those parameters is just clutter—unneeded data gunking up the wheels and keeping an organization from being as efficient as it can be. Of course, there are exceptions to every rule. If there’s a business case to be made for data processing that falls outside the policies and operational guidance initially set, have a process in place for escalation, review and approval.

And what about big data you might ask – isn’t that diametrically opposed to the concept of data minimization? This will pose some challenges and will require discussions with your policy and data governance teams and data scientists. Big data doesn’t have to equate to mindless data maximization – legal obligations and best practices regarding transparency, notice, security and the scope of personal data required for AI, machine learning, IoT and other analytics programs still apply. In fact, the ICO recently published a post discussing  techniques organizations can use to comply with data minimization requirements in the AI context.

Keep it Clean

It’s amazing the kind of relief that can accompany tidying up the everyday mess of a home.  It can be the difference between having a room you have to hide from guests, to one that inspires creativity and togetherness. In data speak, having accurate, timely and reliable data lead to informed decisions and smart investments or making a huge mistake. Thoughtful data strategy, standardized policies and a mature culture and processes around data quality can help keep data sparking organizational joy in the form of increased efficiency and accurate business intelligence. Not only that, but unverified, outdated or inaccurate data can pose a security risk. Keeping data as clean as possible limits associated privacy and security risks.

Limit Data Sharing

Large organizations don’t just collect ‘stuff’ in the form of data itself. They also collect, so to speak, vendors—third parties who perform specific business functions. Limiting the number of vendors an organization employs, as well as establishing clear and intentional vetting processes, can decrease data clutter, as well as reduce the chance of breaches or improper data handling. The fewer vendors that come into contact with your data, the fewer points of potential failure exist in the data processing chain. Ask yourself this: do you really need three different vendors who provide email marketing, or analytics, or any other service? Take some time to scrutinize your existing vendor relationships. Consider putting a moratorium on engaging of new vendors until you’ve ‘cleaned house.’ When you do let a vendor go, properly offboard them by ensuring that data is no longer shared with or accessible after contract termination.

Change with the Times

Sure, when you were knocking down pins at your Tuesday night bowling match, your set of matching balls and shoes might have been possessions worth keeping. But times have changed. So, too, should organizational data management strategies. Organizations that practice progressive data management are those taking steps to limit data storage and formalizing data retention policies and operational practices. Of course, what data is useful changes over time. As your organization changes, and its priorities, business models and products and services develop, data management should, too. Ensuring your data management processes are agile, flexible and stay up to date makes for cleaner data, and cleaner data makes for better business insights. Changing with the times also means following best practices and industry trends such as considerations of data ethics as well as utility in the processing of data.

Don’t Get Too Attached

We all do it. Whether it’s to our ratty college sweatshirt, treasured books or collection of Pez dispensers, we let ourselves grow attached to things we probably don’t really need. We form sentimental attachment to things and it takes courage and mindfulness to create the piles of what items we should keep, repair, donate to charity, or simply throw away. The initial purge may be painful, but we can create a regimen that becomes a healthy habit over time.

So, too, with data.  Some of us are actually  more attached to certain kinds of data than we are to some physical artifacts. But more data doesn’t necessarily mean better data. And data loses value quickly. When data no longer serves a purpose, keeping it is just a liability. It’s the fire hazard in our attic—that pile old newspapers that is doing us no  good, but could become a huge problem if it lights. When data is no longer relevant, accurate or necessary, follow your data governance framework and data retention policy and pseudonymize, de-identify or delete it.

At the end of the day, data minimization is a good thing for  consumers. But it’s also a potential boon to organizations in the form of developing mature and successful privacy compliance and data governance programs. If those things don’t spark joy in the boardroom, what will?

6 views0 comments


bottom of page