Reviving Purpose Limitation and Data Minimisation in Personalisation, Profiling and Decision-Making Systems
Keywords:GDPR, data minimisation, purpose limitation, computer science, law, profiling, recommender algorithms, personalisation
This paper determines whether the two core data protection principles of data minimi- sation and purpose limitation can be meaningfully implemented in data-driven systems. While contemporary data processing practices appear to stand at odds with these prin- ciples, we demonstrate that systems could technically use much less data than they currently do. This observation is a starting point for our detailed techno-legal analysis uncovering obstacles that stand in the way of meaningful implementation and compliance as well as exemplifying unexpected trade-offs which emerge where data protection law is applied in practice. Our analysis seeks to inform debates about the impact of data protec- tion on the development of artificial intelligence in the European Union, offering practical action points for data controllers, regulators, and researchers.
- 2021-12-07 (2)
- 2021-08-18 (1)
How to Cite
Copyright (c) 2021 Michele Finck, Asia J. Biega
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.