Reviving Purpose Limitation and Data Minimisation in Data-Driven Systems
This paper determines whether the two core data protection principles of data minimi- sation and purpose limitation can be meaningfully implemented in data-driven systems. While contemporary data processing practices appear to stand at odds with these prin- ciples, we demonstrate that systems could technically use much less data than they currently do. This observation is a starting point for our detailed techno-legal analysis uncovering obstacles that stand in the way of meaningful implementation and compliance as well as exemplifying unexpected trade-offs which emerge where data protection law is applied in practice. Our analysis seeks to inform debates about the impact of data protec- tion on the development of artificial intelligence in the European Union, offering practical action points for data controllers, regulators, and researchers.
Copyright (c) 2021 Michele Finck, Asia J. Biega
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Technology and Regulation (TechReg) is an open access journal which means that all content is freely available without charge to the user or his or her institution. Users are permitted to read, download, copy, distribute, print, search, or link to the full texts of the articles, or to use them for any other lawful purpose, without asking prior permission from the publisher or the author. Submissions are published under a Creative Commons BY-NC-ND license.