# Data minimization

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Data_minimization
> Markdown URL: https://mediated.wiki/source/Data_minimization.md
> Source: https://en.wikipedia.org/wiki/Data_minimization
> Source revision: 1346919577
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

Processing only necessary personal information

**Data minimization** is the principle of collecting, processing and storing only the necessary amount of [personal information](/source/Personal_information) required for a specific purpose. The principle emanates from the realisation that processing unnecessary data is creating unnecessary risks for the data subject without creating any current benefit or value. The risks of processing personal data vary from [identity theft](/source/Identity_theft) to unreliable inferences resulting in incorrect, wrongful and potentially dangerous decisions.

The principle of data minimization is a global, universal principle of data protection, and can thus be found in almost every legal or regulatory text on data protection/privacy.

## Principle in regulatory texts

### Global

The [OECD](/source/OECD) Privacy Guidelines[1] refer to the data minimization principle as the *Collection Limitation Principle* (part two, article 7).

### Europe

The data minimization principle is the second of the six fundamental privacy principles set forth in the [General Data Protection Regulation](/source/General_Data_Protection_Regulation)[2] and the [UK GDPR](/source/General_Data_Protection_Regulation#United_Kingdom_implementation).[3]

The Swiss *Federal Law on Federal Act on Data Protection* (FADP) includes data minimisation as an aspect of data protection by design and data protection by default.[4]

### Asia

The [APEC](/source/APEC) Privacy Framework includes the data minimization principle, referred to as the *Collection Limitation* principle, as principle III.[5]

### North America

#### Canada

The Canadian [Personal Information Protection and Electronic Documents Act](/source/Personal_Information_Protection_and_Electronic_Documents_Act) (PIPEDA) includes the principle as *Principle 4 - Limiting Collection*.[6][7]

#### United States

The [American Data Privacy and Protection Act](/source/American_Data_Privacy_and_Protection_Act) (ADPPA), a United States proposed federal online privacy bill that was not enacted, included data minimisation as a main principle.[8] Since the ADPPA, data minimization has become a highly contested issue in U.S. state privacy legislation, culminating in the [Maryland Online Data Privacy Act](https://en.wikipedia.org/w/index.php?title=Maryland_Online_Data_Privacy_Act&action=edit&redlink=1) (MODPA) including ADPPA-inspired data minimization requirements in 2024.[9]

The [American Privacy Rights Act](/source/American_Privacy_Rights_Act) (APRA), a comprehensive data privacy law proposed in April 2024 in the United States, includes a section on data minimisation.[10]

## References

1. **[^](#cite_ref-1)** ["OECD Privacy Guidelines"](https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0188).

1. **[^](#cite_ref-2)** [Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679)

1. **[^](#cite_ref-3)** ["Principle (c): Data Minimisation"](https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/data-protection-principles/a-guide-to-the-data-protection-principles/the-principles/data-minimisation/). *ico.org.uk*. 19 May 2023.

1. **[^](#cite_ref-4)** ["Federal Act on Data Protection (FADP)"](https://www.fedlex.admin.ch/eli/cc/2022/491/en). *Fedlex*. Retrieved 22 February 2026.

1. **[^](#cite_ref-5)** ["APEC Privacy Framework (2015)"](https://www.apec.org/Publications/2017/08/APEC-Privacy-Framework-(2015)).

1. **[^](#cite_ref-6)** ["Personal Information Protection and Electronic Documents Act"](https://www.canlii.org/en/ca/laws/stat/sc-2000-c-5/159208/sc-2000-c-5.html).

1. **[^](#cite_ref-7)** ["PIPEDA fair information principles"](https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/p_principle/).

1. **[^](#cite_ref-JDSupra_breakdown_8-0)** Dumiak, Matt (June 24, 2022). ["Federal Privacy Bill: Breaking Down the ADPPA"](https://web.archive.org/web/20220625161839/https://www.jdsupra.com/legalnews/federal-privacy-bill-breaking-down-the-9181745/). *JD Supra*. Archived from [the original](https://www.jdsupra.com/legalnews/federal-privacy-bill-breaking-down-the-9181745/) on June 25, 2022. Retrieved July 30, 2022.

1. **[^](#cite_ref-9)** Francis, Jordan (June 5, 2025). ["Data Minimization's Substantive Turn: Key Questions & Operational Challenges Posed by New State Privacy Legislation"](https://papers.ssrn.com/abstract_id=5309096). *Future of Privacy Forum*. Retrieved July 11, 2025.

1. **[^](#cite_ref-10)** ["American Privacy Rights Act Section-by-Section Summary by the United States Senate Committee on Commerce, Science, & Transportation"](https://www.commerce.senate.gov/services/files/E7D2864C-64C3-49D3-BC1E-6AB41DE863F5).

v t e Data Information, data, and value Information Meta Type Structure Ecosystem Library Infrastructure Value Data categories and semantic structure Data categories Master data Master data management Reference data Transaction data Analytical data Metadata Code tables Controlled vocabulary Crosswalks Hierarchies Observation data Dark data Trade and market data Data management and governance Management Governance Cooperatives Ethics Stewardship Lineage Curation Localization Preservation Retention Publishing Open data Master data management Reference data Data quality, trust, and protection Quality Information quality Validation Cleansing Scrubbing Integrity Protection (privacy) Security Anonymization De-identification Re-identification Minimization Erasure Remanence Corruption Degradation Loss Recovery Quality dimensions Accuracy Completeness Consistency Timeliness Validity Uniqueness Integrity Conformity Relevance Data engineering and movement Engineering Integration Storage ETL/ELT Extract Transform Load Migration Synchronization Compression Fusion Format management Data preparation and operations Acquisition Augmentation Collection Annotation Editing Deduplication Pre-processing Preparation Processing Reduction Redundancy Wrangling/munging Scraping Rescue Analysis, science, and interpretation Big Analysis Exploration Mining Science Topological data analysis Warehouse Business intelligence Data economy and exchange Data economy Sharing Open data Philanthropy Data as a service Data broker Responsible reuse Exchange, use, and public context Exhaust Farming Archaeology Distributed data, domains, and digital twins Data mesh Data product Data domains Data categories Data digital twins Digital thread Operational twins Analytical twins Vendors and actors Data vendors Data technology vendors Data service providers Data brokers Chief data officers Information professionals Collibra Informatica IBM SAP Oracle SAS Qlik Experian Alation Ataccama Precisely Nextqore Category

This Internet-related article is a stub. You can help Wikipedia by adding missing information.

- [v](https://en.wikipedia.org/wiki/Template:Internet-stub)
- [t](/source/Template_talk%3AInternet-stub)
- [e](https://en.wikipedia.org/wiki/Special:EditPage/Template:Internet-stub)

---
Adapted from the Wikipedia article [Data minimization](https://en.wikipedia.org/wiki/Data_minimization) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Data_minimization?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.
