From Data Minimization to Data Minimummization - Discrimination and Privacy in the Information Society

Database Reference

In-Depth Information

rules and profiles are not obtained from analysing sensitive data, they may still

have a violating effect in terms of privacy and discrimination. Thus, it would be

useful to incorporate background knowledge about the context in which rules and

profiles are applied to assess whether such problems or dangers exist. 45 Again, to

avoid privacy or discrimination problems, a larger set of data regarding the con-

text in which rules, patterns and profiles are applied is needed rather than a small

or a minimal set.

15.7 Data Mini mum mization

The loss of contextuality in data mining and profiling leads to privacy and discrim-

ination problems. Implementing the data minimization principle often leads to a

further loss of context. A contrary principle might offer a more satisfactory ap-

proach. Not minimizing the amount of data gathered, stored and used, but requiring

a certain minimum set of (meta)data to be gathered, stored and used when applying

the results. In short, the shift from data minimization to data mini mum mization.

There are already several legal provisions that safeguard the correct interpreta-

tion of data and their context, among others to be found in the Data Protection Di-

rective. These may provide useful building blocks for the data mini mum mization

principle. The existing safeguards can be summarized as the principles of quality,

both of the data themselves, the processing of the data and in the use of the data.

These may come in tension with the data minimization principles from the same di-

rective, since the principles of quality may often require additional information, not

strictly necessary for the satisfaction of the specific purpose for data processing.

Firstly, the Data Protection Directive spells out that the data must be kept accu-

rately and, where necessary, kept up to date; every reasonable step must be taken

to ensure that data which are inaccurate or incomplete, having regard to the pur-

poses for which they were collected or for which they are further processed, are

erased or rectified. 46 As data regarding the context of information may be vital for

correct interpretations, the first data quality principle may require the collection of

such data in the database.

Secondly, the data and the context in which they play a role must be regularly

updated, so that a change in facts, their significance and their context will be in-

corporated in the database. This relates to the second phase in the process of

knowledge discovery in databases, as distinguished in section two of this chapter.

Thirdly, the Data Protection Directive spells out that data should be collected

for specified, explicit and legitimate purposes and not further processed in a way

incompatible with those purposes. 47 This rule entails two separate duties. The pur-

pose for processing data must be explicit and specified. For example, the purpose

'commercial interest' will be insufficiently specific. Secondly, further processing,

which means the use of data already gathered by the data controller or by a third

party for another purpose then the original one, is prohibited when the purpose for

45 Ruggieri, Pedreschi & Turini (2010).

46 Article 6.1(d) DPD. Also see article 12 (b) DPD.

47 Article 6.1(b) DPD.

Discrimination and Privacy in the Information Society

Search WWH ::

Custom Search

Home