Data minimization

Global The OECD Privacy Guidelines refer to the data minimization principle as the Collection Limitation Principle (part two, article 7). Europe The data minimization principle is the second of the six fundamental privacy principles set forth in the General Data Protection Regulation and the UK GDPR. The Swiss Federal Law on Federal Act on Data Protection (FADP) includes data minimisation as an aspect of data protection by design and data protection by default. Asia The APEC Privacy Framework includes the data minimization principle, referred to as the Collection Limitation principle, as principle III. North America Canada The Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) includes the principle as Principle 4 - Limiting Collection. United States The American Data Privacy and Protection Act (ADPPA), a United States proposed federal online privacy bill that was not enacted, included data minimisation as a main principle. Since the ADPPA, data minimization has become a highly contested issue in U.S. state privacy legislation, culminating in the Maryland Online Data Privacy Act (MODPA) including ADPPA-inspired data minimization requirements in 2024. The American Privacy Rights Act (APRA), a comprehensive data privacy law proposed in April 2024 in the United States, includes a section on data minimisation. ==References==