Reviving Purpose Limitation and Data Minimisation in Personalisation, Profiling and Decision-Making Systems
DOI:
https://doi.org/10.26116/techreg.2021.004Keywords:
GDPR, data minimisation, purpose limitation, computer science, law, profiling, recommender algorithms, personalisationAbstract
This paper determines whether the two core data protection principles of data minimi- sation and purpose limitation can be meaningfully implemented in data-driven systems. While contemporary data processing practices appear to stand at odds with these prin- ciples, we demonstrate that systems could technically use much less data than they currently do. This observation is a starting point for our detailed techno-legal analysis uncovering obstacles that stand in the way of meaningful implementation and compliance as well as exemplifying unexpected trade-offs which emerge where data protection law is applied in practice. Our analysis seeks to inform debates about the impact of data protec- tion on the development of artificial intelligence in the European Union, offering practical action points for data controllers, regulators, and researchers.
Downloads
Downloads
Published
Versions
- 07-12-2021 (2)
- 18-08-2021 (1)
Issue
Section
License
Copyright (c) 2021 Michele Finck, Asia J. Biega
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Submissions are published under a Creative Commons BY-NC-ND license.’