Published online by Cambridge University Press: 25 May 2021
Introduction – In Part II, it was described how, despite an upcoming postprivacy movement, the European Union opted for a robust data protection framework. Inherently the choice for a robust, overarching and technologyneutral General Data Protection Regulation, held the choice for limitations on the use of personal data, even when measures to avoid identification or re-identification are taken. Data protection law establishes boundaries for personal data processing based on a set of fundamental ‘back-bone’ principles. The data minimisation principle is one of those back-bone principles.
The principle includes the obligation for data controllers to limit the processing of personal data to data that are “adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed”. The data minimisation principle includes the obligation for data controllers to refrain from the processing of personal data when there is no need for identification of the data subject, and to anonymise data when identification is no longer needed. In combination with the other fundamental principles, such as the purpose limitation principle (discussed in the next chapter), and the lawfulness principle (discussed in the previous chapter), the data minimisation principle aims to balance individual, societal and economic interests. While the previous chapter focussed on empowerment through choice, data minimisation and purpose limitation create patient empowerment through obligations for others.
Anonymisation techniques – Several methods are being used to impede the joining of different datasets. Fundamentally, these methods make a distinction between identifying, quasi-identifying and non-identifying attributes. Data that enable the direct identification of individuals are ‘identifying attributes’ (such as name and social security number). ‘Quasi-identifying attributes’ are data which are in itself not directly identifying, but which allow to single out individuals when unique in their combination (such as postal code, date of birth, gender, and other demographics). It should be noted that the application of anonymisation techniques would qualify, in itself, as a processing operation, since it implies the collection of personal data by a data controller or another party.
To save this book to your Kindle, first ensure [email protected] is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.
Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.
Find out more about the Kindle Personal Document Service.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.