Reviving Purpose Limitation and Data Minimisation in Personalisation, Profiling and Decision-Making Systems
Keywords:GDPR, data minimisation, purpose limitation, computer science, law, profiling, recommender algorithms, personalisation
This paper determines whether the two core data protection principles of data minimi- sation and purpose limitation can be meaningfully implemented in data-driven systems. While contemporary data processing practices appear to stand at odds with these prin- ciples, we demonstrate that systems could technically use much less data than they currently do. This observation is a starting point for our detailed techno-legal analysis uncovering obstacles that stand in the way of meaningful implementation and compliance as well as exemplifying unexpected trade-offs which emerge where data protection law is applied in practice. Our analysis seeks to inform debates about the impact of data protec- tion on the development of artificial intelligence in the European Union, offering practical action points for data controllers, regulators, and researchers.
How to Cite
Copyright (c) 2021 Michele Finck, Asia J. Biega
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.