Quiz Entry - updated: 2026.06.07
Why is data minimization considered the most effective privacy defense, and what practices implement it?
Because the most effective defense is simply not collecting unnecessary data — less data means less risk — implemented via collection limits, retention policies, access control, and sharing restrictions.
The deepest defense isn't a clever anonymization algorithm — it's not holding the data in the first place. Data you never collected can't be breached, re-identified, or subpoenaed. Four practices:
- Collection limits — gather only data essential for a specific, defined purpose.
- Retention policies — delete data when no longer needed; implement automatic expiration.
- Access control — restrict access to authorized personnel with a legitimate need.
- Sharing restrictions — limit external sharing to essential parties under strict agreements.
These shrink the attack surface before any anonymization is even applied.
Tip: Every field you don't collect and every record you delete on schedule is one fewer quasi-identifier an attacker can ever link. Minimization beats mitigation.