Privacy Req 1
<< Back to Baseline Functional Requirements Index
PRIVACY-1. DATA MINIMIZATION
Entities MUST limit the collection, use, transmission and storage of personal information to the minimum necessary to fulfill that transaction’s purpose and related legal requirements. Entities providing claims or attributes MUST NOT provide any more personal information than what is requested. Where feasible, IDENTITY-PROVIDERS MUST provide technical mechanisms to accommodate information requests of variable granularity, to support data minimization.
Regarding "personal information," see Appendix A.
This Requirement is intended to apply to each transaction or data exchange in which personal information is collected, generated, used, transmitted or stored. Groups of related transactions may share a common purpose and legal requirements; but each data exchange is subject to the minimization mandate. [Entities are encouraged to address this issue by design, before run time, by limiting or applying controls or filters to classes of data.]
The boundaries of a TRANSACTION between a service provider and a user are defined by the purpose of the collection, generation, use, transmission, or storage of their personal information. See PRIVACY-2 (PURPOSE LIMITATION).
See also Privacy Req 1 Supplemental Guidance.
Further reference materials to aid organizations interested in conforming to these Requirements can be found at the wiki page Supplemental Privacy Guidance; this has been archived at https://workspace.idesg.org/kws/public/download.php/56/Supplemental-Privacy-Guidance.docx