Which principle emphasizes collecting only essential data to minimize exposure?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Discover the 29 Hour JKO Test. Prepare with questions, hints, and explanations. Master your exam with our tools!

Multiple Choice

Which principle emphasizes collecting only essential data to minimize exposure?

Explanation:
Data minimization is the idea that you should collect only what’s strictly necessary for a defined purpose, to reduce the amount of information that could be exposed. When you limit collection to essential data, there’s less data to protect, store, or potentially leak in a breach. This approach makes privacy-by-design practical: you define a specific purpose, determine exactly what data is needed to accomplish it, and avoid gathering anything beyond that. For instance, if you only need to verify that someone is over a certain age, you shouldn’t collect their full birth date or other unrelated details. Data governance sets the rules and responsibilities for managing data overall, ensuring data quality and compliance across the organization, but it isn’t about how much data you collect in a given situation. Data retention deals with how long you keep data, not what you collect in the first place. Data encryption protects data by making it unreadable to unauthorized parties, but it doesn’t address whether you should be collecting particular data in the first place.

Data minimization is the idea that you should collect only what’s strictly necessary for a defined purpose, to reduce the amount of information that could be exposed. When you limit collection to essential data, there’s less data to protect, store, or potentially leak in a breach. This approach makes privacy-by-design practical: you define a specific purpose, determine exactly what data is needed to accomplish it, and avoid gathering anything beyond that. For instance, if you only need to verify that someone is over a certain age, you shouldn’t collect their full birth date or other unrelated details.

Data governance sets the rules and responsibilities for managing data overall, ensuring data quality and compliance across the organization, but it isn’t about how much data you collect in a given situation. Data retention deals with how long you keep data, not what you collect in the first place. Data encryption protects data by making it unreadable to unauthorized parties, but it doesn’t address whether you should be collecting particular data in the first place.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy