Data Minimisation (GDPR Principle)

Ainode Privacy Glossary · Auditor: Tomás Maria Vaz de Noronha

In short. Data minimisation, codified in GDPR Article 5(1)(c), requires that personal data be "adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed." For wearables, this means a fitness tracker should not be uploading device-fingerprint metadata, geolocation, or voice samples if the user only wants step counts. Ainode tests data minimisation as one of the 6 dimensions in our scoring.

What good data minimisation looks like for wearables

A heart-rate tracker that uploads only heart-rate measurements + minimal device-identifier metadata. A smart ring that processes sleep data on-device and uploads only an anonymised aggregate. A pair of AI earbuds that streams audio only during explicit user invocation, not continuously.

What bad data minimisation looks like

A smartwatch that, in addition to fitness metrics, uploads precise GPS history every 5 minutes regardless of whether the user enabled location features. AI glasses that buffer a rolling 30-second audio window and upload it on a hash mismatch. A fitness app that fingerprints every other app on your phone. All of these are observable in PCAP.

How Ainode scores it

In our 6-dimension scoring, "data minimisation" is one axis. We compare the device's actual transmitted data classes (extracted from PCAP) against the minimum required for the documented user-facing features. Excess transmission lowers the score. See /methodology for the scoring rubric.

Related entries