What does “accuracy” mean under EU Data Protection law?

High jumper Metcalfe, Empire Games in Sydney for Sesquicentenary, 1938, by Sam Hood — State Library of New South Wales

There are seven basic data protection principles under EU data protection law. The principles lie at the heart of the law and, although they don’t give hard and fast rules, they embody the spirit of the regulatory framework. Therefore, compliance with the principles is a fundamental building block to any good data protection practice. The seven principles are:

1. Lawfulness, fairness and transparency
2. Purpose limitation
3. Data minimization
4. Accuracy
5. Storage limitation
6. Integrity and confidentiality (security)
7. Accountability

The fourth principle is the principle of “accuracy” (GDPR Article 5 (1) (d)).

Article 5 of GDPR

Personal data shall be:

(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);