Data minimisation in action
The world is powered by data and sustained by it. Over 4.1 billion internet users generate about 2.5 quintillion bytes of data each day.
On the other side, businesses are gathering data, relying on its relevance to optimise their performance and better serve their customers. However, with the accumulation of data, there are costs:
- A loss of perceived efficiency of the business
- Greater barriers to purchase
- Heightened data transparency concerns
- Increased exposure to data breaches
Further, 65% of all businesses are unable to analyse or store all the information they possess. So why collect all this data if it ultimately serves no purpose?
The minimalist mindset — take what you need, not how much you can get — offers the greatest value. Let’s take a look at some real-world applications.
1. Hotels
15% of 2018’s data breaches was targeted at the hospitality industry. The personal records accessed included sensitive information such as addresses, passports, payment card details, etc. Given the frequency and scale of these attacks, hotels need to take every effort to safeguard their guests.
Age verification checks are put in place to confirm if an individual can visit or travel, access pools, bars and casinos unattended. Common convention requires them to present their passports or driving licenses; in other words, they have to bear their physical documents at all times.
An identity app is a quicker, safer alternative. Hotels can age-verify guests through a Zero Knowledge Proof, which confirms the prover’s eligibility, without disclosing any personal information. No passports, birth-dates or age proofs need to be seen or stored.
With limited data shared, the hotel is less vulnerable in the event of a breach. Plus, people have a peace of mind they’ve never known before.
2. Discount cards and age-based memberships
Services that offer age-based discounts, like the ones for seniors or students, also have much to gain.
These businesses only need to know if their customers meet or exceed the cut-off age. Ideally, a ‘yes’ or ‘no’ should suffice; they shouldn’t have to provide their date of birth or any other information. The same applies to child and student discounts, and places where membership is a requirement (gyms, recreational facilities, etc.). The mere ‘yea or nay’ response is quicker, less intrusive and puts a company right in-line with data privacy regulations. There’s also the added advantage of ease and efficiency in doing business.
3. Car rental services
Data minimisation delivers flexibility and security for businesses and customers alike. Consider a tourist planning a holiday overseas. They’re looking to book a rental car online, to be able to pick up on arrival. The rental also prefers advance bookings, to manage their supply better. They need to know if the driver holds a valid licence, but for data security purposes, don’t yet want a copy of the document itself.
The ‘Yes or No’ solution provides digital confirmation of their eligibility to drive. The company holds the least amount of personal information when booking new drivers, and customers need not worry about document upload and security.
By determining exactly what it needs, a business can regulate the flow of information and make the best use of it. This approach also reaps long-term benefits — less breach exposure, fewer barriers to purchase, and importantly, an elevated customer experience.
