§ 66 HDSIG
Data Protection by Design and by
(1)Default
(2)The controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures designed to implement data protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the legal requirements and protect the rights of the data subjects. He or she shall take into account the state of the art, the cost of implementation and the nature, scope, circumstances and purposes of the processing as well as the varying likelihood and severity of the risks to the rights and freedoms of natural persons posed by the processing. In particular, the processing of personal data and the selection and design of data processing systems shall be guided by the aim of processing as few personal data as possible. Personal data shall be anonymised or pseudonymised at the earliest possible point, insofar as the purpose of the processing so permits.
(3)The controller shall implement appropriate technical and organisational measures to ensure that, by default, only such personal data are processed whose processing is necessary for each specific purpose of the processing. This shall apply to the amount of personal data collected, the extent of their processing, the period of their storage and their accessibility. The measures shall, in particular, ensure that by default personal data are not made accessible to an indefinite number of natural persons without the intervention of a natural person. zur Einzelansicht § 66