Over the last 20 years, access to cheap computational capacity has increasingly led to the harvesting of more and more personal data, without having to worry too much about costs related to data storage and processing activities.
For this very reason (and all too often), data sets are offhandedly replicated, databases are left unmanaged, and the same data is re-collected multiple times. Such practices create potential data protection compliance problems (for example, with respect to the principles of data minimization, accuracy, and storage limitation) and cybersecurity risks (by increasing the attack perimeter and decreasing security in unmanaged applications). But that’s not the end of the story! In fact, it must be understood that such practices also contribute to the climate crisis.
Socially responsible behavior within the ESG domain entails that companies should reduce energy consumption, and therefore CO2 emissions along the value chain.
With this in mind, companies should:
1) Pay careful attention and only collect and, more generally, process, the minimum amount of data required to pursue business goals – data minimization;
2) Make sure that data are kept up to date and old/inaccurate data are properly deleted – data quality / accuracy;
3) Enforce appropriate and effective data retention rules across all systems, so to regularly delete data that are not necessary anymore – storage limitation;
4) Improve their data-driven businesses (by creating lean, performing, and high-quality datasets).
An approach that takes the above into consideration will both help to potentially mitigate cybersecurity risks and actively contribute to reducing energy consumption and carbon emissions along the value chain, taking an active and socially responsible role in the fight against major concerns of our era: climate change and global warming.