← Back to glossary
Glossary

Data Minimisation

Reviewed 9 April 2026 Canonical definition

Data minimisation is the principle that an AI agent should access and process only the minimum data necessary to complete its task. It is a core requirement under GDPR and a key defence against both accidental data leakage and deliberate misuse. In agent governance, minimisation is enforced through scoped credentials, fine-grained access policies, and output filtering.

Related articles

Security MAESTRO Framework: Threat Modeling for AI Agents Compliance Data Retention for AI Agents in Regulated Industries Guides How to Build Custom Consent Screens for AI Agents Handling Sensitive Data

Related terms

Data Exfiltration (Agent)Data GovernanceData LineageData Minimisation (AI)Data PoisoningData Protection Officer (DPO)