as being a standard approach to info privacy safety, why isn’t it more than enough to go data minimization and purpose limitation regulations that say companies can only Assemble the info they have to have for any minimal purpose? information researchers and engineers at organizations, and In particular People belonging to controlled industrie