Quote

"The General Assembly (...) 7. Calls upon business enterprises: (...) (c) To implement administrative, technical and physical safeguards to ensure that data are processed lawfully and to ensure that such processing is limited to what is necessary in relation to the purposes of the processing and that the legitimacy of such purposes, as well as the accuracy, integrity and confidentiality of the processing, is ensured."

Document

UNGA: Resolution 73/179 on the Right to Privacy in the Digital Age, para. 7.c

Download Document

Resolution 73/179 on the Right to Privacy in the Digital Age

Summaries

Personal data should only be collected for specified and legitimate purposes.
Collection of personal data should be minimized, relevant, and limited to purposes pursued.
Personal data controllers should ensure data accuracy and protect personal data from unauthorized disclosure, loss, modification, or other misuses.