Skip to content

Purpose Limitation in the Time of Data Power: Is There a Way Forward?

Isabel Hahn


The last decades have brought with them a paradigm shift in the approach to the collection and use of personal data in the digital environment. We have moved from the specific and limited collection and use of data, to its widespread and extensive assembling and repurposing. The key beneficiaries of this repurposing have been companies with “Data Power”: technology giants who occupy dominant positions in the digital ecosystem and possess the power to control data flows. This paper explores the juxtaposition between the omnipresent and widespread data collection and processing practices of Data Power companies, and the purported safeguarding of the individual from such practices by the General Data Protection Regulation’s “Purpose Limitation” principle. Labelled a cornerstone of data protection law, the Purpose Limitation principle seeks to ensure that personal data is only collected and processed for a specific purpose and not further processed in a way that is incompatible with that purpose. This piece offers a closer analysis of the Purpose Limitation principle in the context of the data collection and processing practices by Data Power companies to answer the question of whether it is still fit for purpose. It concludes with the argument that the Purpose Limitation principle can, if more strictly enforced, help to safeguard the individual’s right to the protection of personal data and in doing so tackle some of the data protection challenges posed by Data Power companies.
Keywords: Data Power | Purpose Limitation | Data Collection | Personal Data

Isabel Hahn, London School of Economics and Political Science Department of Law Alumna. For Correspondence: <>


Lx-Number Search

(e.g. A | 000123 | 01)

Export Citation