Against the backdrop of the history of the purpose limitation principle in privacy and data protection discourse and law I examine and reevaluate this principle as an artifact of a specific operationalization of privacy and data protection in the law. The term artifact on the one hand refers to something human-made, on the other hand it denotes an – often disturbing – phenomenon that occurs as a result of something like the choice of the method of measurement in social research or the algorithm used in lossy image compression. Here both readings should be merged: I will show that the purpose limitation principle is a secondary product of previous operationalization decisions as well as explicitly human-made.
The historical operationalization decisions I survey include the informed consent principle first formulated by Ruebhausen and Brim in 1965, the „phase orientation“ of German data protection law developed by Steinmüller and his colleagues in 1971 and the specific design of controllability of information processing and decision making examined by Hoffmann in 1991.
I also show that the purpose limitation principle is – contrary to popular opinion – not outdated. From the very beginning, this principle has been consciously created as a normative, but counterfactual response of the law to modern data and information processing capabilities, which are fundamentally purposeless.