What does the term 'data spillover' refer to in privacy risks?

The term 'data spillover' primarily refers to data collected on individuals who were not the intended targets for that data collection. This concept highlights how information about people who did not consent to the data collection may inadvertently be included in data sets, leading to privacy risks. For example, in a scenario where data is collected about customers in a retail space, there might be incidental capture of data related to bystanders who were not part of the study or analysis. This raises significant privacy concerns as these individuals may not have agreed to their data being collected or used, leading to ethical and legal implications.

This understanding of spillover underscores the importance of implementing stringent data governance practices to ensure that data collection processes are transparent and respect the privacy rights of all individuals, whether they were the intended subjects or not.