The directly related problem with the current standard is that it's too soft and is capable of multiple interpretations. The desire to move to a necessity standard is to try to bring to bear more firmly the concept of data minimization, which is an important data protection principle because it requires a reduction of the amount of information that is collected in the first place. The focus really should be on whether this information is necessary for this program or service. If it's not necessary, then it shouldn't be collected.
Obviously, with any word, there's going to be wiggle room and room for interpretation and room for arguments: “Well, this is actually necessary. because what we're doing requires....” I think this is part of the problem in the big data environment: we start to say that what we're trying to do is collect enough information so that we can do these other analytics or other profiling, which will enable us to do these other things, and therefore it becomes necessary.
I think there are risks with any vocabulary that is used. The goal here is to try to minimize data collection. In combination with other measures being recommended, such as privacy impact assessments and so on, it may be that there are ways in which more supervision can be imposed.