Disclaimer: This blog is made available by NIPO for the purposes of providing general information and a general understanding of GDPR, and should not be considered or used as a substitute for legal advice. NIPO does not accept any responsibility or liability for the accuracy, completeness, legality, or reliability of the information contained on this blog.
Welcome to the third post in our GDPR blog series. In the first post, we gave you an overall high-level look at GDPR. In the second post, we focused on the legal basis on which market researchers can process personal data. In this post, we will focus on pseudonymization and anonymization, specifically how these measures can help you protect individual’s personal data and comply with the GDPR.
Although similar, pseudonymization and anonymization are two distinct techniques that allow data controllers and processors to use data. The difference between the two techniques hinges on whether the individual data subject can be re-identified.
What is pseudonymization?
The concept of pseudonymization is one of the favoured techniques under the GDPR to minimize the amount of personal data that is held.
The GDPR defines pseudonymization as the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information. It further provides that in order for the data to be pseudonymized, the data must be kept separately and subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. This means that the personal identifiers are removed from the data and stored in a separate database, and linkage to a specific individual will not be possible without the additional information that is held separately.
Although this technique detaches the link between the data and the data subject, pseudonymous data is still considered personal data under the GDPR because the detachment can be reversed and therefore, falls within the scope of the GDPR.
The application of pseudonymization to personal data can reduce the risks to data subjects concerned and help controllers and processors to meet their data protection obligations. The benefits of pseudonymization of personal data for controllers under the GDPR include:
- It is used as a safeguard for processing personal data for scientific, historical and statistical purposes.
- It is an important data protection by design feature used to implement the data protection principles such as data minimization.
- Controllers can use pseudonymization to help meet the GDPR’s data security requirements.
What is anonymization?
Anonymization of data means that it irreversibly destroys any way of identifying a data subject.
Data can only be considered anonymous if re-identification is impossible by the entity holding the data. Using anonymization, the resulting data should not be capable of singling any specific individual out, of being linked to other data about an individual, nor of being used to deduce an individual’s identity.
As long as the data is anonymized, it is outside the scope of the GDPR because anonymous data doesn’t include any personal data. Anonymization reduces any risks to data subjects, for example, where there is a data breach because the data cannot be linked to any specific individual.
In principle, organizations can use anonymized data for purposes beyond those for which it was originally collected and it could be used indefinitely as the data is no longer classed as personal data. In addition, once the data has been anonymized, then controllers do not have to respond to data subjects’ requests because they can no longer identify a data subject.
Conclusion
Pseudonymization techniques are different from anonymization techniques, however, they are both measures used to protect personal data and reduces any risks to the data subject. Both pseudonymization and anonymization are encouraged in the GDPR and enable GDPR compliance.