Data pseudonymization, data anonymization, what’s the difference? In this article we compare the most important benefits that come from applying each data processing technique.
Anonymization and pseudonymization are two terms that have been broadly discussed since the introduction of the General Data Protection Regulation. Nevertheless, the topic still gives rise to a host of doubts and questions among people whose businesses are affected by GDPR.
In case you haven’t had the chance to explore the main differences between those methods, here are some great definitions of the terms:
According to Article 4(5) GDPR:
pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Also, as we can read in Recital 26:
Personal data which have undergone pseudonymisation, which could be attributed to a natural person by the use of additional information should be considered to be information on an identifiable natural person …
In Opinion 05/2014 on Anonymisation Techniques by The Article 29 Working Party, we can read the following about anonymous data:
[…] the data must be stripped of sufficient elements such that the data subject can no longer be identified. More precisely, that data must be processed in such a way that it can no longer be used to identify a natural person by using ‘all the means likely reasonably to be used’ by either the controller or a third party. An important factor is that the processing must be irreversible.
An example of data anonymization using Aggregation/K-Anonymity
In layman’s terms, the main difference is that while pseudonymous data still allows for some form of re-identification, anonymous data can’t be re-identified. That’s why the former is still considered personal data, while the latter isn’t.
However, it’s important to know that the topics of data anonymization and pseudonymization are a lot more complex.
Because now it’s time to show the operational impacts of both methods. As you probably know, applying anonymization or data pseudonymization techniques to your data can bring some considerable benefits and liberate you from certain obligations set out in GDPR.
You’re probably wondering just how it does this. We’ve decided to explain it by presenting a simple comparison where we put data pseudonymization and anonymization up against identified personal data.
Learn how to recognize PII and personal data to stay away from privacy issues.Download your copy
If you’re interested in exactly how anonymization and pseudonymisation can liberate you from certain obligations imposed by GDPR, there’s a very helpful table below that sheds some more light on the matter.
The table covers the 15 most important GDPR obligations and their impact on identified, pseudonymous and anonymous data:
|GDPR obligation||Identified Data||Pseudonymous Data||Anonymous Data|
|Notifying data subject about collecting data||Required||Required||Not required*|
|Obtaining consent||Required||Required||Not required*|
|Ability to exercise right to erasure||Required||Not required**||Not required|
|Ability to exercise right to access||Required||Not required**||Not required|
|Ability to exercise right to data portability||Required||Required***||Not required|
|Ability to exercise right to data rectification||Required||Not required**||Not required|
|Ability to exercise right to object||Required||Not required**||Not required|
|Processing pre-GDPR data||Not allowed||Not allowed||Allowed|
|Presenting basis for cross-border transfer||Required||Required||Not required|
|Protection by design||Not met||Partially met||Partially met|
|Data breach notificatification||Required||Depends on the method****||Not required|
|Data retention limitation||Required||Required||Not required|
|Documentation obligation||Required||Required||Not required|
|Singing a data processing agreement with a vendor||Required||Required||Not required|
|Appling the data minimization principle||Advisable||Advisable||Advisable|
* It’s important to remember that if you want to anonymize new data collected from your website, then you’ll either need to obtain consent to collect personal data (like cookies, IP addresses and device ID) and then apply anonymization techniques, or only collect anonymous data from the start.
** However, to do that, you should demonstrate that due to applying certain pseudonymization techniques you’re not able to identify the data subject.
*** The latest opinion of the Information Commissioner’s Office indicates that pseudonymized data should be included in the scope of portability rules.
**** Only if you’re able to demonstrate to the authorities that identifying a person from the breached data set is nearly impossible.
As you can clearly see from the comparison above, anonymization is definitely one of the best ways to ensure the safety of data you collect. This extra measure of security lets you freely exploit your data collection in ways that wouldn’t be legally permissible when it comes to non-anonymized data.
Data pseudonymization is also a good way to reduce restrictions involved in handling personal data in the age of GDPR. And it’s a bit easier to perform.
However, there are also some considerable benefits of using personal data in its pure (original) form. That’s why you really need to think through the pros and cons of each option before making a final decision.
We’re here to answer all your burning questions about this subject. So if you’d like to learn more about each method or about how Piwik PRO can help you apply them to your data, don’t hesitate to contact us. Our team will be happy to help!