Data pseudonymization

In a nutshell, data pseudonymization is a method used to minimize the chance that personal data and identifiers would enable to identify a person.

Article 4(5) of GDPR states that:

‘pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Benefits of using data pseudonymization:

  • You’re allowed to use it for the different purposes that it was collected for
  • You’re free from processing data subject requests regarding data access, rectification or erasure
  • You prove that you’re following protection by design and data privacy principles

Under GDPR, pseudonymization techniques are not enough to provide full anonymity of the data.

In terms of GDPR we can pseudonymise data like:

  • login details
  • device IDs
  • IP addresses
  • cookies
  • device type
  • language preference
  • time zones

Most popular methods of data pseudonymization:

Scrambling

Encryption

Masking

Tokenization

Data blurring

Data Pseudonymization in Web Analytics: The Ultimate Guide

The Most Important Benefits of Data Pseudonymization and Anonymization Under GDPR