In the General Data Protection Regulation (GDPR), the term "Pseudonymization" was defined for the first time in EU law and named as a specific protective measure. Despite the legal definition, there have been uncertainties in the past regarding implementation in practice. For this reason, on January 16, the European Data Protection Board (EDPB) adopted new Guidelines to the Pseudonymization which are intended to provide more clarity.
Pseudonymization in accordance with Art. 4 para. 5 GDPR
According to Art. 4 para. 5 GDPR means Pseudonymization "the Processing personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information."
It is a measure that minimizes the risks for affected persons and help controllers and processors to comply with their data protection obligations.
The EDPB guidelines are now intended to help data controllers meet their data protection obligations through technology design, data protection-friendly default settings and security.
Goals and advantages of pseudonymization
Pseudonymization reduces data protection risks such as unauthorized access or misuse and at the same time supports analyses without enabling the direct identifiability of the persons concerned.
It serves to minimize confidentiality risks, comply with the purpose limitation principle and increase Transparency and security.
However, pseudonymized data remains personal if additional information enables an assignment. In this regard, the EDPB writes in its Guidelines"Pseudonymized data that can be assigned to a natural person through the use of additional information is to be regarded as information about an identifiable natural person and is therefore personal." This also applies if pseudonymized data and additional information are not held by the same person.
At the same time, the EDPB emphasizes that the GDPR No general obligation to Pseudonymization provide for. Rather, it is the responsibility of the Processing The data controller has the right to decide on the choice of means to fulfill its obligations, taking into account the principle of accountability.
Reading tip: Anonymization of personal data - a practical guide
Measures for effective pseudonymization
To ensure effective Pseudonymization three measures must be taken according to the EDSA:
- Data modification, e.g. by removing identifiers: To do this, the data must be changed or converted.
- System Access ControlAdditional information that allows personal data to be assigned to a specific data subject must be stored separately. This can be done using a pseudonymization key. This must be done separately from the persons who are to be prevented from such an assignment.
- They are Technical and organizational measures measures must be taken to ensure that the personal data cannot be attributed to an identified or identifiable natural person. In particular, unauthorized use of the data must be prevented. To this end, it is advisable to set up a pseudonymization area that defines the framework conditions for data processing.
The Pseudonymization is a flexible tool to promote data protection and enables data processors to comply with legal requirements, minimize risks and at the same time maintain the analytical capability of the data. However, its effectiveness depends to a large extent on careful implementation and analysis of the processing context.
The EDSA provides in the new Guidelines detailed recommendations for implementation based on specific practical examples. The Guidelines will be open to the public until February 28. Consultation in order to give interest groups the opportunity to comment and to take account of current developments in case law.
Source: Guidelines of the European Data Protection Board on pseudonymization
Find out how Ailance can help you to automatically anonymize and pseudonymize personal data. We are happy to advise you! Simply get in touch with us:
Phone: +1 (954) 852-1633
Mail: info@2b-advice.com
German 
English 
Italian 
French