I. ANONYMISATION AND PSEUDONYMISATION
1. Concepts
1. Many amendments have been proposed to define anonymisation and pseudonymisation, and to provide for special rules regarding data treated in this way. While carefully considered measures may create incentives to increase the use of these techniques with the aim of improving data protection, too broad exemptions could lead to eroding the long-established concept of personal data as defined in Directive 95/46/EC. In the EDPS’ view, it should be ensured that amendments regarding the definition of anonymous data and pseudonymous data are fully consistent with the definition of personal data and that they do not lead to unduly removing certain categories of data from the scope of the Regulation, in particular in cases where it is not clear whether the data have indeed been fully anonymised. In such cases, the data should remain within the scope of the Regulation.
2. In particular, one should not exclude from the scope of the Regulation, or some of its principles, certain categories of data which are not irreversibly anonymised. The EDPS also cautions against those amendments which confuse pseudonymisation with anonymisation and, as a consequence, remove pseudonymised data from the scope of the Regulation or some of its core principles. Here to read more.