The word ‘anonymisation’ is used to mean different things in different communities (e.g. legal and technical) and in different jurisdictions (e.g. EU and US). In the EU, ‘anonymous information’ is defined in Recital 26 of the GDPR and is out of the remit of data protection law.
To be considered anonymous, it must not be possible to identify an individual using any means reasonably likely to be used. This is assessed in terms of linkability, singling out, and inference. As such, within the EU, evaluating whether or not data is anonymous is a risk based evaluation, with anonymisation being defined as a risk threshold (unlike elsewhere).
Different countries within the EU use both different ways of evaluating the threshold and different thresholds, and so there can be disagreement about what is or is not anonymous. In the US, ‘anonymous’ does not have the same legal significance, and is often used in the same way the term pseudonymous is used in the EU. Outside of the EU and US other definitions are also used.
Return to Glossary
Data Privacy enabling compliant and innovative data science

Data Privacy enabling compliant and innovative data science

Explore how new pseudonymisation and anonymistion technologies simultaneously enable innovation through wider access to data and prepare for GDPR compliance.

Didn't find what you were looking for?

Want to know more about Privitar, but don't know where to start? Look no further. Get in touch by clicking the button below and we'll gladly assist you.