Europäischer Datenschutzbeauftragter (EDPS/EDSB) und die Agencia Española de Protección de Datos (AEPD) veröffentlichen eine gemeinsame Stellungnahme zu Anonymisierung

Ende April 2021 veröffentlichten der Europäische Datenschutzbeauftragte (EDPS/EDSB) zusammen mit der spanischen Datenschutzaufsichtsbehörde (Agencia Española de Protección de Datos - AEPD) eine gemeinsame Stellungnahme zum Themenbereich Anonymisierung (von Personendaten gemäss EU DSGVO).

Darin halten die erwähnten Behörden u.a. folgende Definitionen im Zusammenhang mit „Anonymisierung“ fest:

(i) Anonymous data is “information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable”.

(ii) Datasets which include personal data may contain direct and indirect identifiers, which allow an individual to be identified or become identifiable.

(iii) A direct identifier is specific information that references to an individual, such as name or an identification number.

(iv) An indirect identifier (also called quasi-identifier) is any piece of information (e.g. a geographical position in a certain moment or an opinion about a certain topic) that could be used, either individually or in combination with other quasi-identifiers, by someone that has knowledge about that individual with the purpose of re-identifying an individual in the dataset.

(v) The re-identification likelihood is the probability in a given dataset of re-identifying an individual, by turning anonymised data back into personal data through the use of data matching or similar techniques.

Ferner gehen der EDPS/EDSB und die AEPD in ihrer gemeinsamen Stellungnahme auf folgende „top ten misunderstandings“ zur Anonymisierung ein:

Misunderstanding 1: Pseudonymisation is the same as anonymisation. Fact: Pseudonymisation is not the same as anonymisation.

Misunderstanding 2: Encryption is anonymisation. Fact: Encryption is not an anonymisation technique, but it can be a powerful pseudonymisation tool.

Misunderstanding 3: Anonymisation of data is always possible. Fact: It is not always possible to lower the re-identification risk below a previously defined threshold whilst retaining a useful dataset for a specific processing.

Misunderstanding 4: Anonymisation is forever. Fact: There is a risk that some anonymisation processes could be reverted in the future. Circumstances might change over time and new technical developments and the availability of additional information might compromise previous anonymisation processes.

Misunderstanding 5:
Anonymisation always reduces the probability of re-identification of a dataset to zero. Fact: The anonymisation process and the way it is implemented will have a direct influence on the likelihood of re-identification risks.

Misunderstanding 6:
Anonymisation is a binary concept that cannot be measured. Fact: It is possible to analyse and measure the degree of anonymization.

Misunderstanding 7:
Anonymisation can be fully automated. Fact: Automated tools can be used during the anonymisation process, however, given the importance of the context in the overall process assessment, human expert intervention is needed.

Misunderstanding 8:
Anonymisation makes the data useless. Fact: A proper anonymisation process keeps the data functional for a given purpose.

Misunderstanding 9:
Following an anonymisation process that others used successfully will lead our organisation to equivalent results. Fact: Anonymisation processes need to be tailored to the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons.

Misunderstanding 10:
There is no risk and no interest in finding out to whom this data refers to. Fact: Personal data has a value in itself, for the individuals themselves and for third parties. Re-identification of an individual could have a serious impact for his rights and freedoms.

Weitergehende Erläuterungen zu den einzelnen misunderstandings sind hier abrufbar.

Michal Cichocki

© LawBlogSwitzerland.ch
Maira Gall