Anonymisation vs Pseudonymisation: The Compliance Reality

PostedAugust 13, 2025

ByIakov Go

In the daily operations of data-driven enterprises, from clinical trial sponsors in Switzerland deploying machine learning models on patient data to automotive manufacturers in Germany processing sensor logs from test vehicles, a single question recurs with persistent frequency: “Can we share this dataset?” The underlying assumption is often that if direct identifiers like names and social security numbers are removed, the data is anonymous and therefore falls outside the scope of data protection law. This assumption, while understandable from an operational standpoint, represents one of the most significant and costly compliance blind spots in the European regulatory landscape. The distinction between anonymisation and pseudonymisation is not a semantic debate for academics; it is a fundamental legal and technical demarcation that determines the applicability of the General Data Protection Regulation (GDPR), the obligations of data controllers, the rights of data subjects, and the potential for severe regulatory sanctions. The reality is that a vast number of datasets labelled as ‘anonymous’ are, under the rigorous scrutiny of European law and the European Data Protection Board (EDPB) guidelines, merely pseudonymised, and their treatment as anonymous constitutes an unlawful processing activity.

The Legal Dichotomy: Subject Matter vs. Exclusion

The starting point for any analysis must be the text of the GDPR itself. The regulation does not apply to anonymous information. Article 1(2) states that the regulation “does not apply to the processing of personal data… which does not permit, or no longer permits, the identification of the data subject, by any means, reasonably likely to be used.” This is the core principle. If data is truly anonymous, it is not personal data. The controller has no obligations under the GDPR concerning that data, and third parties may process it without being subject to the regulation’s strictures. Conversely, pseudonymised data is explicitly defined as personal data. Recital 26 of the GDPR clarifies that “the principles of data protection should not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person… personal data which have undergone pseudonymisation… should be considered to be information on an identifiable natural person.”

This creates a stark, binary legal reality. The process of de-identification is not a spectrum where one moves from ‘identified’ to ‘anonymous’ through a series of steps. There are only two states: personal data (including pseudonymised data) and anonymous data. The burden of proof rests entirely on the data controller to demonstrate that the data has been rendered truly anonymous. This is not a matter of intent or a declaration of ‘anonymity’; it is a question of demonstrable fact and technical reality. The legal consequence of misclassifying pseudonymised data as anonymous is severe. It means the controller has failed to apply the GDPR to data that is subject to it, leading to a cascade of non-compliance: lack of a lawful basis for processing, failure to honour data subject rights (such as the right to access or erasure), inadequate security measures, and potential unlawful international data transfers if the ‘anonymous’ data is sent outside the European Economic Area (EEA).

Defining the Core Concepts

To navigate this landscape, a precise understanding of the terms is essential. The definitions provided in Article 4 of the GDPR and elaborated upon in EDPB guidance are the bedrock of compliance.

Pseudonymisation

Article 4(5) GDPR defines pseudonymisation as:

“the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.”

In practice, this means a dataset contains data that relates to a person, but their direct identifiers (name, ID number) have been replaced with a pseudonym (e.g., a random alphanumeric code, ‘Patient_XY123’). However, the link between the pseudonym and the individual still exists. This link is maintained through the ‘additional information’—the key that maps the pseudonym back to the real identity. This key must be kept separate and secure. Pseudonymisation is a crucial risk-mitigation technique and an important security measure, but it does not change the fundamental nature of the data as personal data. The data subject remains identifiable in principle, even if not in practice at a given moment. For example, a dataset of employee performance reviews pseudonymised with employee IDs is still personal data. If the data controller also holds the key linking those IDs to the employees, or can reasonably obtain it, the data is not anonymous.

Anonymisation

Anonymisation is the process that results in data to which the GDPR no longer applies. It is the irreversible transformation of personal data so that an individual can no longer be identified by any means reasonably likely to be used. This is a much higher bar than pseudonymisation. The EDPB, in its Opinion 05/2014, established a framework for assessing anonymisation, which revolves around the concept of the ‘reasonably likely’ identifier. Anonymisation must withstand both current and future technological capabilities. The goal is to sever the link between the data and the data subject permanently.

The ‘Reasonably Likely’ Test and the Attacker Model

The core of the legal and technical analysis is not what the data controller intends or believes, but what a hypothetical third party could achieve. The EDPB guidance frames this in terms of an ‘attacker model’. The assessment of whether data is anonymous must consider the perspective of a person (or entity) who wants to re-identify individuals. The question is: could this person, using ‘all means reasonably likely to be used’, identify individuals?

“All means reasonably likely to be used” is a broad concept. It is not limited to sophisticated hacking or expensive computational power. It includes:

Information held by the controller: The controller cannot ‘forget’ the additional information that links pseudonymised data back to individuals. If they hold the key, the data is not anonymous for them.
Information held by other entities: The assessment must consider whether the data could be combined with other publicly available or commercially available datasets to enable re-identification. This is the heart of the problem of ‘anonymous’ data releases.
Technological developments: The means ‘reasonably likely’ to be used evolve. A dataset that is considered anonymous today might be re-identifiable tomorrow with new AI techniques or the availability of new data sources. True anonymisation must be robust to future developments.
Societal and economic factors: The cost and effort required for re-identification are relevant. If a large company or a state actor could reasonably undertake the effort, the data is not anonymous, even if it would be difficult for a private individual.

Therefore, the assessment is contextual and dynamic. It depends on the data itself, the environment in which it is shared, the existence of other datasets, and the evolving technological landscape.

The Failure of Simple De-identification

Many traditional methods of removing identifiers are insufficient to achieve anonymity. Simply removing direct identifiers like name, address, and social security number is the first step, but it is rarely enough. The most common pitfall is the combination of quasi-identifiers.

The Risk of Singling Out, Linkability, and Inference

The EDPB identifies three key risks that anonymisation techniques must mitigate:

Singling Out: The ability to isolate a record or a small set of records from the rest of the dataset, even without knowing the individual’s identity. For example, a dataset might contain only one individual from a specific, small town who works in a specific, rare profession. That individual can be singled out and targeted, even if their name is not present.
Linkability: The ability to link two or more datasets concerning the same data subject, thereby increasing the detail and accuracy of the information held about that person. This is the classic re-identification attack. For instance, an ‘anonymous’ dataset of hospital visits (containing postcode, date of birth, and gender) can be linked to a publicly available electoral roll (containing name, postcode, date of birth, and gender) to re-identify individuals and their medical conditions.
Inference: The ability to deduce, with a high degree of probability, the value of an attribute about a data subject that was not directly collected or is missing from the dataset. For example, if a dataset shows that a person’s income is known and their postcode is known, one might infer their income bracket based on the average income of that postcode area.

The famous case of the ‘anonymous’ AOL search query logs released in 2006 is a textbook example. The dataset contained no names, only unique user IDs and search queries. Journalists were able to link the search queries to public records and identify specific individuals, including one user who was identifiable by her searches about her home town and medical conditions. The data was not anonymous; it was pseudonymised, and the link to identity was easily re-established.

Similarly, the Massachusetts Governor’s health data incident in 2013 demonstrated that even when direct identifiers are removed, the combination of quasi-identifiers (postcode, date of birth, gender) is often unique. Researchers were able to link this ‘anonymous’ data to public voter registration lists to identify the Governor’s health records. These cases are not historical footnotes; they are the operational reality that regulators consider when evaluating claims of anonymity.

Techniques and the Spectrum of Re-identification Risk

Given the high bar for anonymity, a range of techniques exists to de-identify data. It is useful to understand these not as a binary switch but as a spectrum of risk reduction. The choice of technique determines the residual risk of re-identification.

Low-utility, high-anonymity techniques

These techniques provide strong anonymisation but often at the cost of significant data utility. They are often used for public releases of statistical data.

Suppression: Entirely removing records or attributes that are too risky. For example, removing all data for a postcode area with a very small population.
Generalisation: Replacing a value with a broader category. For example, replacing a specific date of birth (15/03/1980) with a year of birth (1980) or an age range (30-35). Replacing a precise postcode with a broader area code.
Aggregation: Grouping data and providing only summary statistics (e.g., average, sum, count) for a group, not for individuals. For example, reporting the average cholesterol level for a group of patients rather than the level for each patient.

High-utility, lower-anonymity techniques

These techniques aim to preserve more of the original data’s analytical value but introduce a higher risk of re-identification. They are often used for internal analysis or controlled data sharing.

Pseudonymisation (with key held by controller): As defined in the GDPR. This is not anonymisation. The risk is that the key could be breached or used improperly.
Noise Addition: Adding random values to data points to obscure the original values. This can be applied to numerical data. It makes it harder to pinpoint an individual’s exact value but preserves statistical properties. The amount of noise must be carefully calibrated.
Data Swapping/Shuffling: Exchanging values between records within a dataset. For example, swapping the diagnosis of two patients from the same age group. This breaks the direct link between quasi-identifiers and sensitive attributes but can distort correlations.
Differential Privacy: A more recent and mathematically rigorous framework. It involves adding noise to the output of queries on a database in a way that provides a provable guarantee about the privacy loss. It ensures that the inclusion or exclusion of any single individual’s data in the dataset does not significantly change the outcome of an analysis. This is considered a very strong method for achieving a balance between privacy and utility, particularly for statistical releases and machine learning model training.

The key takeaway is that no single technique is a silver bullet. The effectiveness of an anonymisation method depends on the context: the nature of the data, the size of the dataset, the environment in which it will be used, and the other data sources available. A combination of techniques is often required, and the process must be iterative, with regular re-assessment of the re-identification risk.

Regulatory Obligations and the Role of Pseudonymisation

While pseudonymisation does not remove the data from the scope of the GDPR, it is a critically important and encouraged security measure. The GDPR explicitly recognises pseudonymisation as a means of reducing risks to data subjects and as a factor that can be considered when assessing appropriate technical and organisational measures. Recital 78 states that “the application of pseudonymisation to personal data… can reduce many of the risks to data subjects.”

Pseudonymisation provides several practical benefits for controllers:

Reduced Risk of Breach Impact: If a pseudonymised dataset is breached, the attacker only gets pseudonyms, not direct identifiers. As long as the key is stored separately and securely, the harm to individuals is significantly mitigated.
Facilitating Data Processing: It allows for the separation of data processing functions. A data analyst can work with pseudonymised data to perform their tasks without needing access to the direct identifiers, reducing the risk of internal misuse or accidental disclosure.
Legitimate Interest Assessment: When relying on legitimate interest as a lawful basis, pseudonymisation can be a key factor in demonstrating that the processing is necessary and that the interests of the controller are not overridden by the rights and freedoms of the data subject. It shows a proactive effort to protect privacy.
International Transfers: When transferring data outside the EEA, pseudonymisation can be part of the “adequate safeguards” (e.g., in a Data Processing Agreement) to protect the data, although it does not, on its own, legitimise a transfer to a country without an adequacy decision if the data remains personal.

However, it is crucial to remember that the GDPR’s full suite of obligations still applies to pseudonymised data. This includes conducting a Data Protection Impact Assessment (DPIA) for high-risk processing, ensuring a valid lawful basis, respecting data subject rights (e.g., the right to erasure requires the deletion of both the data and the corresponding key), and implementing robust security measures for both the dataset and the separate key.

The Intersection with AI and Robotics

The distinction between anonymisation and pseudonymisation is particularly acute in the fields of AI, robotics, and biotechnology. These fields rely on vast datasets for training models, validating systems, and conducting research. The temptation to label data as ‘anonymous’ to bypass GDPR obligations is strong, but the risks are amplified by the power of modern analytical tools.

Machine learning models, by their nature, are designed to find complex patterns and correlations in data. An AI model trained on a supposedly ‘anonymous’ dataset could inadvertently encode information that allows for re-identification. For example, a model that predicts disease risk based on a combination of lifestyle and genetic factors might be used as a ‘means’ to re-identify individuals if the model’s outputs are queried in a specific way. The EDPB has noted that the use of AI can be a factor in the ‘means reasonably likely to be used’ test.

Consider an autonomous vehicle manufacturer collecting petabytes of sensor data. This data includes location traces, camera images, and LiDAR scans. If this data is simply pseudonymised by removing the vehicle’s VIN, is it anonymous? Likely not. Location traces are highly unique. A journey from a specific home address to a specific workplace, repeated daily, is a unique fingerprint that can be linked to public map data to identify the owner. The images might capture license plates or faces of other people. The data is a rich source of personal data about not only the vehicle’s occupants but also other members of the public. To make this data truly anonymous for research and development purposes would require aggressive techniques like generalising location to broad areas, blurring faces and license plates, and potentially using synthetic data generation or federated learning, where the model is trained on the device without the raw data ever leaving it.

National Implementations and Cross-Border Nuances

While the GDPR provides a harmonised framework, member states have some flexibility, particularly in areas like health and research. This can create complexity for organisations operating across Europe.

For instance, national laws transposing the GDPR may have specific provisions for anonymised or pseudonymised data in the context of scientific research or public health. In Germany, the concept of ‘pseudonymisation’ is central to the processing of health data for research under § 13 of the Federal Data Protection Act (BDSG). The rules for using such data for research purposes without explicit consent are more permissive, but only if strict pseudonymisation measures are in place. However, this data is still personal data and subject to the GDPR’s principles, such as data minimisation and purpose limitation.

In France, the CNIL (Commission Nationale de l’Informatique et des Libertés) has issued specific guidelines on anonymisation, particularly for public sector bodies and statistical purposes. They emphasise the need for a demonstrable anonymisation report that details the methods used and the residual risks assessed.

The UK’s ICO (Information Commissioner’s Office) provides detailed guidance on anonymisation, framing it as a key tool for unlocking the value of data while protecting privacy. They stress the importance of considering the ‘motivated intruder’—a hypothetical attacker who is reasonably skilled and has access to public resources.

For a multinational corporation, this means a one-size-fits-all approach is insufficient. A data processing activity that is considered a legitimate, anonymised statistical exercise in one country might be viewed as a high-risk processing of personal data in another. The safest and most robust approach is to adhere to the highest standard: rigorously assess data against the EDPB’s anonymisation criteria and treat any data that does not meet that standard as personal data, regardless of national variations.

AI in Education: Fundamentals & Tools

Understanding AI Basics

Practical AI Tools for Educators

Integrating AI into Teaching

Case Studies & Success Stories

Ethical AI & Inclusive Practices

Ethical & Legal Frameworks for AI Systems

Equity & Inclusion

Transparency & Trust

Algorithmic Bias, Discrimination & Legal Risk

AI Errors, Accountability & Legal Responsibility

Institutional AI Governance & Policy Design

AI, Security & GDPR Compliance

Data Protection & Privacy

Cybersecurity in AI

EU Regulations & Policies

Engaging Parents & Guardians

Data Protection, Privacy & AI Governance

Additional Resources

Glossary of Terms

Templates & Guides

Webinars & Research

AI for Administrative & Pedagogical Support

AI for Time Management

AI in Student Performance Tracking

AI for Automated Communication

AI for Document Management

AI, Robotics & Biotech Regulation in Europe

EU AI Act Explained: Scope, Risk Levels, Obligations

AI-Enabled Products: Robots, Medical Software, Smart Devices

Machinery Regulation & Safety Standards for Intelligent Systems

AI in Healthcare & Biotech: MDR, IVDR, EMA

Liability & Responsibility for AI-Driven Systems

Compliance in Practice: From Risk Assessment to CE Marking

Country-Specific AI Regulation & Enforcement

How EU AI Law Is Applied at National Level

Different Compliance Models

National AI Sandboxes & Regulatory Experiments

Public Sector AI Rules Across Europe

Cross-Border AI Deployment Challenges

When National Law Overrides EU Guidance

Legal Cases, Enforcement & Real-World Precedents

AI Act, GDPR & Algorithmic Decision-Making Cases

Liability Disputes Involving Automated Systems

Robotics Accidents & Legal Responsibility

Medical & Biotech AI Failures: Lessons Learned

What Enforcement Trends Tell Us About Future Regulation