Does data anonymization conflict with GDPR rules?

There are GDPR articles that relate to a person's ownership of their data e.g., Art. 17 GDPR Right to erasure (‘right to be forgotten’) and Art. 20 GDPR Right to data portability. In case one would anonymize the data without a way to restore the relation between the person (name + e-mail address) (which in turn would allow handling of the person-specific data), I'd say this would conflict with these GDPR articles. Are there data anonymization techniques that allow to restore the relation between name + contact e-mail after the data has been anonymized? This would allow satisfying these GDPR rules.

Topic anonymization

Category Data Science

1
answered at

Formally speaking, this is clarified in the GDPR Recital 26, unofficially titled Not Applicable to Anonymous Data:

  1. The principles of data protection should therefore not apply to anonymous information, namely, information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable.
  2. This Regulation does not, therefore, concern the processing of such anonymous information, including for statistical or research purposes.

Informally speaking, the claim that data anonymization would violate the data subject's rights to data erasure and portability, hence we should seek to use reversible anonymization techniques, sounds awkward, and against the very spirit of GDPR; and the official interpretation regarding anonymization is very clear:

Effective data anonymization is made up of two parts:

  • It is irreversible.
  • It is done in such a way that it is impossible (or extremely impractical) to identify the data subject.

In other words:

  • if a subject's data have been effectively anonymized, they are no longer personal data, hence they are no longer governed by GDPR; consequently, Articles 17 & 20 are not applicable, and this does not constitute any conflict
  • if any personal data used as a source for the anonymized ones remain, they are subject to GDPR; data subjects can exercise their right to erasure and portability for these non-anonymized data
  • if the personal data used as a source for the anonymized ones are already erased (possibly in compliance with GDPR), then neither the right to erasure nor the right to portability are applicable anymore, and this does not constitute any kind of conflict either.

Notice that the fact that ensuring effective anonymization is not as clear-cut as it may sound has also been legally recognized in the Opinion 05/2014 on Anonymisation Techniques of the Data Protection Working Party:

Thus, anonymisation should not be regarded as a one-off exercise and the attending risks should be reassessed regularly by data controllers.

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.