On 28 Could 2021 the ICO printed the first chapter in its draft guidance on anonymisation, pseudonymisation and privacy enhancing technologies, as a part of a name for views for session. The decision for views is the primary stage within the course of and the ICO will seek the advice of on the total draft steering in Autumn 2021.
The ICO has printed the primary draft chapter which is an introduction to anonymisation. The primary chapter defines the ideas of anonymisation and pseudonymisation and the implications below UK knowledge safety legislation of those ideas.
The draft chapter states that, within the ICO’s view, the identical data might be private knowledge to 1 organisation, however anonymised data within the arms of one other organisation. Whether or not the information is anonymised or is private knowledge will depend on the circumstances, together with the angle of the organisation and the context of the disclosure.
The ICO additionally refers back to the “moderately probably” take a look at, which entails considering all of the means moderately probably for use, by the organisation or a 3rd occasion, to determine a person that the knowledge pertains to.
The ICO intends to publish additional draft chapters for remark all through the summer season and autumn. These chapters embody:
- pseudonymisation methods and finest practices;
- accountability and governance, together with knowledge safety by design and DPIAs;
- anonymisation and analysis;
- privateness enhancing applied sciences and their position in knowledge sharing;
- technological options;
- knowledge sharing choices and case research.
The ICO is asking for views on the primary draft chapter of its Anonymisation, pseudonymisation and privateness enhancing applied sciences draft steering. We’re sharing our considering in levels to make sure we collect as a lot suggestions as attainable to assist refine and enhance the ultimate steering, which we’ll seek the advice of on on the finish of the yr.
This primary draft chapter, Introduction to anonymisation, defines anonymisation and pseudonymisation. It explores the authorized, coverage and governance points across the utility of anonymisation and pseudonymisation within the context of knowledge safety legislation.