• Hélène Dufour

The GDPR and Unstructured Data: Is Anonymization Possible?

"This article examines the two contrasting approaches for determining identifiability that are prevalent today: (i) the risk-based approach and (ii) the strict approach in the Article 29 Working Party’s Opinion on Anonymization Techniques (WP 216). Through two case studies, we illustrate the challenges encountered when trying to anonymize unstructured datasets. We show that, while the risk-based approach offers a more nuanced test consistent with the purposes of the GDPR, the strict approach of WP 216 makes anonymization of unstructured data virtually impossible as long as the original data continues to exist."


Mots-clés :

0 vue0 commentaire

Posts récents

Voir tout

" The global climate crisis and the economy’s green transition are giving rise to new types of risks for banks. This paper analyses some of the key international bank regulatory standards, namely disc