"This article examines the two contrasting approaches for determining identifiability that are prevalent today: (i) the risk-based approach and (ii) the strict approach in the Article 29 Working Party’s Opinion on Anonymization Techniques (WP 216). Through two case studies, we illustrate the challenges encountered when trying to anonymize unstructured datasets. We show that, while the risk-based approach offers a more nuanced test consistent with the purposes of the GDPR, the strict approach of WP 216 makes anonymization of unstructured data virtually impossible as long as the original data continues to exist."
top of page
Rechercher
Posts récents
Voir toutThe main vulnerability in data protection is ineffective risk management, often subjective and superficial. GDPR outlines what to achieve...
00
This paper introduces a dynamic, proactive cyber risk assessment methodology that combines internal and external data, converting...
10
Cybersecurity investment models often mislead practitioners due to unreliable data, unverified assumptions, and false premises. These...
00
bottom of page
Comments