Personal Data Destruction, Anonymization, and Pseudonymisation Guideline — Phase Two: Anonymization emphasizes that anonymization means permanently stripping all information from a dataset that could identify a person—either directly or indirectly. Once data is anonymized properly and irreversibly, it is no longer considered “personal data” and does not fall under PDPL. Controllers must assess the risk of re-identification, implement strong safeguards, and regularly update their methods to ensure the data remains anonymous.
Make it impossible to re-identify. Review, assess, and update controls continually.
Phase Two: Anonymization
The Controller shall ensure that all direct and indirect personally identifiable information is irreversibly anonymized, rendering the data subject unidentifiable. Data that has been rendered anonymous shall no longer be considered personal data and, consequently, shall not fall within the scope of the Personal Data Protection Law. The Controller, upon the anonymization of personal data, shall:
Irreversible De‑identification
A. Ensure that the anonymized data is rendered irreversibly anonymous, making it impossible to re-identify the data subject.
Risk Impact Assessment:
B. Conduct an impact assessment, including an evaluation of the potential for re-identification under the circumstances specified in Paragraph (1) of Article 25 of the Implementing Regulation.
Updated Protective Measures:
C. Implement appropriate organizational, administrative, and technical measures to mitigate risks, ensuring that these measures are up-to-date and aligned with technological advancements and evolving anonymization techniques.
Continuous Effectiveness Review:
D. Evaluate the effectiveness of implemented anonymization techniques and implement requisite adjustments to ensure the sustained irreversibility of the anonymization process.
Explanation of Phase Two: Anonymization
Must make re-identification impossible:
Phase Two: Anonymization says that the controller must ensure the data cannot be traced back to any individual under any condition.
Evaluate potential for re-identification:
Phase Two: Anonymization also says that the controller must assess how likely it is that anonymized data could be linked back to someone.
Implement and review safeguards:
Phase Two: Anonymization also says apply organizational, technical, and administrative controls that evolve with new anonymization techniques.
Monitor and improve anonymization:
Phase Two: Anonymization also says to regularly check if the anonymization remains effective and make necessary adjustments to maintain protection.
