![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
The Information Commissioner’s Office (ICO) has published a
for consultation. The consultation period runs until 23 August, and the aim is to publish the final code in September. The
sets out the questions that organisations and members of the public are invited to respond to.
The draft code contains the ICO’s good practice recommendations about achieving effective anonymisation and is relevant for organisations considering obligations under both data protection law and freedom of information laws. The code explains the benefits of anonymisation, the types of issues to consider when anonymising personal data effectively as well as whether consent to produce or disclose anonymised data is required—generally it’s not. It also examines mechanisms that organisations can use to demonstrate effective anonymisation, i.e. the motivated intruder and motivated defender tests.
It is clear from the draft code that the ICO wants to encourage organisations to anonymise personal data where appropriate and, through the code, to remove some of the nervousness around anonymisation. However, an organisation that adopts anonymisation will need to consider implementing a proper process both before anonymisation and throughout the life of the anonymised data—in proportion to the risks involved—to demonstrate that an appropriate anonymisation technique is adopted and that the risk of re-identification is kept under scrutiny.
