ARTICLE

The definition of ‘anonymization’ is changing in the EU

Different interpretations across jurisdictions make the definition of “anonymization” difficult to nail down. This article provides an overview of the confusion around the EU standard and how it is progressively evolving.
Read More

ARTICLE

A new standard for anonymization

Privacy experts can now use a new standard, the ISO/IEC 27559:2022 privacy-enhancing data deidentification framework. This article discusses the purpose of the framework, its implementation, and more.
Read More

ARTICLE

10 recommendations for regulating non-identifiable data

There is considerable activity today in regulatory development and updates around the privacy rights of individuals in Canada, Europe, the U.S. and elsewhere. This article offers key considerations for regulating the generation and processing of non-identifiable data.
Read More

ARTICLE

A lawyer’s guide to pseudonymization and anonymization

In this piece for Privacy Tech, Immuta’s Alfred Rossi, Andrew Burt and Sophie Stalla-Bourdillon look to clarify the definition of these practices, help distinguish between direct and indirect identifiers, and offer some considerations for organizations that want to properly deidentify their data.
Read More

ARTICLE

Deidentification versus anonymization

While deidentification is not anonymization in virtually all cases, it is still useful as a data minimization technique. In this article, Lea Kissner breaks down the differences between deidentification and anonymization.
Read More

ARTICLE

Does anonymization or de-identification require consent under the GDPR?

Data de-identification has many benefits in the context of the GDPR. One question is whether consent is required to anonymize or de-identify data. This article makes the case that no consent is required for anonymization or other forms of de-identification.
Read More