Position paper on anonymization under the GDPR

Jona Boeddinghaus
Jona Boeddinghaus

On June 29, 2020, the BfDI (Germany) published a position paper on anonymisation under the GDPR, with particular focus on telecommunications.

The paper can be downloaded from the following link (german version): link

The Federal Commissioner formulates some interesting statements about the interpretation of data protection laws. One of the key messages is: “Absolute anonymization in such a way that it is impossible for anyone to restore the personal reference is often not possible and is generally not required under data protection law. It is usually sufficient that the personal reference is removed in such a way that re-identification is practically impossible because the personal reference can only be restored with a disproportionate amount of time, costs and manpower.”

We at Gradient Zero say: “Absolute” anonymization is neither possible nor desirable. Fully anonymous data is either useless because there is no more valuable information left. Or they are not completely anonymized. However, as recognized above, it is sufficient to make re-identification practically impossible for data protection by requiring a disproportionate effort for the re-identification to be achieved.

This is exactly what DQ0 guarantees: The end-to-end encryption of the DQ0 platform and the built-in automatic modification and check of every data query based on Differential Privacy can ensure that at no time too much sensitive information leaves the data quarantine.

The BfDI position paper and many of the submissions by the discussion partners involved continue to deal with whether anonymization itself is an act of data processing and therefore needs a legal basis in data protection law. The BfDI affirms this and discusses possible applicables laws in the further text.

This can be a major hurdle for all solutions that rely on anonymization, pseudonymization, masking or synthetization.

With DQ0 this problem does not arise. Because DQ0 does not change the data. There is no anonymization, which may or may not be compliant with data protection. DQ0 uses the data as is and ensures at the time of the data analysis that any personal reference - even with the result of the analysis - is impossible. DQ0 thus offers not only a more secure solution for the analysis of sensitive data, but also one that can use all data without having to change it and thus uses the full value of the data.


All blog entries