Data anonymization

What is data anonymization?

Anonymizing data is the process of changing Personally Identifiable Information (PII) in such a way that it is not traceable to a natural living person anymore. You may not be able to identify the original person behind the data. This can be achieved by masking the data or generating synthetic data.

What does data anonymization mean?

Before we go into what anonymization means, we need to know when a data set is privacy sensitive. A name for example is personal, but not confidential. The city that you live in isn’t either. It is public information, information that you can find out by just googling someone’s name. But the fact that you have a huge debt or a disease makes your data privacy sensitive. In this example, by separating name, city, disease and debt, the data cannot refer back to a certain living person and therefor it is not critical anymore. By separating this data, by masking it or by generating synthetic data, it is anonymous.

Anonymized vs pseudonymized data

It is crucial to differentiate between anonymous data and pseudonymous data. The legal distinction between anonymised and pseudonymised data is its categorisation as personal data. Pseudonymized data still qualifies as personal data since it remains possible to re-identify individuals. In contrast, anonymous data cannot be re-identified, thus falling outside the purview of privacy laws and regulations.

Why do we anonymize data?

No one wants their personal data to end up on the street. That’s why most governments have privacy laws like CCPA, GDPR, PCI and HIPAA to protect customers – civilians – from wrongdoing. One should not be using critical data for other purposes than the initial permission. Not securing the data properly, every organization risks the following:

• Not complying with data privacy laws and European Union directive concerning data protection
• Exposure of privacy sensitive data to unauthorized users
• Image loss because of bad publicity when data is leaked
• Customers that terminate their relation due to lack of trust in security

In order to prevent risking the above, you need to make sure your test data is anonymized which can be done with several tools and anonymization techniques.

Meet the GDPR by anonymizing data

If you have anonymous data (without any confidential values or records) in non-production environments you comply with the GDPR. There is no need for compliance when you only have anonymized data, as shown in recital no 26 of the GDPR. This is especially interesting from a data security perspective: data anonymization enables you to at least lower your guard for protecting data in these settings because there is less risk.