ABSTRACT

This chapter discusses whether technical means are effective and certain to avoid any process of aggregation of anonymized or pseudonymized data with identifiable information from the individual to whom they belong—as well as avoiding the person's identification by indirect ways. It focuses on the juridical aspects of the problem. The chapter begins by recalling the text of European Commission (EC) Directive 95/46/EC, which is dedicated specifically to the anonymization of data. If anonymization is a process that affects personal data, both terms must be defined, as the data are the object of that process. Also, within the category of personal data, there are some data that have special protection: sensitive data. The Directive states that personal data 'shall mean any information relating to an identified or identifiable natural person', such a person being the 'interested party'. Data relating to an identified person is data that appears clearly and directly linked with the person from which it was obtained.