Anonymisation/pseudonymisation
Pseudonymisation and anonymisation are distinct concepts. Pseudonymisation is a safeguard that reduces the linkability of data to a specific individual, but without aiming at completely cutting that link, while anonymisation makes data unlinkable to any individual. Truly anonymised data is no longer considered personal data, thus falling outside the scope of EU data protection law.
The EDPB issues guidance on these methods to clarify this difference, and support compliance with the related data protection requirements.
Enforcement
Binding decision 1/2021 on the dispute arisen on the draft decision of the Irish Supervisory Authority regarding WhatsApp Ireland under Article 65(1)(a) GDPR
EDPB Binding Decisions
#Data subject rights
#Basic principles
#GDPR enforcement
#Fines
#Cooperation between authorities
#Anonymisation/pseudonymisation
Read more about
Binding decision 1/2021 on the dispute arisen on the draft decision of the Irish Supervisory Authority regarding WhatsApp Ireland under Article 65(1)(a) GDPR
Policy work
EDPB Annual Report 2025
Reports, statements, and letters
#Anonymisation/pseudonymisation
#GDPR enforcement
#Cooperation between authorities
#Cross-regulatory cooperation
#International cooperation
#Artificial intelligence
#Technology
Read more about
EDPB Annual Report 2025
Report on stakeholder event on anonymisation and pseudonymisation of 12 December 2025
Reports, statements, and letters
#Anonymisation/pseudonymisation
Read more about
Report on stakeholder event on anonymisation and pseudonymisation of 12 December 2025
Compliance instruments
Opinion 28/2024 on certain data protection aspects related to the processing of personal data in the context of AI models
Opinion of the Board (Art. 64)
#Legal basis
#Artificial intelligence
#Anonymisation/pseudonymisation
Read more about
Opinion 28/2024 on certain data protection aspects related to the processing of personal data in the context of AI models