Those familiar with the General Data Protection Regulation will likely have come across the term “pseudonymisation”. The legislation requires the processing of personal data to be done in a way that protects an identifiable person. Data can no longer be used to identify an individual without their consent. The privacy of EU citizens is a key aspect of it.
Therefore, companies who store such identifiable data have a much greater legal responsibility than before. They are obligated to take certain safeguards. Complying with the policy is not just a legal requirement. It can also enhance the performance of a company. This is likely to give them a bonus incentive, to not only store data safely but also improve their overall cybersecurity. Should GDPR mean Get Data Protection Right?
The GDPR clearly states that anonymisation and pseudonymisation techniques need to be used. However, these two methods differs. It is important to know the difference.
Pseudonymisation and Anonymisation
Both of these techniques are useful for complying with GDPR regulations. Whether to use pseudonymisation or anonymisation will largely depend on the type of data you need to keep safe. The overall degree of risk will also play an important factor.
Pseudonymisation works by replacing certain fields in the information with false, artificial ones. These are known as pseudonyms. The GDPR explains pseudonymisation in Article 3. It is defined as “the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information.” This information needs to be “kept separately and subject to technical and organisational measures to ensure non-attribution to an identified or identifiable person.”
Pseudonymous data can be re-identifiable, whereas anonymous data cannot. During the process of anonymisation, any information that could identify the individual is removed. Pseudonymisation, on the other hand, should guarantee the linkability between the data and identity of the individual instead.
It is not an accident that pseudonymisation and anonymisation are recommended by the GDPR. They are encouraged for a very clear purpose: to keep people’s personal and sensitive data out of the hands of unwanted third parties, such as hackers. Ransomware has become an evermore present threat online.
Ransomware works by stealing key information and exploiting it, often for financial gain. Cybersecurity is a major concern for all businesses and individuals. One of the reasons for the implementation of the GDPR was to tackle this major problem head-on.
The Main Goal of Pseudonymisation
Failing to comply with the anonymised/pseudonymised parts of the data policy could lead to severe fines. There have already been examples of this occurring in 2019. Naturally, companies will want to make sure their records can no longer be attributed to specific people.
Data breaches are becoming ever more common. In 2019, reports of data breaches increased 52 per cent, with 4.1 billion records being exposed. Information protection is costing hundreds of billions of pounds. In order to prevent undesirable third parties accessing confidential data, reliable and effective techniques need to be utilised.
According to the GDPR, pseudonymisation is an ideal solution. Technical and organisational measures that pseudonymised a specific data subject should make it harder for them to be identified. These techniques also minimise the chances of a data breach occurring.
The GDPR does not favour one of these techniques over the other. In fact, both are encouraged. They minimise the risk of data leaks and ensure compliance with the policy. Anonymisation tends to be employed when dealing with high-risk data such as medical records, bank account details and other personal information. It is used to conceal identity completely and therefore, any identifiers that may be stored in records. Pseudonymisation is better suited for when you want to store identity in an encrypted fashion but prevent others from accessing it.
Examples of How to Achieve It
So how can you employ pseudonymised data techniques? What are the organisational measures to ensure that individuals are no longer identifiable? There are actually many different forms of pseudonymisation available to try out. The right one will depend on the specific circumstances of your organisation. However, there are some examples that are broadly applicable.
One of these is scrambling, where letters are mixed or obscured. The letters could then be put in the right order when the correct data is needed. Another technique is encryption. The identifying nature of the data is removed by making it unintelligible. The only way to get this information back is with a decryption key. Under GDPR law, information is kept separately from its decryption key.
Masking is another common form of pseudonymisation. It works by replacing certain sections of information with random characters. This is popular because it is more difficult for the data to be attributed to a specific person, as important sections are completely hidden.
Data blurring is a cruder technique. It is exactly as it sounds. The data is blurred, making it seem unintelligible to third parties. However, it has proven to be an unreliable method. Depending on the image or figures being blurred, it may be possible for hackers to estimate certain values. Therefore, blurring can not be considered a safe or effective form of pseudonymisation. It should be avoided, as encryption is a much safer choice.
Encryption for Pseudonymisation
The first thing to decide is when you want the data to be encrypted. It can either be while it is stored on your servers or in transit via the internet. Once that has been decided, it is time to utilise trustworthy encryption software.
When encrypting for GDPR purposes, the main goal should be to ensure that data attribution to an identified person is minimised, if not eliminated altogether. You will also need to consider how the encryption can prevent both data leaks and unwanted access to confidential records. The data will need to be manipulated in a way that makes it illegible to outsiders but still readable to you.