On 10 April 2014, the Article 29 Data Protection Working Party (the "Working Party"), an independent European advisory body on data protection and privacy comprised of representatives from the national data protection authorities of the EU Member States, the European Data Protection Supervisor and the European Commission, adopted an opinion (the "Opinion") that reviews the effectiveness and limits of existing anonymisation techniques. The Opinion also offers recommendations to handle these anonymisation techniques by taking account of the residual risk of identification inherent in each of them.
The Opinion confirms that there is a growing public interest in the re-use of data. However, open data may only provide benefits for society, individuals and organisations if everybody's right to the protection of personal data and private life is respected. Anonymisation - which results from processing personal data in order to prevent identification irreversibly - may be a good strategy to keep the benefits of publication while mitigating the risks of identification.
Anonymised data do not fall under the scope of data protection rules, but data subjects may still be entitled to protection under other provisions (such as those protecting confidentiality of communications). In addition, the Opinion points out that the anonymisation process constitutes a further processing of personal data which, as such, must observe the data protection rules.
Case studies and research publications have shown how difficult it is to create a truly anonymous dataset whilst retaining as much of the underlying information as required for the task. Whether a given anonymisation technique can guarantee anonymisation is analysed on the basis of three risk factors:
( i) Singling out, i.e. the possibility to isolate some or all records which identify an individual in the dataset;
(ii) Linkability, i.e. the ability to link at least two records concerning the same data subject or a group of data subjects (either in the same database or in two different databases).
(iii) Inference, i.e. the possibility to deduce, with significant...