Personal data is any information that relates to an identified or identifiable individual. In today’s data-driven world, businesses routinely collect, store, and use (process) personal data to provide their goods or services. However, the use of such data can pose significant risks to those individuals (data subjects), such as identity theft, discrimination, or even physical harm.
To protect individuals from such harm, the data protection regime, particularly the UK GDPR, sets out a number of rules to ensure personal data is processed fairly and responsibly. To reduce the risks associated with data processing and support compliance with the regime, business may choose to anonymise or pseudonymise the personal data they process.
This article explains what anonymisation and pseudonymisation are, outlines their benefits, and summarises key techniques businesses can use to implement them effectively.
Anonymisation
Anonymisation is the process of transforming personal data so that an individual can no longer be identified, either directly or indirectly, even when the data is combined with other information.
Importantly, anonymisation involves more than just removing names or obvious identifiers. It requires reducing the chance of identification to a level that is considered sufficiently remote. Under the UK GDPR, examples of identifiers that make data personal include names, identification numbers, and location data.
While anonymisation is not required by the data protection regime, the ICO advises businesses to consider using anonymous data where a business does not need personal data to fulfil its objectives.
The UK GDPR does not prescribe specific methods of anonymising data, but the ICO recognises the following common anonymisation techniques.
- Randomisation – this technique involves altering identifying data in an unpredictable way, either by adding random values to the data or by shuffling values between records. For example, a fitness centre might add or subtract 1–5 kg from each member’s recorded weight. This prevents individual weights from being traced back to specific people while preserving overall trends. Alternatively, they could shuffle weight values between members so that each weight no longer matches the original person. While this may distort relationships between variables (e.g. weight and age), it still preserves the overall distribution of weights across the dataset.
- Generalisation – this technique reduces the precision of data by grouping it. For example, instead of recording exact ages, a dataset might record age bands such as 20–29 or 30–39.
The ICO also suggests the use of masking alongside these techniques. Masking removes or hides direct identifiers such as gender or names to reduce the chance of someone being singled out. For example, when collecting customer data, a business may choose to apply masking to remove the customer's gender from the data set.
The key advantage of anonymisation is that it reduces the risk of harm to individuals by ensuring their data can no longer be linked back to them. Once data is anonymised effectively, it also falls outside the scope of the UK GDPR, allowing organisations to use and share it more freely for purposes like analytics, AI training, or research. It also supports a data protection by design approach.
However, it is important to note that the act of anonymising data is itself a processing activity. This means businesses must still have a lawful basis and a defined purpose before anonymising personal data.
Pseudonymisation
Pseudonymisation is the process of replacing or transforming information that directly identifies an individual so that the data can no longer be attributed to a specific individual without the use of additional, separately stored information. While it may appear similar to anonymisation, pseudonymisation is a distinct concept under the UK GDPR.
Unlike anonymisation, pseudonymised data is still considered personal data under the law because re-identification is possible, albeit controlled. However, it still offers strong privacy protections and regulatory advantages.
The ICO identifies the following widely used pseudonymisation techniques.
- Hashing – this technique converts personal data into a fixed string of characters using a one-way mathematical algorithm. To enhance security, a random value known as a salt is often added. Additional information (like a salt or mapping table) can be used to link the hash back to the original data, but the hash itself cannot be directly reverse;
- Encryption – this technique transforms readable data into a secure, unreadable format using a secret key and a mathematical algorithm, ensuring that only authorised users with the secret key can access the original information. Unlike hashing, the encryption itself is reversible and allows for the original data to be recovered when necessary.
- Tokenisation – this technique replaces identifiers with randomly generated tokens. These tokens have no mathematical relationship with the original data, meaning that the token alone cannot be used to re-identify the individual. The link between the token and original data is stored separately and securely.
Pseudonymisation offers some of the same benefits as anonymisation by significantly reducing the risk of identifying individuals, which in turn lowers the potential harm from data breaches. Although, pseudonymised data is still subject to the UK GDPR, certain obligations, such as breach notification to data subjects, may be relaxed in some cases. It also allows businesses to repurpose data for certain types of processing like research or analytics. Finally, like anonymisation, it also supports a data protection by design approach and demonstrates a commitment to safeguarding personal data.
Pseudonymisation vs Anonymisation: Key Difference
The main difference between anonymisation and pseudonymisation is that anonymisation permanently removes any link between the data and the individual, making re-identification extremely difficult. In contrast, pseudonymisation retains that link but protects it through strict technical and administrative controls. This allows businesses to balance privacy protection with continued usefulness of the data, making pseudonymisation a more flexible option for ongoing processing such as research or analysis, while still significantly reducing privacy risks.
Conclusion
Anonymisation and pseudonymisation are valuable techniques that help organisations protect personal data, reduce privacy risks, and support compliance with the UK GDPR. Choosing between them depends on the purpose of processing and whether future re-identification may be required. Anonymisation offers greater data freedom by fully removing personal identifiers, while pseudonymisation balances privacy with usability by allowing controlled re-identification when necessary. By applying these techniques appropriately, businesses can better safeguard individuals’ rights while enabling responsible and innovative use of data.
How To Get In Contact
If you require assistance with any aspect of data protection, or have questions about your legal obligations, please contact our Data Protection and Privacy team on +44 204 600 9907 or email info@culbertellis.com.
