If identification of a person, to whom personal data collected refers, is not possible through anonymisation, the data falls outside the scope of the Data Protection regulations. This allows for exploitation of commercially valuable data, while respecting the individual’s privacy.

On 10 April 2014 the Article 29 Working Party adopted an opinion on the effectiveness and limits of existing anonymisation techniques.

The opinion elaborates on the robustness of each technique based on whether it is still possible to single out an individual, to link records relating to an individual, and whether information can be inferred to concern an individual.

The Opinion concludes that anonymisation techniques can provide privacy guarantees if their application is engineered appropriately by clearly setting out the context and objective(s) of the process.

The opinion is not legally binding, but is a useful tool for business indicating best practice.