Chasing the Golden Goose: What is the path to effective anonymisation?

• Omer Tene
• Gabriela Zanfir-Fortuna

Searching for effective methods and frameworks of de-identification often looks like chasing the Golden Goose of privacy law. For each answer that claims to unlock the question of anonymisation, there seems to be a counter-answer that declares anonymisation dead. In an attempt to de-mystify this race and un-tangle de-identification in practical ways, the Future of Privacy Forum and the Brussels Privacy Hub joined forces to organize the Brussels Symposium on De-identification – “Identifiability: Policy and Practical Solutions for Anonymisation and Pseudonymisation”. The event brought together researchers from the US and the EU, having academic, regulatory and industry background, discussing their latest solutions for such an important problem. This contribution looks at their work in detail, puts it in context and aggregates its results for the essential debate on anonymisation of personal data. The overview shows that there is a tendency to stop looking at anonymisation/identifiability in binary language, with the risk-based approach gaining the spotlight and the idea of a spectrum of identifiability already generating practical solutions, even under the General Data Protection Regulation.