An article by an IAPP contributor discusses the evolving understanding of data anonymisation in the context of AI development while adhering to stringent data privacy regulations like the EU General Data Protection Regulation (GDPR) and the EU Artificial Intelligence Act (AI Act). The article explores the shift from a binary view of anonymisation to a more nuanced, context-dependent approach.
Traditionally, data was considered either anonymous or identifiable. However, a more modern perspective suggests that anonymisation is relative, depending on the recipient's ability to re-identify data. As such, the article introduces the concepts of "objective" and "subjective" anonymisation. While objective anonymisation meets all the GDPR standards for everyone, subjective anonymisation meets those standards for one party but not necessarily another.
While subjective anonymisation could introduce regulatory uncertainty, the article highlights how it requires a risk-based approach—that aligns with the GDPR's risk-based principles and the AI Act's robustness requirements—offering flexibility for AI model training, allowing organisations to leverage data while managing risks.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 5,750 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.
