Hon, et al. 2011 (†692)Hon, W. Kuan, Christopher Millard, and Ian Walden. "The Problem of 'Personal Data' in Cloud Computing: What Information is Regulated?--The Cloud of Unknowing" International Data Privacy Law 1:4 (November 2011), p.211-228.
- pseudonymized data (p.215-216): Pseudonyms, involving substituting nicknames, etc for names, are indirect identifiers. WP136 describes pseudonymization as ‘the process of disguising identities’, to enable collection of additional information on the same individual without having to know his identity, particularly in research and statistics. There are two types: *Retraceable/reversible pseudonymization aims to allow ‘retracing’ or re-identification in restricted circumstances. For example, ‘key-coded data’ involves changing names to code numbers, with a ‘key’ mapping numbers to names. This is common in pharmaceutical trials. Another example is applying two-way cryptography to direct identifiers. *Irreversible pseudonymization is intended to render re-identification impossible, for example ‘hashing’, applying one-way cryptography (hash functions) to direct identifiers. Retraceably pseudonymized data may be ‘personal data’, as the purpose is to enable re-identification, albeit in limited circumstances. If each code is unique to an individual, identification is still a risk, so pseudonymized information remains ‘personal data’. However, if pseudonymization reduces the risks for individuals, data protection rules could be applied more flexibly, and the processing of pseudonymized data subjected to less strict conditions, than the processing of information regarding directly identifiable individuals. (†1648)
- territory of storage (p.216): The European Commission considers transferring key-coded data to the USA (without transferring or revealing the key) is not personal data export subject to Safe Harbor principles.61 WP136 considers itself consistent with this view as recipients never know individuals’ identities; only the EU researcher has the key. (†1578)