According to the Web study Observatoire de Médiamétrie, eight out of ten Internet users agree to share their personal data, 85% for users of tablets or connected TVs. ” Two prerequisites for this sharing: that there is a prior relationship between the Internet user and the brand on the one hand, and on the other hand that the latter finds an interest in it, such as benefiting from a promotional offer, a good plan or an exclusive », comments Charlotte Leboucher, Director of Studies at Médiamétrie. Personal data: a major issue that is the subject ofa new campaign of co-innovation launched by EDF Pulse & You until May 15th. It is also at the heart of the General Data Protection Regulation (GDPR), one of the measures of which concerns pseudonymization to limit the risks associated with the processing of personal data.
Pseudonymization vs anonymization
Pseudonymization, anonymization, two notions that are phonetically close but nevertheless not to be confused. According to the CNIL, ” anonymization is processing that consists of using a set of techniques in such a way as to make it impossible, in practice, to identify the person by any means whatsoever and irreversibly “. The reversible nature of data concealment is precisely all the difference with pseudonymization. In this case it is simply ” processing of personal data in such a way that data relating to a natural person can no longer be assigned without recourse to additional information “.
How to pseudonymize?
Pseudonymisation actually consists in replacing the directly identifying personal data of an individual with indirectly identifying data (alias, number in a classification, etc.). Clearly, the personal data, for example the name, the address, an identification number, are replaced by an alias, a sequence of numbers or letters. To automate and secure this hiding, can be used cryptographic systems secret key, hash functions, deterministic encryption or even tokenization. Nevertheless, pseudonymization does not represent an infallible protection, because the identity of an individual can also be deduced from a combination of several pieces of information called quasi-identifiers (age, location, etc.)
And you, have you ever used a specific tool or process to manage your personal data? Tell us about your experiences with EDF Pulse platform before May 16 and try to win the following prizes: an iPhone 13, a Viewsonic mini video projector, a Western Digital Element 2 terra hard drive, or a special prize if you answer all the questions in the survey: Bitdefender antivirus for a year !
Why pseudonymise?
Pseudonymization makes it possible to develop analytical activities, research or statistical projects, without risk of abuse. So what is the point of pseudonymizing rather than anonymizing? The two concepts have two major differences. Legally, pseudonymized data is always considered as personal data, although the standards set by the GDPR are more flexible. Anonymization allows players to use and share their data “deposit”, and this, beyond their retention period because the legislation relating to data protection no longer applies. In terms of security, unlike pseudonymization, it therefore guarantees total protection of personal data. But the significant loss of information limits the possible reuse of data. Hence the attractive alternative of pseudonymization, provided sufficient protection is guaranteed.
Subject produced in partnership with EDF teams.
Interested in what you just read?