- คือการนำข้อมูลส่วนบุคคลไปประมวลผลให้เกิดคุณค่าทางธุรกิจต่อไปได้โดยไม่เปิดเผยการระบุตัวตน
- Pseudonymization vs Anonymization
Pseudonymization
-
-
Definition: Personal data is replaced with pseudonyms (e.g., codes, numbers) but can still be re-identified using additional information (e.g., a key).
-
Reversibility: Reversible – the original data can be restored if the pseudonym and key are combined.
-
Purpose: Reduces risks during data processing, storage, or sharing, while still allowing for re-identification when necessary (e.g., in medical research).
-
Example: Replacing patient names with IDs in a health database, while keeping a separate file that links IDs to names.
-
GDPR Status: Still considered personal data, but offers some compliance benefits if implemented correctly.
Anonymization
-
Definition: Personal data is irreversibly altered so that the individual can no longer be identified, directly or indirectly.
-
Reversibility: Irreversible – the data cannot be traced back to a person.
-
Purpose: Used when there's no need to identify individuals, such as for open data publication or aggregate analysis.
-
Example: Aggregating survey results so that individual responses cannot be linked to specific participants.
-
GDPR Status: Not considered personal data – once data is truly anonymized, GDPR no longer applies.
-