EU General Court Clarifies When Pseudonymized Data is Considered Personal Data
The General Court of the European Union emphasized that the transmission of pseudonymized data to a data recipient will not be considered personal data if the recipient cannot re-identify the data subjects.
Adopting the Court of Justice’s decision in Breyer, the Court acknowledged that when assessing whether information which has been pseudonymized constitutes personal data for the recipient, one must take into account what resources are available to that recipient for re-identification. If neither the data recipient nor any other entity has access to the means of re-identifying the data subjects, then the transmitted data can rightfully be thought of as anonymised.
Moreover, personal views or opinion may constitute personal data, but only if they are demonstrably linked to a particular person through their content, purpose or effect. Therefore, deciding whether such sentiments should be treated as personal data requires examining each instance individually.
This judgement can be appeal to the Court of Justice of the European Union.
Source: EU General Court Clarifies When Pseudonymized Data is Considered Personal Data | Inside Privacy