European Union: EDPB opened consultation on Pseudonymisation Guidelines

On 17 January 2025, the European Data Protection Board (EDPB) opened a consultation on the "Guidelines 01/2025 on Pseudonymisation", until 28 February 2025. The Guidelines aim to clarify the use and benefits of pseudonymisation for controllers and processors. In particular, the Guidelines clarify that pseudonymised data constitute information related to an identifiable natural person and is therefore still personal data. In addition, they clarify that pseudonymisation can reduce risks and support the use of legitimate interests as a legal basis for processing, provided all GDPR requirements are met. The Guidelines also explain how pseudonymisation can help organisations meet their obligations relating to the implementation of data protection principles, data protection by design and default, and security. Finally, the Guidelines analyse technical measures and safeguards, when using pseudonymisation, to ensure confidentiality and prevent unauthorised identification of individuals.