Singapore: Adopted Guide to Basic Anonymisation

On 31 March 2022, the Singapore Personal Data Protection Commissioner (PDPC) has published its Guide to Basic Anonymisation, containing practical guidance for businesses wishing to perform anonymisation of data sets. Anonymisation, which allows converting personal data into data that cannot be used for identifying individuals, is explained in terms of the process, applicable tools and data sharing agreements. The anonymisation process is described in five steps, knowing the data, de-identifying the data, application of anonymisation techniques, computing the risks, and managing these risks. The Guide introduces various anonymisation techniques, including record suppression, character masking, pseudonymisation, generalisation, swapping, data perturbation, and data aggregation.