The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Identifiability, as a data risk: is a uniform approach to anonymisation about to emerge in the EU?

Identifiability, as a data risk: is a uniform approach to anonymisation about to emerge in the EU?
Identifiability, as a data risk: is a uniform approach to anonymisation about to emerge in the EU?
The concept of identifiability remains a foundational yet contentious criterion in European Union data protection law.This paper examines recent developments that have shaped the European Union (EU)’s approaches to identifiability and anonymisation, including trends in the Court of Justice of the European Union (CJEU) case law, national supervisory authorities’ assessments of anonymisation processes, and the recent European Data Protection Board Opinion 28/2024 addressing the anonymity of artificial intelligence models.The paper explores how the balance between over-inclusiveness and under-inclusiveness is being calibrated, suggesting the emergence of a functional definition of personal data in CJEU case law. It underscores the importance of the burden of proof in evaluating anonymisation processes, as confirmed by national supervisory authorities’ assessments. Finally, it highlights how to ensure consistency between the GDPR and data sharing mandates stemming from the new generation of EU data regulations.
1867-299X
Stalla-Bourdillon, Sophie
c189651b-9ed3-49f6-bf37-25a47c487164
Stalla-Bourdillon, Sophie
c189651b-9ed3-49f6-bf37-25a47c487164

Stalla-Bourdillon, Sophie (2025) Identifiability, as a data risk: is a uniform approach to anonymisation about to emerge in the EU? European Journal of Risk Regulation.

Record type: Article

Abstract

The concept of identifiability remains a foundational yet contentious criterion in European Union data protection law.This paper examines recent developments that have shaped the European Union (EU)’s approaches to identifiability and anonymisation, including trends in the Court of Justice of the European Union (CJEU) case law, national supervisory authorities’ assessments of anonymisation processes, and the recent European Data Protection Board Opinion 28/2024 addressing the anonymity of artificial intelligence models.The paper explores how the balance between over-inclusiveness and under-inclusiveness is being calibrated, suggesting the emergence of a functional definition of personal data in CJEU case law. It underscores the importance of the burden of proof in evaluating anonymisation processes, as confirmed by national supervisory authorities’ assessments. Finally, it highlights how to ensure consistency between the GDPR and data sharing mandates stemming from the new generation of EU data regulations.

Text
ssrn-5118064 - Accepted Manuscript
Available under License Creative Commons Attribution.
Download (420kB)

More information

Accepted/In Press date: 30 January 2025
Published date: 30 June 2025
Related URLs:
Learn more about Southampton Law School research

Identifiers

Local EPrints ID: 498585
URI: http://eprints.soton.ac.uk/id/eprint/498585
ISSN: 1867-299X
PURE UUID: a7f9f12f-65fa-42ba-970b-57a3cfda33fb
ORCID for Sophie Stalla-Bourdillon: ORCID iD orcid.org/0000-0003-3715-1219

Catalogue record

Date deposited: 21 Feb 2025 17:38
Last modified: 22 Aug 2025 02:03

Export record

Contributors

Author: Sophie Stalla-Bourdillon ORCID iD

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×