LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is the difference between absolute anonymization and factual anonymization?

Absolute anonymization means no one — not even the data controller — can ever restore the personal reference. Factual anonymization means re-identification is theoretically possible but practically infeasible given current technology and resources.

Absolute anonymization:

  • The personal reference is permanently destroyed
  • No key, no mapping, no technical means exist to reverse it
  • Even the organization that anonymized the data cannot undo it
  • Rarely achievable in practice

Factual anonymization:

  • Re-identification is theoretically possible but would require disproportionate effort
  • The effort needed exceeds what any reasonable attacker would invest
  • Considered sufficient under most data protection frameworks
  • Must be regularly re-evaluated as technology advances

Why this distinction matters:

Under GDPR and revDSG, data that is either absolutely OR factually anonymized falls outside the scope of data protection regulation — the source states the data protection laws do not apply to both forms. The practical question is almost always about factual anonymization: what counts as "sufficient" effort to make re-identification disproportionate is debated and evolving, because advances in computing power, AI, and available datasets can turn factually anonymous data back into re-identifiable data over time. Because a controller cannot know what extra knowledge a third party holds, it must structurally ensure no de-anonymization is possible regardless of such side knowledge.

Tip: Think of it like shredding a document — cross-cut shredding (factual anonymization) makes reconstruction impractical, while incineration (absolute anonymization) makes it impossible.

Go deeper:

From Quiz: PRIVACY / Identities, Anonymity & Data Protection Goals | Updated: Jul 05, 2026