LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is the essential difference between pseudonymization and anonymization?

Pseudonymization is reversible (and stays personal data); anonymization is irreversible (and leaves GDPR scope).

A reversibility decision splits into pseudonymization (reversible, still personal data) and anonymization (irreversible, out of GDPR scope).

* Reversibility is the dividing line: pseudonymization stays personal data, anonymization leaves GDPR scope. *

Pseudonymization Anonymization
What Replace identifiers with pseudonyms Strip/generalize/suppress until no one is identifiable
Techniques Hashing, encryption, tokenization Generalization, suppression, aggregation
Key property REVERSIBLE — restore identity with the key IRREVERSIBLE — re-identification computationally infeasible
GDPR status Still personal data Outside GDPR scope (when done correctly)

The dividing line is reversibility. Pseudonymization keeps a path back to the person (intentionally), so it's a security safeguard, not an exit from the regulation. Anonymization aims to burn the bridge entirely.

Tip: Reversible → still regulated. Irreversible → free. The whole legal difference hinges on that one word.

Go deeper:

From Quiz: PRIVACY / Data Anonymization — k-Anonymity, l-Diversity & Re-identification | Updated: Jul 14, 2026