By Donrich Thaldar

Simply as Zeus, the King of the Gods in Greek mythology, assumed varied types to hide his true id, so does trendy information typically endure transformations to masks its origins. Zeus may change into a swan, a bull, and even golden rain to realize his functions — all whereas sustaining his essence. Equally, pseudonymization strategies intention to change information sufficient to guard particular person privateness with out dropping the core info crucial for analysis or evaluation. This entails changing information topics’ figuring out info in a dataset with distinctive codes, whereas conserving one other dataset that hyperlinks these information topics’ figuring out info with their allotted codes. Due to this fact, simply as Zeus’ transformations had been typically seen by by eager eyes, pseudonymized information might be re-identified by these getting access to the linking dataset.

Identifiability inside datasets has at all times been the cornerstone in figuring out if a dataset falls beneath the protecting umbrella of knowledge safety legal guidelines. However whether or not context is related in making this dedication has been controversial. In different phrases, ought to the query of whether or not a dataset is identifiable be reply in a context-agnostic approach (no one wherever on the planet can determine the info topics within the dataset), or ought to it’s answered with regards to a particular context (within the palms of a particular particular person, that particular person can’t determine the info topics within the dataset)? This query has been on the coronary heart of a number of debates and even reached the steps of European courts. Only in the near past, within the landmark case of Single Decision Board v European Knowledge Safety Supervisor, the European Knowledge Safety Supervisor argued that even with pseudonymization, information topics usually are not really cloaked in anonymity. Why? As a result of someplace, tucked away, there exists a linking dataset that would doubtlessly unmask their id. Nevertheless, the EU Basic Courtroom, counting on an earlier case of Breyer v Federal Republic of Germany, held that identifiability needs to be seen by the lens of the actual context of the concerned social gathering standing earlier than them in courtroom. Thus, if such social gathering doesn’t have lawful entry to the linking dataset, in its palms the pseudonymized dataset is considered as anonymized information, and the European information safety regulation doesn’t apply to it. Sad with this judgment, the European Knowledge Safety Supervisor has filed an enchantment. The enchantment should nonetheless be heard within the EU Courtroom of Justice.

All this litigation raises the query: How does South Africa’s Safety of Private Info Act (POPIA) cope with pseudonymized information? Though POPIA doesn’t explicitly seek advice from pseudonymized information, I argue that it governs pseudonymized information in a context-specific approach, for 2 causes: First, POPIA’s take a look at for whether or not private info has been de-identified facilities round whether or not there’s a “fairly foreseeable technique” to re-identify the knowledge. Reasonability in South African regulation is related to an goal, context-specific inquiry. Second, POPIA itself contemplates situations the place the identical dataset will probably be identifiable in a single context, however not in one other.

A helpful strategy to floor this theoretical dialogue is thru the instance of two hypothetical universities — College X and College Y — which are engaged in collaborative analysis. College X collects well being information from contributors however instantly pseudonymizes it. The college retains a separate linking dataset that would re-identify the info if wanted. When this pseudonymized dataset is with College X, which additionally has the linking dataset, the info qualifies as “private info” beneath POPIA. Due to this fact, any processing of this information, together with evaluation for analysis, should adjust to POPIA’s circumstances.

However what occurs when College X shares this pseudonymized dataset with College Y, which doesn’t obtain the linking dataset? The dataset will not be identifiable within the palms of College Y. In different phrases, College Y can course of this information with out falling beneath POPIA. Right here, a conundrum arises. When College X transfers the pseudonymized dataset to College Y, does it have to stick to POPIA’s guidelines for information switch? In any case, for the time being of switch, the pseudonymized dataset remains to be in charge of College X. Does this not imply that POPIA ought to apply to the switch? I counsel not. For the reason that act of switch is oriented in the direction of College Y (the recipient), and the pseudonymized dataset will not be identifiable within the palms of College Y, POPIA doesn’t apply to the act of transferring the pseudonymized dataset.

The context-specific interpretation of identifiability in POPIA opens the door for a extra nuanced understanding of knowledge sharing, notably in analysis collaborations. On the one hand, the establishment that collects, generates and pseudonymizes the info (College X) should adhere to POPIA’s provisions for all inside processing of the info — so long as it retains the aptitude to re-identify the info. Alternatively, the receiving entity (College Y) will not be sure by the identical necessities if it lacks the means to re-identify the info. This twin strategy appears to supply the most effective of each worlds: fostering collaborative analysis whereas upholding the ideas of knowledge privateness.

Navigating the realm of knowledge privateness is as intricate as deciphering the myriad types of a shape-shifting deity. However, at its core, the objective stays constant: defending the essence of id, whether or not divine or digital. And as we transfer ahead, the hope is that we’ll discover a steadiness that respects each the search for information and the sanctity of id.

Associated