Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications
Paragraph 2.4.2 Anonymization and pseudonymisation
76. If data must leave the vehicle, consideration should be given to anonymize them before being transmitted. The EDPB recalls that the principles of data protection do not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable. Once a dataset is truly anonymised and individuals are no longer identifiable, European data protection law no longer applies. As a consequence, anonymization, where relevant, may be a good strategy to keep the benefits and to mitigate the risks in relation to connected vehicles.
77. As detailed in the opinion adopted in April 2014 by the Article 29 Working Party on anonymization techniques, various methods can be used – sometimes in combination – in order to reach data anonymization.
78. Other techniques such as pseudonymisation can help minimize the risks generated by the data processing, taking into account that in most cases, directly identifiable data are not necessary to achieve the purpose of the processing. Pseudonymisation consists of replacing directly identifying personal data by a non-signifying pseudonym. This can be done by, for example, using a secret-key hash algorithm. Pseudonymisation, if reinforced by security safeguards, improves the protection of personal data by reducing the risks of misuse. Pseudonymisation is reversible, unlike anonymization, and is considered as personal data subject to the GDPR.