Search Postgresql Archives

Re: Key encryption and relational integrity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 01/04/19, Moreno Andreo (moreno.andreo@xxxxxxxxxx) wrote:
...
> I'm not forced to use pseudonimysation if there's the risk to get
> things worse in a system. I've got to speak about these"two opposing
> forces at work" to a privacy expert (maybe choosing another one, as
> Peter suggested :-) ) and ask him if it could be used as a matter of
> declining pseudonymisation because of "pseudonimysation puts at risk
> overall performance or database integrity"

How to interpret the pseudonymisation conditions is ... complicated. The
UK's Information Commissioner's Office (ICO) writes that
pseudoanonymisation relates to:

    “…the processing of personal data in such a manner that the personal
    data can no longer be attributed to a specific data subject without
    the use of additional information, provided that such additional
    information is kept separately and is subject to technical and
    organisational measures to ensure that the personal data are not
    attributed to an identified or identifiable natural person.”

and that this "...can reduce the risks to the data subjects".

The concept of application realms may be relevant to consider here. An
application may be considered GDPR compliant without pseudonymisation if
other measures are taken and the use case is appropriate.

On the other hand, a copy of a production database in testing which has
been pseudonymised may, if compromised, still leak personal data. As the
ICO states:

    “…Personal data which have undergone pseudonymisation, which could
    be attributed to a natural person by the use of additional
    information should be considered to be information on an
    identifiable natural person…”

https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/what-is-personal-data/what-is-personal-data/

If leakage occurs pseudonymisation has achieved nothing.

Therefore it may be useful to determine if data in a usage realm should
be either fully anonymised or not at all. In the latter case the normal
GDPR controls must all pertain.

Rory







[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux