European Union Agency for Network and Information Security </b> <br/><br/>
Recommendations on shaping technology according to GDPR provisions  An overview on data pseudonymisation  enisa 
.--  Prokopios Drogkaris ; Athena Bourka 
.-- Attiki, Greece  ENISA  november 2018 
.-- 43 p.  1 fichero .pdf 
<br/><br/>Contiene bibliografía 
<br/><br/> Pseudonymisation is an established and accepted de-identification process that has gained additional attention following the adoption of the General Data Protection Regulation (GDPR), where it is referenced as both a security and data protection by design mechanism. As a result, in the GDPR context, pseudonymisation can motivate the relaxation to a certain degree of data controllers’ legal obligations if properly applied. In this report, we present an overview of the notion and main techniques of pseudonymisation in correlation with its new role under GDPR. In particular, starting from the definition of pseudonymisation (as well as its differences from other key techniques, such as anonymization and encryption), the report first discusses its core data protection benefits. Following this analysis, the report then addresses some techniques that may be utilised for pseudonymisation, such as hashing, hashing with key or salt, encryption and other cryptographic mechanisms, tokenization, as well as other relevant approaches. Last, certain pseudonymisation use cases and best practices are discussed, focusing especially on the area of mobile apps and revisiting some of the earlier discussed techniques. Although the report does not seek to conduct a detailed analysis of the different aspects related to specific pseudonymisation methods and implementations, it touches upon some of the key issues in this regard. However, further research is needed, as well as practical experience, involving all stakeholders in the field 
<br/><br/><label>ISBN: </label>978-92-9204-281-3	 
<br/><br/><label>Núm. Estándar: </label>10.2824/74954  .  doi 
<br/><br/><label><b>Materias:</b></label> Tecnologías habilitadoras digitales<br/>
<br/><br/><label><b>Términos de indización - No controlado:</b> </label>computer network    <br/>data protection  <br/>data-processing law   <br/>digital technology  <br/>information storage  <br/>information technology  <br/>Internet access provider  <br/>mobile phone   <br/>protection of privacy  <br/>regulation of telecommunications  <br/>software  <br/>