Google is spying on you: what is “pseudonymization”, this practice that protects your personal data?

Systems used for online advertising placement broadcast 340 times a day on average, data from French Internet users, according to a survey by an Irish non-governmental organization.

“Biggest data breach ever recorded”. This Monday, May 16, the Irish Council for Civil Liberties (ICCL) revealed that tech giants like Google and Microsoft were spying on the French over 340 times a day on average. Indeed, your activities would be tracked approximately once per minute by thousands of companies. This data will allow advertisers to target people based on their interests.

France is the 11th most hunted country in Europe, according to the conclusions of this survey which establishes that the British (462), the Poles (431) and the Spaniards (426) are the most targeted on the continent. But how do you protect your personal data?

What is pseudonymization?

“Pseudonymization is the processing of personal data carried out in such a way that‘we can no longer assign data relating to a natural person without additional information“, explains the National Commission for Computing and Liberties (CNIL). More concretely, pseudonymization consists of replacing directly identifying data (surname, first name, etc.) with indirectly identifying data (alias, sequential number, etc. ).

And to recall that: “Pseudonymisation thus makes it possible to process the data of individuals without being able to identify them directly. In practice, however, it is very often possible to find the identity of these thanks to third-party data. : the data concerned therefore retains a personal character.”

Pseudonymization then constitutes one of the recommended measures by the General Data Protection Regulation (GDPR), to limit the risks associated with the processing of personal data.

What are the differences with anonymization?

According to the CNIL, anonymization is a processing of personal data which consists of using a set of techniques in such a way as to make it impossible, in practice, to re-identify the person, by any means whatsoever. Unlike pseudonymization, anonymization is therefore an operation irreversible.

GDPR however encourages the use of pseudonymization in the context of the processing of personal data. Pseudonymisation indeed reduces the risk of correlating a set of data with the original identity of a data subject: it is therefore a useful security measure. The anonymization process implies, for its part, a necessary loss of information.

Leave a Comment