Anonymity might apply to different people and processes. Data subjects may be granted anonymity, and anonymity may be given to those providing information and those acting upon it, in which case it grants specific forms of power. Anonymity for information providers or users may be practiced, for example, when there is fear of discrimination, that is, concern that information from particular sources might be privileged over others. However, having no identifier can cause distrust. The practice of pseudonymity ensures that a user may use a resource or service without disclosing their user identity, but can still be accountable for that use (based on having a pseudonym). Where anonymity for data subjects is concerned, data aggregation can allow re-identification, that is, processes by which anonymized personal data is matched with its owner.

  • Be aware of and consistent about what or who is being protected when anonymity is granted
  • Reflect upon how anonymity is safeguarded in data processing and data aggregation
  • Reflect on how anonymity might supports trust or distrust.


Common Criteria (2012). Common Criteria for Information Technology Security Evaluation. [Link
EDPS. (2015). European Data Protection Supervisor: Opinion 4/2015: Towards a new digital ethics. [Link]
EPIC (2013) Re-identification. [Link
Nissenbaum, H. (1999). The meaning of anonymity in an information age, The Information Society, 15(2) 141-144. [Link
Fast, L. (2014) Coping with Danger: Paradigms of Humanitarian Security Management. In Aid in Danger: The Perils and Promise of Humanitarianism (pp 173-226). Philadelphia: University of Pennsylvania Press.
General Data Protection Regulation (European Commission, 2016) [Link]

Related Guidance

Accountable Anonymity

Privacy and Personal Data Protection

Data Protection Impact Assessments

Transparency of Data Processing