Pseudonymous data: processing personal data while mitigating risks

Thomas Zerdick, Head of Technology and Privacy

The first rule in data protection is: if you do not need personal data, do not collect personal data.

I believe that the second rule in data protection is: if you really need personal data, then start by pseudonymising this personal data.

Pseudonymisation is a foundational technique to mitigate data protection risks. The EU’s personal data protection legislation defines pseudonymisation as the processing of personal data in such a way that this data can no longer be attributed to a specific individual, without the use of additional information.

EDPS-DPO meeting: protecting individuals’ data during COVID-19


Today, on what should have been the 50th EDPS-DPO meeting with the 69 data protection officers (DPO) of the EU institutions, bodies and agencies (EUIs), we decided to hold a second 49th EDPS-DPO meeting online, which focused on data protection and COVID-19 in the EUIs.

While we were very much looking forward to mark the 50th anniversary of this strong cooperation between our institution and the network of DPOs in person, the current circumstances do not allow us to do so. Nevertheless, we hope that such celebrations can be organised in 2022.

TechSonar: technologies worth monitoring

Wojciech Wiewiórowski

It is undeniable that - amongst a number of difficulties – the COVID-19 pandemic will leave us with many lessons learned. Above all, we have certainly learned that the world changes and will continue to change, sometimes quite unexpectedly. We have also realised that there is room for manoeuver whereby we can understand the changes, anticipate them, and direct them towards a more sustainable future.

An Orwellian Premonition: a discussion on the perils of biometric surveillance

Wojciech Wiewiórowski

It has become a tradition for the EDPS and EDPB trainees to organise a data protection conference at the end of their traineeship which summarises their experience at both institutions. The trainees are free to choose their own format, topic and speakers; in doing so, it is their chance to lead their own discussions on data protection.

DPOs - EDPS 49th meeting: a menu of workshops and exchanges on current data protection issues


The 49th meeting of the EDPS and the European institutions, bodies and agencies’ network of data protection officers (DPO) took place on 4 June 2021.

I am proud that we managed to organise, with the precious help of a number of DPOs from a support group, two rounds of online workshops on different topics of interest for our DPO colleagues. With these online workshops, we try to recreate the interactive and dynamic environment akin to our traditional in-person meetings pre-COVID-19.

Data for the public good: Building a healthier digital future

Wojciech Wiewiórowski

The outbreak of the COVID-19 pandemic has drastically changed the priorities of various actors around the world, both public and private. The health crisis has accelerated the pace of digital transformation and has triggered public debate on the legal measures and technical solutions adopted in response to the pandemic.

The debate has not been limited to traditional data protection and privacy concerns. More fundamental questions have emerged, concerning the rule of law, the legitimacy of ‘emergency measures’ and their practical effects on citizen’s everyday lives.

Democratic Societies in the Digital Age: what role for data protection?

Wojciech Wiewiórowski


With their creativity, sense of innovation, teamwork and drive, the EDPS and EDPB trainees produced a podcast entitled “Democratic Societies in the Digital Age”, a three-part series in which they invited experts from wide-ranging professional backgrounds to cover a number of pertinent subjects related to data protection.  

This blogpost, written by EDPS and EDPB trainees, summarises what they have learned from these insightful discussions.