🚨 CASE LAW UPDATE ⚖️ Case T‑557/20 European General Court (EGC) can be a true landmark decision on the question what qualifies as personal data and on the concept of pseudonymisation.

May 6th, 2023

Since the decision Breyer (C-582/14) in 2016 it was common practice to consider indirect identifiable data always as personal data, because there is someone who may hold the key for the identification. In Case T-557/20, Single Resolution Board (SRB) v European Data Protection Supervisor (EDPS) - Case T‑557/20 the EGC now came to the conclusion that transferring pseudonymised data may lead to anonymisation. Key question is, if the reidentification is reasonably possible for the recipient.

The decision is likely to be appealed. If it is upheld by the European Court of Justice (CJEU), it will lead to a major shift and makes international data transfer easier.