# Pseudonymization vs Anonymization One-sentence definition: Pseudonymization replaces identifiers but can be reversed with a key; anonymization removes linkage irreversibly. ## Key Facts - Pseudonymization supports analytics with lower exposure; key protection critical. - Anonymization reduces regulatory scope but is hard to guarantee (re-identification risk). - Techniques: k-anonymity, l-diversity, t-closeness, differential privacy (concepts). - Context and auxiliary data affect re-identification risk. - Document risk analysis, controls, and utility trade-offs. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Select technique meeting both privacy and utility needs. **Mnemonic:** “Pseudo = Possibly back.” ## Mini Scenario Q: Share health stats publicly—what’s safer? A: Anonymization with strong aggregation; assess re-identification risk. ## Revision Checklist - Define both terms. - Name two privacy models. - Explain auxiliary data risk. ## Related [[Tokenization]] · [[Data Masking and Redaction]] · [[Privacy Principles and Data Protection]] · [[Data Minimization and Purpose Limitation]] · [[Data Loss Prevention (DLP)]] · [[Domain 2 - Index]]