Gonzalo F. Gállego, Santiago de Ampuero, and Juan Ramón Robles of Hogan Lovells write:
A new EU General Court ruling has nuanced the threshold between pseudonymous and anonymous data. In particular, it clarifies that supervisory authorities need to carry out a “test” to assess whether data can be deemed personal data or not, opening the possibility of pseudonymized data not being deemed personal data. Under this approach, the same data in different hands can qualify as both personal data and non-personal data, depending on the factual and legal circumstances in the specific scenario, and the actual ability of each party to identify the data subject. Note that this ruling can still be appealed with the European Court of Justice (which is likely to occur).
Read more at Engage.