Skip to content

The Protective Capacity of the Criterion of ‘Identifiability’ under EU Data Protection Law

Worku Gedefa Urgessa


Data protection laws operate under a general assumption that if identifiable data is covered by their protective rules, fundamental rights to privacy and data protection are properly protected. This article aims to challenge this and other established assumptions underlying the ‘identifiability’ criterion which serves as one of the essential building blocks of the definition of personal data in the EU data protection law. The article also analyses key problems associated with the application of the criterion assuming that it serves as a fairly good mechanism of protection. A focus is made on legislative sources at the EU level though national laws are re­lied on when pertinent.

Worku Gedefa Urgessa, University of Oslo — Norwegian Research Centre for Computers and Law, Oslo, Norway. For correspondence: <>. The author would like to thank Professor Lee A Bygrave and the three anonymous reviewers for their valuable support and constructive comments on the earlier versions of this work. The usual disclaimer applies.


Lx-Number Search

(e.g. A | 000123 | 01)

Export Citation