关键词: 匿名化, 去标识化, 假名化, 多方计算, 个人信息保护, 数据流通

Abstract: Demands for data in various industries have experienced rapid growth since data became key production factor. Data Security Law (taking effect on September 1, 2021) enhanced an increasing comprehensive legal framework for information and data security in the PRC. Due to its private and sensitive nature, personal information will receive more rigorous protection and regulations under the Personal Information Protection Law of China. While details differ, the Draft Personal Information Protection Law of China shares main concepts of anonymization and de identification with its EU parallels. Starting from the regulations of Europe and the United States, this paper provides insights into the gaps between concepts of anonymization of the two parties, then we evaluate the feasibility and worthiness of learning for both. This paper combines the relevant provisions of China with the data transaction scenario based on multi-party computing (MPC), and analyzes the possible problems in the application of the relevant provisions of anonymization and de identification. Finally, from the perspective of personal information protection and data circulation, this paper puts forward suggestions on anonymization and de identification and their relevant provisions.

Key words: anonymization, de-identification, pseudonymisation, multi-party computation, personal information protection, data circulation