Document Type : Original Article
Authors
1 Master’s Graduate in Private Law, University of Tehran, Tehran, Iran.
2 Associate Professor, Faculty of Law and Political Science, University of Tehran, Tehran, Iran
Abstract
In all countries and under personal data protection laws, specific principles such as legality, accuracy and security, purpose limitation, and data minimization have been established to minimize violations of personal data privacy. Additionally, these legal frameworks reference certain technical methods for the secure processing of personal data, including pseudonymization. However, due to insufficient attention to the details of these methods and tools in the laws of leading jurisdictions, or the absence of legal provisions in countries such as Iran, there remain significant ambiguities regarding the proper implementation, effects, economic aspects, and role of pseudonymization in ensuring compliance with data processing principles.This study, employing a descriptive-analytical approach and relying on both printed and digital library resources, adopts a comparative perspective to examine the technical methods and specific requirements for effective pseudonymization. It seeks to answer the key question: To what extent does pseudonymization contribute to the precise implementation of legal data processing principles? The findings indicate that although pseudonymization reduces the direct link between data and individuals' identities, it is insufficient on its own to ensure full compliance with legal processing principles—particularly if it is implemented in a manner that remains reversible. However, when combined with other techniques such as data encryption, pseudonymization can significantly enhance compliance with data processing principles.
Keywords
)