DCC
Data Compliance China
Search · ⌘K
DCC · DATA COMPLIANCE CHINA China data law, for overseas counsel.
Back
§ 032 · ANONYMIZATION

From 'Cannot Be Restored' to 'Difficult to Restore' — TRIMPS on Whether Anonymization Is Absolute, and Whether It's Recipient-Relative

The Third Research Institute of the Ministry of Public Security (TRIMPS) — the body behind China's classified-protection regime and national eID platform — takes on the two questions that determine whether anonymization actually gets data out of PIPL scope. First: does PIPL's 'cannot be restored' standard (Art 73) require re-identification probability of literally zero? The 2025 draft PI Anonymization Guide quietly softened it to 'difficult to restore,' aligning China with the GDPR 'all reasonable means' test and reframing anonymization as a dynamic, continuously-assessed, risk-based process rather than a one-time terminal state. Second: is anonymization recipient-relative — can the same dataset be PI in one party's hands and anonymized in another's? TRIMPS reads the EU SRB v EDPS case and UK ICO guidance toward 'yes,' with major implications for how overseas counsel structure data sharing and cross-border transfer.

DCC Editorial SOURCE · ZH .MD ↓

Editor’s Note — DCC.

Anonymization is the single most consequential threshold in Chinese PI law: PIPL Article 4 excludes anonymized information from the definition of personal information, so anonymized data falls outside the entire PIPL compliance regime — no consent, no cross-border assessment, no deletion right. Which makes the question “is this data actually anonymized?” one of the highest-stakes determinations a compliance team makes. This TRIMPS piece — by 姚迁 (Yao Qian) of the institute’s Data Security Technology R&D Center — works two sub-questions that the bare statutory text leaves open: whether the standard is absolute (re-identification probability zero) or risk-based, and whether it’s recipient-relative. TRIMPS is the body that helps write the implementing standards, so its reading is an early signal of where the compliance bar settles. DCC reproduces the analysis with framing for overseas counsel.

Why anonymization is the threshold that matters

PIPL Article 4 defines personal information as information relating to identified or identifiable natural persons — and expressly excludes anonymized information. The consequence is categorical: once data is genuinely anonymized, it leaves PIPL’s scope entirely. No legal basis required for processing, no PIIA, no cross-border security assessment, no individual rights to honor. The compliance-cost differential between “anonymized” and “merely de-identified” is enormous.

That differential is exactly why the determination gets abused. Yao opens by flagging a recurring practice problem: data handlers describe their processing as “de-identification” / “desensitization” / “pseudonymization” (去标识化 / 脱敏 / 假名化) while simultaneously claiming the output “cannot be restored,” “cannot identify any specific subject,” “has no possibility of identifying any individual” — language that actually asserts the anonymization legal standard. The conflation is not cosmetic: if the output truly meets the anonymization bar, it should be characterized as anonymized with supporting proof; if it only reaches de-identification, the data remains personal information and stays fully within PIPL.

Question 1 — Is “cannot be restored” an absolute zero?

PIPL Article 73 defines the two tiers precisely:

  • De-identification (去标识化) — processing such that PI cannot identify a specific natural person without additional information. Reversible if recombined with the additional information.
  • Anonymization (匿名化) — processing such that PI cannot identify a specific natural person and cannot be restored. The added requirement is irreversibility.

The literal text — “cannot identify” + “cannot be restored” — reads as an absolute standard. Yao’s question: does anonymization require re-identification probability to drop to literally zero?

International practice says no

Yao surveys the comparative position, which trends clearly against the absolutist reading:

  • GDPR defines anonymous information as data that does not relate to an identifiable person, or is processed such that the subject is no longer identifiable — and requires accounting for “all the means reasonably likely to be used” to identify. A reasonableness test, not an absolute one.
  • Spanish DPA + EDPS, “Ten Misunderstandings about Anonymisation” — explicitly names “anonymisation can always reduce re-identification probability to zero” as a misconception. A valid anonymization process aims to reduce re-identification probability below a defined threshold, not to zero.
  • Singapore PDPC, Basic Anonymisation Guide — anonymization means “very low” re-identification risk, not absolute impossibility; it should be treated as a risk-based process combining anonymization techniques and safeguards.

China’s 2025 draft Guide softens the text

The pivotal development: China’s 2025 draft Personal Information Protection — PI Anonymization Guide (个人信息匿名化指南(征求意见稿)) addresses the question directly — and shifts the wording. Where PIPL Article 73 says “cannot be restored” (不能复原), the draft Guide says anonymized information is “difficult to restore” (难以复原) without paying high cost.

Yao flags this as a deliberate loosening: “difficult to restore” concedes that anonymization is not absolute irreversibility but rather high irreversibility under prevailing technology and reasonable cost constraints — the GDPR “reasonable means” logic, arriving in the Chinese standard through the back door of a definitional gloss.

The draft Guide adds a second move that matters as much: anonymization is not a one-time achievement. As use continues and technology advances, previously anonymized data that becomes re-identifiable reverts to personal-information status — so the handler must continuously assess re-identification risk on anonymized data. Anonymization is reframed as a dynamic, continuously-monitored process, not a terminal state reached once and relied on forever.

Question 2 — Is anonymization recipient-relative?

The second question is the one with the largest structural consequence: does the anonymization determination depend on who holds the data?

The scenario: a dataset is personal information in Party A’s hands (A has the re-identification capability or the key), but in Party B’s hands — where B lacks any reasonable means to re-identify — could the same dataset be anonymized? PIPL doesn’t specify whose identification capability the “cannot identify / cannot restore” standard refers to, leaving interpretive room.

  • UK ICO (Anonymisation, Pseudonymisation and Privacy Enhancing Technologies guidance) — the same information may be personal data in one organization and anonymous in another; status depends on the context it sits in.
  • EU — SRB v EDPS — the EU General Court, citing the Breyer case (C-582/14), advanced a “relativity of personal data” position: data status turns on whether the recipient can reasonably identify the individual, not on the controller’s identification capability. In that case, Deloitte (the recipient) received only coded comments, held no decoding key, and had no lawful route to the additional identifying information — so, for Deloitte, the data was anonymized, and the controller (SRB) had no notification duty. Even the EU — which had insisted pseudonymized data is not anonymized — has moved toward subject-relativity in the case law.

The operative formula

Yao distills the recipient-relative logic into a clean formula:

De-identified (pseudonymized) data + a specific recipient with no reasonable re-identification capability = anonymized data — but only as to that specific recipient.

The practical upside: de-identified data can be non-personal-information in the hands of a recipient that can’t re-identify it, which creates a technical buffer space for data sharing and reduces compliance burden on the sharing side. The practical cost: the same dataset can carry different legal characterizations at different points in its flow, multiplying case-by-case assessment complexity and uncertainty.

TRIMPS’s three recommendations

Yao closes with three operational recommendations — notable because they come from the institute that helps set the standards.

1. Standardize concept usage

Strictly distinguish “de-identification (covering desensitization, pseudonymization)” from “anonymization,” and use the terms precisely in all documents and plans — no conflation. For each processing step, document the specific technique and its corresponding security level. Above all, answer the core question directly: is the processing target de-identification or anonymization? The two carry fundamentally different legal consequences and cannot be blurred.

2. Introduce case-by-case (recipient-perspective) assessment

Because anonymization is not zero-risk, the provider’s unilateral anonymization processing alone does not eliminate post-transfer re-identification risk. Before data leaves the domain, conduct a recipient-specific re-identification risk assessment for each intended recipient — factoring in that recipient’s data environment, technical capability, and already-held correlatable data — and set differentiated security controls accordingly. Yao suggests commissioning an independent third-party assessor to opine, per recipient, on whether the data “may still constitute personal information in that specific recipient’s environment,” as the basis for cross-border / out-of-domain approval.

3. Implement the recipient’s assessment obligation + contractual no-re-identification clause

Given that subject-relativity is not yet settled in Chinese law, the recipient should, before ingesting the data, commission an independent specialist assessment of whether the data meets the anonymization standard in the recipient’s own environment and technical conditions — with a written report as a required approval artifact. And critically: contractual constraint is the key institutional safeguard for maintaining the anonymized state. The most important clause is the no-re-identification obligation — the recipient must not use its own technical means or data resources to reverse-identify or re-link the anonymized data it received.

What this tells overseas compliance teams

  • “Anonymized” is a load-bearing legal claim — document it like one. The compliance-cost gulf between de-identified (in PIPL scope) and anonymized (out of scope) makes the determination a high-value target for scrutiny. Don’t let processing be described in de-identification vocabulary while claiming anonymization effect. Pick the target standard explicitly and prove it.

  • Stop treating anonymization as a one-time terminal state. The draft Guide reframes it as dynamic and continuously-assessed: anonymized data that becomes re-identifiable (through your later data accretion, or advancing technique) reverts to PI status, with full PIPL obligations re-attaching. Build a recurring re-identification-risk review into the data lifecycle, not a one-time sign-off.

  • The “difficult to restore” softening is a double-edged development. It makes anonymization achievable (you don’t need to prove literal-zero re-identification), but it also makes it contestable (the bar is now a reasonableness/threshold judgment a regulator can second-guess). The defensible posture is a documented, threshold-based risk assessment — not an absolute “impossible to restore” assertion you can’t actually support.

  • Recipient-relativity is the most useful — and most fragile — lever. If the relativity reading holds, de-identified data shared with a recipient that demonstrably can’t re-identify it may be non-PI for that recipient, easing the sharing side’s burden. But the determination is recipient-specific and context-dependent; the same dataset is PI again the moment it reaches a party with re-identification capability. For cross-border transfer especially, assess each recipient’s environment individually — don’t treat anonymization as a property of the dataset alone.

  • The no-re-identification contractual clause is now table stakes. Where you rely on recipient-relative anonymization (or share de-identified data at all), the receiving-party contract must include an explicit prohibition on re-identification and re-linking, backed by the recipient’s data-security obligations. TRIMPS treats this as the institutional safeguard maintaining the anonymized state — build it into every data-sharing and cross-border agreement.

  • Watch the PI Anonymization Guide to final. The 2025 draft is the document that will operationalize all of the above. When it finalizes, the “difficult to restore” standard, the continuous-assessment obligation, and (possibly) a position on subject-relativity will become the operative compliance baseline. Track it; pre-position your anonymization methodology and documentation against it.

The deeper signal in a TRIMPS piece on this topic: the institution that anchors classified protection and the national eID platform is telling the market that anonymization is a risk-managed, continuously-assessed, recipient-aware process — not a one-time technical scrub that permanently exits PIPL. Overseas teams that have been treating “we anonymized it” as a durable get-out-of-PIPL card should expect that posture to be tested. The compliance-grade approach — documented threshold assessment, per-recipient evaluation, continuous monitoring, contractual no-re-identification — is the one TRIMPS is signaling the standard will require.

姚迁, 个人信息匿名化的一些问题 (Some Questions on Personal Information Anonymization), 三所数据安全 (TRIMPS Data Security) WeChat Official Account. Original article (Chinese).

Not legal advice. The above is DCC’s structured summary of Yao’s analysis, with framing for overseas counsel; the comparative survey, the “cannot restore” → “difficult to restore” reading, the subject-relativity analysis, and the three recommendations are Yao’s.

FILED UNDER

— Not legal advice.

§ SUBSCRIBE

The Monday brief.

One short email every Monday. New briefs on Chinese data-compliance rules from the previous week, with the source law cited.

Opt-in only. Unsubscribe anytime by replying "unsubscribe" to any issue.