Rina Steenkamp - Privacy and technology
1. If the data processed by a controller do not permit the controller or processor to directly or indirectly identify a natural person, or consist only of pseudonymous data, the controller shall not process or acquire additional information in order to identify the data subject for the sole purpose of complying with any provision of this Regulation.
2. Where the data controller is unable to comply with a provision of this Regulation because of paragraph 1, the controller shall not be obliged to comply with that particular provision of this Regulation. Where as a consequence the data controller is unable to comply with a request of the data subject, it shall inform the data subject accordingly.
[Source: October 2013]
(45) If the data processed by a controller do not permit the controller to identify a natural person, the data controller should not be obliged to acquire additional information in order to identify the data subject for the sole purpose of complying with any provision of this Regulation. In case of a request for access, the controller should be entitled to ask the data subject for further information to enable the data controller to locate the personal data which that person seeks. If it is possible for the data subject to provide such data, controllers should not be able to invoke a lack of information to refuse an access request.
[Source: October 2013 | Notes: Recitals | Context: Recitals]
Article 10 clarifies that the controller is not obliged to acquire additional information in order to identify the data subject for the sole purpose of complying with any provision of this Regulation.
[Source: January 2012 | Context: Proposal from the European Commission]
If the data processed by a controller do not permit the controller to identify a natural person, the controller shall not be obliged to acquire additional information in order to identify the data subject for the sole purpose of complying with any provision of this Regulation.
[Source: January 2012 | Context: Proposal from the European Commission]
(45) If the data processed by a controller do not permit the controller to identify a natural person, the data controller should not be obliged to acquire additional information in order to identify the data subject for the sole purpose of complying with any provision of this Regulation. In case of a request for access, the controller should be entitled to ask the data subject for further information to enable the data controller to locate the personal data which that person seeks.
[Source: January 2012 | Notes: Recitals | Context: Proposal from the European Commission, Recitals]