B. Anonymized
Anonymized data is data that has been processed in such a way that it can no longer be used to identify an individual, either directly or indirectly. Once data is truly anonymized, it is no longer considered personal data and falls outside the scope of the GDPR. This is because anonymized data does not pose the same privacy risks as data that can be linked to an individual.
Pseudonymized, encrypted, and masked data still fall within the scope of the GDPR because they can potentially be re-identified or decrypted to reveal personal information.
https://commission.europa.eu/law/law-topic/data-protection/reform/what-personal-data_en#:~:text=Different%20pieces%20of%20information%2C%20which,the%20scope%20of%20the%20GDPR.
B. ANONYMIZED
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible.
https://commission.europa.eu/law/law-topic/data-protection/reform/what-personal-data_en#:~:text=Different%20pieces%20of%20information%2C%20which,the%20scope%20of%20the%20GDPR.
B. ANONYMIZED
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible.
To all saying B: anonymized data have been specified as a form of data within the GDPR. Encryption has been discussed in te GDPR only as a form of additional security, not as a type of data. Thus when the question is "what type of data lies beyond the scope" it's encrypted data. Hence answer C.
Scope here should refer to what type of data falls under GDPR, not whether it is discussed or not.
The GDPR specifically does not apply to data that is not considered personal data, ie.: anonymized data. Encrypted data may still be considered personal data, and as such it should be B.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
JackDoe
Highly Voted 2 years, 2 months agoNani1982
Most Recent 5 months, 4 weeks agoSsourav
6 months, 3 weeks agoaliblabla
10 months, 1 week agosaffron
10 months, 2 weeks agoSnickersname
1 year, 2 months agoSnickersname
1 year, 2 months agoloejee
1 year, 3 months agoSecretInvasion
1 year, 3 months agoEvelynRavioli
1 year, 11 months agoZeroStatic
1 year, 10 months agoVanda77
1 year, 12 months agoAymanOthman
2 years agoZA2022
2 years, 1 month ago