There is a growing tendency to release all sorts of public data on the Internet. The greater availability of interoperable public data catalyses secondary use of such data, which leads to growth of information industries and better government transparency. Open data policies may, nevertheless, be in conflict with the individual’s right to information privacy as protected by the Data Protection Directive. This directive sets rules to the processing of personal data in the European Union. Technological developments and the increasing amount of publicly available data are, however, blurring the lines between non-personal and personal data. Open data may not seem to be personal data on first glance especially when it is anonymised or aggregated. However, it may become personal data by combining it with other publicly available data or when it is de-anonymised. In this article, we argue that these developments extend the reach of European Union privacy regulation to open data, which may obstruct the implementation of open data policies in the European Union.

Open data, privacy legislation, European Union