Amendment ID: S2608-28

Amendment 28

De-Identified Data Definition Alignment

Mr. Tarr moves that the proposed new draft be amended by striking out lines 55 though 61 and inserting in place thereof the following:- “De-identified data”, data that cannot reasonably be used to infer information about, or otherwise be linked to, an identified or identifiable individual, or a device linked to such individual, if the controller that possesses such data: (i) takes reasonable physical, administrative and technical measures to ensure that such data cannot be associated with an individual; (ii) publicly commits to process such data only in a de-identified fashion and not attempt to re-identify such data; and (iii) contractually obligates any recipients of such data to meet the obligations of clauses (i) and (ii).