The paper said that the value of data is indisputable. Data have become a key factor for scientific research, public administration and an ever-growing digital economy. Development of promising technologies such as Big Data or Machine Learning greatly depends on being fed a large quantity of data. 

This increasing demand for personal data has entailed a renewed interest in anonymisation techniques and processes. Hash functions have been used for a long time in order to provide an additional protection when processing personal data. 

However, there is doubt regarding to what extent hash functions constitute an efficient pseudonymisation technique, as well as whether, under certain circumstances, such as the original message having been deleted, the hash value may be even considered as anonymised. 

This decision is of paramount importance to determine, among other things, effective compliance of the rights recognised by the GDPR in certain types of processing, such as research, traffic data analysis or geolocation, blockchain and others. Legal, technical and process management considerations are factored in when making the appropriate decision and, therefore, those involved in making this decision may need to have a basic knowledge of hash techniques and their potential risks. 

This essay was addressed to data controllers who wish to use implementations based on the use of hash functions in order to pseudonymise or anonymise personal data. It briefly presents the basic aspects of hash functions, their properties and the possibility to re-identify the message generated by the hash, while also establishing certain guidelines to analyse the suitability of hash function-based processing.