The GDPR, as with the previous Data Protection Directive, features a simple dichotomy - data is either identifiable, "personal" and thus subject to the Regulation, or it is not. However, scholars have considered whether an intermediary category should be introduced for data that might not be identifiable, yet nonetheless should be subject to some segments of the regulatory scheme (focus on pages 20-27 of the Solove and Schwartz article). What is the logic behind this proposal? If the proposal were adopted, what aspects of the regulatory scheme should be applied to this intermediary category? In your opinion, should this proposal be adopted?

https://scholarship.law.gwu.edu/cgi/viewcontent.cgi?referer=&httpsredir=1&article=2103&context=faculty_publications