Standard Disclosure under CPR Part 31: redact non-party identifiers – UK GDPR-compliant anonymisation per CPR Part 31
Standard disclosure under CPR Part 31 requires each party to disclose documents on which it relies, adverse documents, and documents that support another party's case; anonym.legal pseudonymises non-party names, addresses, and contact details across the entire disclosure list and accompanying documents, preserving the substantive evidential narrative while satisfying UK GDPR obligations.
When this applies
Applies when the court has ordered standard disclosure under CPR Part 31 and the solicitor must inspect, list, and share documents that contain third-party personal data before exchange of lists.
How anonym.legal handles it
- Upload the full disclosure bundle — typically a List of Documents (N265) and the underlying documents — in PDF or DOCX format.
- anonym.legal identifies non-party names, addresses, telephone numbers, email addresses, and other personal identifiers across all uploaded files using over 285 entity types.
- Each non-party is assigned a consistent pseudonym (e.g. 'Witness A', 'Third Party B') throughout the entire bundle so cross-references remain coherent.
- Substantive evidential content — dates, financial figures, contract terms, and the factual narrative — is preserved in full.
- A reversible pseudonym-to-real-name mapping is stored in an encrypted table with EU data residency.
- Review the pseudonymised bundle before exchange; re-identify with the stored key when producing the final disclosed set for the other side.
What you provide
- List of Documents (Form N265) or equivalent schedule
- Underlying documents to be disclosed (PDF or DOCX)
- List of party names to retain in clear (claimant, defendant, legal representatives)
Limitations & cautions
- anonym.legal does not assess whether a document is privileged or falls within a CPR Part 31 exception — legal privilege review remains the solicitor's responsibility.
- The proportionality assessment under CPR Part 31.5 and decisions on withholding must be made by a qualified lawyer.
- Re-identification requires secure retention of the mapping key; loss of the key renders re-identification impossible.
FAQ
Does anonym.legal automatically distinguish party names from non-party names?
You provide a list of party names and legal-representative names to retain in clear; the engine treats all other personal identifiers as non-party data subject to pseudonymisation.
Can I use the pseudonymised bundle for the court bundle as well?
No — the court bundle should contain full names unless the court has made an anonymity order. Use the re-identification step to restore clear names before filing with the court.
Will the N265 list remain structurally intact?
Yes, anonym.legal processes DOCX and PDF without altering document structure, pagination, or formatting — only personal-identifier text is replaced.
Does processing comply with UK GDPR Article 5?
Pseudonymisation under UK GDPR Article 5(1)(e) is a recognised data-minimisation technique. anonym.legal applies reversible pseudonymisation with EU data residency, consistent with data-minimisation and storage-limitation principles.
What if a document contains special-category data such as medical records?
Special-category data (UK GDPR Article 9) is identified and pseudonymised with the same approach. You should note the special-category nature in your data-processing record and apply appropriate access controls to the mapping key.
Related tasks
- Specific Disclosure Application under CPR Part 31: prepare redacted exhibit
- Redacted exhibits under CPR Part 31: pseudonymise non-party data in disclosed exhibits
- Electronic disclosure under Practice Direction 51U: pseudonymise large document sets
- Non-party access under CPR 5.4C: prepare redacted court file copy