I think the key point is that the anonymized data includes modifications to the data as well as the additional controls that the data user or data recipient has to put in place—additional security controls, privacy controls and contractual controls. It's not just about the data; it's about the additional controls.
These are contextual in the sense that, depending on the sensitivity of the data, you may implement more controls, for example. It's not just about the data; it's about the data and the context around it, or the additional administrative and technical controls around it.