An approach is provided for de-personalizing data. A request is received from an application for retrieval of data. An end user associated with the request is authenticated. A determination is made whether to mask the data based on the request and the authentication. In response to the determination, a masking algorithm is selected to apply to the data and to output mask data.