Hmmm…, There’s a lot of tok again about pseudonymity, lately. As if that would ever work. Same, with homomorphic encryption as a means to that end.
Both missing the mark, since both missing the point. The point being: Deanonymisation isn’t about backtracking the encrypted info, decrypting it or so, it’s about the metadata. It’s not about the ‘content’ of the data point; it’s about the class identifier (which you’ll need for any useful use of the data point – otherwise random data would do &ndash) that, linked with other-class identifiers, leads to just one (i.e., < 3 remember?) human having all those classifiers as attributes. Not the data (content) counts, but the use of the classifiers over them i.e. the meta- Now, that only regards data points ‘at rest’ rather: their static properties. Pseudo it may be, by the dictionary literal meaning of that adjective being: Seemingly, but not of fact. Seemingly, to the gullible that wants to believe in fairy tales. Yes, Euro-politicians indeed, in the GDPR.
[Edited to add: this proof.]
Add in ‘traditional’ metadata, info (like, classifiers) about the effects of the content on processing. When your doctor calls, and within ten minutes you call the STD clinic, the content of your call doesn’t need to be encrypted — the conclusion’s already there. That sort of thing. Metadata isn’t protected in the way as in and of itself it will not reveal anything of your persona. It is ‘protected’ (quod non) by being PII, but the identifying data (caller ID &c.&c.) is readily available in systems that every right and purpose to collect them (how else will you phone co. be able to bill you …?). Again, the content may be pseudo’d but – see above. And the sources of auxiliary data will be spread far wider and will be much less protected or less-quality-encrypted/pseudo’d then in the straightforward case, if at all.
Since metadata is partly-but-pre-processed conclusions i.e., information, it’s much more valuable to extortionist conmen, gov’t agencies and other parties of similar moral value. Note that these parties may not care if they inferred the wrong thing like in the above example, they don’t care about false positives but will make you pay anyway due to the difficulty of repudiation and through silently disqualifying you for all sorts of societal benefits like work, respectively and yes that’s too long a sentence. But hence, while you might be busy pseudo’ing as per above, if at all, the problem may not be in that even if you would have made any progress there.
Also: Privacy’s an emergent property. Take the easiest roads: Data minimisation; by design; by default, by rock solid information security. The latter, e.g., by the letter and spirit of the new one on the block
That’s it. No question marks, no call for response as you’ll not give any, anyway. Leaving you with:
[Ávila it is, protecting you through the ages. Hehhehheh… gotcha, it’s Monteriggioni in Italy, not quite the size eh?]