What is Re-Identifiable Data" and Why Tech Regulation Should Measure its Risk

Are regulators playing an unwinnable game of whack-a-mole with AI security? Every week, a new vulnerability. Every month, a new privacy policy update that no one reads. This is the definition of a failed strategy.

Consider an AI-powered healthcare app. A well-meaning regulator, focused on privacy, mandates that the company simply list all the data points it collects. The company complies, producing a long, unreadable list. This is “doing data wrong.”

It’s wrong because it creates a dangerous illusion of transparency while completely missing the real risk. A malicious actor doesn't care about the list; they care that by combining a few “innocuous” data points—like your zip code, birth date, and gender. They won't need any unique identifiable data if they can access a good group of the re-identifiable ones. In the digital word, data such as screen resolution, language setting, and installed fonts can create a unique digital fingerprint and re-identify you without your consent. The checklist failed because it never forced an assessment of the actual risk of the collected user data. Privacy is never about one single identifiable data point. It's about the combination of a few identifiable ones.

We are stuck in a reactive cycle of patching vulnerabilities and publishing disclosures. To break free, we need a new playbook. I call it the "Isolate and Measure" Doctrine.

The analogy comes from public health. To manage a pandemic, you don't just list symptoms. You do two fundamental things: you Isolate the sick to prevent transmission, eliminating the attack vector. And you Measure the rate of spread in the population to quantify and manage the remaining risk. We must apply this same rigorous, two-pronged approach to our digital infrastructure.

Let’s go back to that healthcare app regulator. Armed with the "Isolate and Measure" Doctrine, their strategy is transformed:

1. ISOLATE: First, they focus on the integrity of the computation itself. They would mandate or incentivize that the AI's confidential processing runs on physically isolated hardware resources—a technique known as “core gapping”. This isn't another software patch. It is a structural defense that dedicates specific CPU cores to a single confidential task, ensuring no other processes—not even the hypervisor—can run on that core and steal secrets through shared microarchitectural state. This single move eliminates entire classes of devastating transient-execution attacks by design. You isolate the critical process to make it structurally secure.

   
   

2. MEASURE: Second, for the data the app legitimately collects, they move beyond the useless checklist. They mandate that the company quantify its re-identification risk. This is achieved by measuring the joint entropy of the data, accounting for the powerful correlations between different data points. Under this model, the company can't just say it collects language and keyboard_layout. They would have to report that the

   combination of these two attributes creates, for example, 5 bits of identifying information, because the two are highly correlated. This provides a concrete, mathematical measure of privacy risk that can be managed, minimized, and audited.

   
   

This is the path to building systems that are not just compliant, but demonstrably trustworthy.

So, what does this mean in practice?

• For Policymakers & Regulators: Your questions must change. Stop asking for vulnerability patch lists and data collection checklists. Start demanding structural resilience and quantitative risk metrics.

  • Ask: “How are you physically isolating this system's critical computations to eliminate entire classes of hardware attacks?”

  • Ask: “What is the measured, joint-entropy risk of the user data you collect, and what is your plan to reduce it?”

• For Tech Leaders & Builders: This is how you build a defensible and trustworthy platform. Stop chasing individual bugs and hiding behind vague privacy policies.

  • Architect for isolation. Use core-gapping and similar principles to make your systems structurally resilient to side-channel and transient-execution attacks.

  • Start measuring your data’s entropy. This is the ultimate proof that you take privacy seriously. It’s a quantitative metric that replaces legal jargon with mathematical rigor.

My purpose is to bring these powerful concepts from the frontiers of research into practical application. This knowledge isn’t mine to keep; it’s a necessary foundation for a digital society that is both innovative and safe. The future of AI governance depends on us moving beyond reactive patches and into a new era of principled, measurable, and structurally sound design.

The future of AI governance requires moving beyond reactive patches and vague policies. To get exclusive, research-backed frameworks for building trustworthy and secure systems, join our community mailing list. If you're a leader shaping technology policy or building high-stakes AI, schedule a 20-minute consultation to discuss a more robust, principled approach to security and privacy.