Objectives¶

Adversaries in the data garden are not here for a leisurely stroll. They are digging through the compost, rummaging under the mulch, and pulling up every root they can find. The aim is exposure: not the pleasant kind, like a bit of spring sun, but the sort that turns anonymised data into personal profiles, behaviours into blueprints, and networks into neat little diagrams of who-knows-whom.

Identity disclosure¶

The crown jewel of any data-harvesting expedition: matching the pseudonymous daffodil in your dataset to an actual person. This is the moment an adversary looks at a string of identifiers and confidently says, “Ah yes, that’s Bob from Amsterdam.” Once identity is disclosed, privacy stops being theoretical and starts being personal.

Content disclosure¶

Sometimes it is not just who you are, but what you have got growing in your patch. Content disclosure is the unmasking of sensitive personal data: medical conditions, political leanings, sexuality, religious beliefs, memberships, and other protected petals. This includes identity documents and bank details (the kind of data that does not belong in the wild unless you are actively trying to be burgled).

Link disclosure¶

If you cannot quite identify the flower, try tracing the roots. Link disclosure is about relationships: who talks to whom, who buys what, who follows which fertiliser brand on Instagram. Even when identities stay technically hidden, connections often give the game away. It is like identifying someone not by their name, but by recognising every plant in their allotment.