In digital security there is the concept of "defense in depth", that no one product, feature, approach or safeguard is going to magically make you protected from attacks. What's required are multiple overlapping layers of protection that collectively work together to create a more protected whole.
We're seeing more of this with privacy and user data. The author very correctly points out some issues with hashing and "pure" anonymization. It's more correctly considered "pseudonymization" (which is a recommended GDPR technique [1]).
All of which is to say _it's still an improvement over nothing_ and when layered with other techniques can help protect user privacy.
Defense in depth is a lesson other industries have learned - that's why airliners are incredibly safe these days. It's not safe because parts don't fail - they do fail, as the recent engine compressor failure showed. But the airliner is designed to withstand those failures, the pilot is trained to deal with them, and the process is designed to prevent them from happening again.
Notably the Fukushima Nuke plant and Deepwater Horizon disasters did not have defense in depth. One failure each had a zipper effect.
(Of course, defense in depth is a concept from the military, look how medieval castles are constructed for a very visible implementation of it.)
We're seeing more of this with privacy and user data. The author very correctly points out some issues with hashing and "pure" anonymization. It's more correctly considered "pseudonymization" (which is a recommended GDPR technique [1]).
All of which is to say _it's still an improvement over nothing_ and when layered with other techniques can help protect user privacy.
1 - https://blog.varonis.com/gdpr-requirements-list-in-plain-eng...