The score is a heuristic 0–100 index. It is not a formal certification — use it to guide controls and prioritize a DPIA.
1 · Base score
Every export starts at 35 pts — timestamped interaction graphs, sender linkage, and channel metadata already create moderate re-identification exposure even after pseudonymisation.
2 · Dimension deltas
message content +22, team +5, role +5, status +4, tenure +4, location +3, type +2.
3 · Combinatorial penalty
Each additional enabled dimension beyond the first adds +3 pts. This reflects how combinations like team + role + tenure are more identifying than a simple linear sum.
4 · Multipliers
Time window ×0.65–1.45 · k-anonymity ×0.72–1.55 (k=10 neutral; higher k → lower risk, lower utility) · Org size ×0.75–1.50.
5 · Final score
raw = (base + deltas + combination penalty) × multipliers, clamped 0–100.
0–44 Low · 45–71 Moderate · 72–100 High.
Heuristic estimates only — not a substitute for a formal DPIA or differential-privacy audit before production use.