Spike: no subject privacy level

Bengfort requested to merge spike-no-subject-privacy-level into master

While trying to reduce our dependency on the pseudonym service for !491 (merged) I realized that quite some calls to resolve_pseudonym() (3 of 13) are done to check the subject privacy level.

Context: In !315 (merged) we added subject privacy level in addition to attribute privacy level. We later realized that this actually conflicts with data separation on a conceptual level (see #42 (closed)).

Given the complexity (and the requirement to break data separation) this feature introduces for an IMHO niche usecase I think it is worth considering dropping this feature.

Merge request reports