Answer: Perform tokenization for Pseudonymization with the Cloud Data Loss Prevention API, and store that data in BigQuery for later use.

The question requires protecting sensitive PII data (email addresses, first names) in BigQuery while allowing operations teams access to non-sensitive data and enabling HR to access the sensitive fields on a need-to-know basis. Tokenization for pseudonymization (Option D) is the optimal solution because it replaces sensitive data with reversible tokens, allowing authorized users (HR) to re-identify the original data when needed, while operations teams see only tokenized values. This aligns with privacy regulations by maintaining data utility for authorized purposes. Option A (data masking) is less suitable as it uses deterministic hashing (e.g., SHA-256), which is irreversible and prevents HR from accessing original data, and it is vulnerable to brute-force attacks. Option B (data redaction) removes or irreversibly obscures data, making it inaccessible even to HR. Option C (data inspection) only identifies sensitive data without protecting it. The community discussion strongly supports D (81% consensus, with upvoted comments emphasizing tokenization's re-identification capability for HR), while A has limited support (19%) and is criticized for its security weaknesses.

Author: LeetQuiz Editorial Team