Only if you can/do meaningfully anonymize the data. Eg, knowing the subnet of most/all Norwegian isps, it's trivial to recover ips that are simply hashed (probably even with salt), similarly Norwegian phone numbers are only eight digits, so any kind of deterministic mapping is likely to be too trivial to actually amount to anonymization.
Also rember that one of the goals is to avoid illicit linking - so being able to verify that ip n.n.n.n is the same as slow_hash(salt+other-ip) won't fly as "not storing".
In general, anonymizing data in sparse populations is tricky - where "small" can be quite large. Just imagine building a bitfield of variables like: sex,age +/-50;2 bits. Rough location (easily 6 bits), browser (2 bits), mobile? 1 bit - that's already 12 bits etc. See also NYC taxi dataset, eg (not the article I had in mind, but seems to cover similar points):
Also rember that one of the goals is to avoid illicit linking - so being able to verify that ip n.n.n.n is the same as slow_hash(salt+other-ip) won't fly as "not storing".
In general, anonymizing data in sparse populations is tricky - where "small" can be quite large. Just imagine building a bitfield of variables like: sex,age +/-50;2 bits. Rough location (easily 6 bits), browser (2 bits), mobile? 1 bit - that's already 12 bits etc. See also NYC taxi dataset, eg (not the article I had in mind, but seems to cover similar points):
https://research.neustar.biz/2014/09/15/riding-with-the-star...