Personal Data is any information that relates to an identified or identifiable person. It includes obvious identifiers like a name, but also less obvious ones like an online identifier, location traces, or combinations of attributes that make someone “identifiable enough” in practice - wikipedia 
- ico.org.uk .
In modern civic systems, personal data is not just admin trivia. It is power. Data can be used to help people, but it can also be used to sort, target, chill speech, exclude minorities, or quietly pressure dissenters. That makes privacy a democratic capability rather than a luxury: without it, participation becomes performative, and deliberation becomes a risk-managed activity instead of honest thinking.
Some of the most important inputs to a healthy polis are also the most sensitive. Health status, disability, demographic background, sexual identity, and neuroatypical cognitive style can all matter for fair representation and for the diversity of perspective in a Citizen Assemblies process. They are also exactly the categories people may have strong reasons to keep private: fear of stigma, employment harm, family conflict, targeted harassment, or simply the right to live without explaining oneself to a bureaucracy.
A privacy-first approach starts with a boring principle that turns out to be revolutionary in practice: Data Minimisation. If a deliberative process only needs to know “this group is within its representation bounds,” then it does not need a spreadsheet of everyone’s intimate attributes. The more the institution collects, the more it becomes a honeypot, and the more it trains itself into treating people as data subjects rather than participants.