As the linked article states, all personally identifiable information is removed, but you still want to be able to say "Alice worked with Bob in folder 1, and that same Alice worked with Charlie in folder 2", so you assign unique identifiers to each user, such that you can't tie Alice to "Prof. Smith at University of Chicago", but you can tie folder 1 and folder 2 to the same Alice.

The GDPR has provisions for information like this, specifically to say that small pieces of information can together still constitute personal data. Consider that you can retrieve names if you map someone's professional interactions with this kind of detail.

Regardless of whether or not the GDPR applies to these people, it's a useful tool to illustrate why this kind of data is still wrong to share (especially without any kind of consent!).