You're right about "anonymized" and "anonymous". We do point out avenues to reach anonymity.

The legalese is for informed consent since biological materials are involved, handling liability and pointing out that the exercise itself was experimental and an early step towards productionzation.

The physical token could be a UX nightmare and it could get expensive at scale. Using a more developed app which accept revocable public keys from the user might be more workable.