I suspect that for commercial reasons all the data would be encrypted. There is no reason for the airline to hold the decryption key that could be held by a trusted third party repository say IATA. It would be possible for the data to require two decryption keys one from the repository and one from the airline. So access is only possible in the case of an accident and not for random trawling by bored airline management.
Yes, that's an excellent way to do it. It's probably wise to encrypt it all anyway, so that nothing can be intercepted by a hostile third party. My main point was that the pilot-sensitive data would not be accessed unless regulatory permission was obtained. There should be no reason for pilots to be alarmed.
The regs would probably mandate that all data be destroyed / deep-archived within a set timeframe.