At least you want to disable EUI-64 , i.e. the last 64 bits of the address. more realistically, you want to rent a lot more to really be private, as the rest will still only identify one subnet (for example, one house)
IPv6 global addressing is very hierarchical, from RFC2374 :
| 3| 13 | 8 | 24 | 16 | 64 bits | +--+-----+---+--------+--------+--------------------------------+ |FP| TLA |RES| NLA | SLA | Interface ID | | | ID | | ID | ID | | +--+-----+---+--------+--------+--------------------------------+ <--Public Topology---> Site <--------> Topology <------Interface Identifier----->
The question is how private is private enough? Separate 64 bits and you define the LAN subnet, not the user. Divide another 16 and you define a small organization, i.e. an ISP client, for example. company / branch with several subnets. Divide the following 24, you basically defined an ISP or a really big organization.
You can implement this using a bitmask in the same way as for an IPv4 address, the question becomes legal, although "how much do I need to deprive it of compliance with specific legislation" and not technical at that moment though.
Flexo source share