Everyone loves to preach ethics and accountability but I think lots of people in tech secretly dislike the constraints. Or not so secretly if they work at fb.
For everything you do, you should consider "what if this is used by the worst person to target the most vulnerable people?" Stalker exes, online scammers, insurance companies, 4chan wieners, toxic MRAs, data brokers working for PIs etc. Assume an open S3 bucket with data from 5000 users. Imagine how much identify theft and intimate partner violence that could enable.
Security companies ('threat intel') routinely scan new pastes to find nice stuff, like creds and code, and also C&C from bots. Pastebin is a bit gauche for that now. Even S3 bucket scanning is too everyday.
For everything you do, you should consider "what if this is used by the worst person to target the most vulnerable people?" Stalker exes, online scammers, insurance companies, 4chan wieners, toxic MRAs, data brokers working for PIs etc. Assume an open S3 bucket with data from 5000 users. Imagine how much identify theft and intimate partner violence that could enable.