I suspect a lot of people overestimate how special their code is. Also, if your code exists in a private repo on GitHub, then you're already trusting the same third party when using GitHub Copilot.
This isn't just about IP. In the not so distant future we'll find out about 3 letter agencies using companies like OpenAI to deploy corporate backdoors with ease.