His "ToS" are clearly that he will publish everything like any other KYC/ID service. But he should have made it like the pros. "Oopsie the email got leaked..." That said email is shit. It's public by default (ironically like Bitcoin). GDPR (another story) is the biggest bullshit ever produced. Since it got introduced surveillance increased by a factor of 1000. Data got leaked by a factor of 100 and people got killed more by a factor of 10. All non sovereign, non decentralised, non open source, non private digitalisation projects would be illegal if GDPR mattered.

You guys are writing on a public censorship resistant system. What do you expect? Most do not care for anonymity, OpSeC and privacy until it is too late. Most post from their iPhone No VPN, no tor, no onion, no i2p. If they use a VPN, they also use it for their google account they couldn't get rid off. They use Bitcoin and defend its cumbersome weak privacy guarantees. This is a global public square. The most interesting (that's why we are here) and dangerous place to be. Rules without rulers means living by example. Making the place less dangerous is partially a cultural thing and partially not possible. There will always be trolls Feds and other state terrorists trying to stir the shit. Not defending anybody here. Just stating what everybody voluntarily signed up for.