The vast majority of users do not expect that their digital identity could be stitched together so easily. We can either imply that they deserve this for imagining they had any privacy, or we could take a normative stance and make it difficult to reveal someone’s private information. We have a choice. We can pass laws and ban this nonsense.

But people might be deceived into publishing their information. For example, social networks motivate them to do it by saying things like "make it easier for your friends to find you" or "share photos with your friends" and not saying the truth that the information will be accessible to criminals, marketing companies, corrupt governments, and weird mentally ill people from anonymous Internet forums.

"such as an electronic address"

so what is an electronic address?

Yet it's still user's data, and if it's under GDPR article 14 fall into place (you have to inform them that you are using that data, how, for how long, ...)

https://gdpr.eu/article-14-personal-data-not-obtained-from-d...