Thank you very much for this post. I agree that privacy seems to be a massive blindspot for EA. I think it is a common blindspot for well-meaning people/groups, because they find it hard to imagine how adversarial actors might actually act.
As a counterbalance to the “convenience” benefits offered by tech cloud platforms, I want to point out that there are also people who are concerned about data privacy who may hesitate to participate in EA activities/workshops/bootcamps or apply to EA grants/orgs if it would require handing over copious amounts of personal information or even having a LinkedIn profile (given LinkedIn’s terrible reputation with privacy). I am one such person.
I know there are always trade-offs between convenience and security, and that LinkedIn is widely used in recruitment spaces. But I would like to see more considered discussion of these trade-offs within EA. Currently the default just seems to rely on a high degree of trust, but even well-meaning people might can inadvertently leak other people’s information (e.g. feeding example profiles into an AI to help them write their own profile). My initial impression is that there is much more that could be done to protect privacy without significant convenience cost.
For example, I attended EAGx Virtual conferences in 2023 and 2024. The Google sheets with over 1000 attendees’ personal data (which is maintained by CEA) was shared with all attendees, and I still have access to these in 2025. I don’t see much benefit for these documents to exist at all, let alone remain publicly accessible years after the conference has ended. This likely also breaches data privacy laws in many jurisdictions, including the GDPR, which has a principle of data minimisation and requiring data to be kept no longer than is necessary.
At the very least, the retention policies for widely shared documents should be seriously considered.
Thank you for that addition.
I think my post is due for an update soon. I still hold mostly the same concerns as described in the post, but by now the trade-offs between convenience and risk have shifted for many people due to
the more obvious rise of fascism
anyone having the capability with LLMs now to extremely cheaply evaluate each person who’s data they have access to
Thank you very much for this post. I agree that privacy seems to be a massive blindspot for EA. I think it is a common blindspot for well-meaning people/groups, because they find it hard to imagine how adversarial actors might actually act.
As a counterbalance to the “convenience” benefits offered by tech cloud platforms, I want to point out that there are also people who are concerned about data privacy who may hesitate to participate in EA activities/workshops/bootcamps or apply to EA grants/orgs if it would require handing over copious amounts of personal information or even having a LinkedIn profile (given LinkedIn’s terrible reputation with privacy). I am one such person.
I know there are always trade-offs between convenience and security, and that LinkedIn is widely used in recruitment spaces. But I would like to see more considered discussion of these trade-offs within EA. Currently the default just seems to rely on a high degree of trust, but even well-meaning people might can inadvertently leak other people’s information (e.g. feeding example profiles into an AI to help them write their own profile). My initial impression is that there is much more that could be done to protect privacy without significant convenience cost.
For example, I attended EAGx Virtual conferences in 2023 and 2024. The Google sheets with over 1000 attendees’ personal data (which is maintained by CEA) was shared with all attendees, and I still have access to these in 2025. I don’t see much benefit for these documents to exist at all, let alone remain publicly accessible years after the conference has ended. This likely also breaches data privacy laws in many jurisdictions, including the GDPR, which has a principle of data minimisation and requiring data to be kept no longer than is necessary.
At the very least, the retention policies for widely shared documents should be seriously considered.
Thank you for that addition. I think my post is due for an update soon. I still hold mostly the same concerns as described in the post, but by now the trade-offs between convenience and risk have shifted for many people due to
the more obvious rise of fascism
anyone having the capability with LLMs now to extremely cheaply evaluate each person who’s data they have access to