alt Hacker News> The fact that a person is a student at the school can be very sensitive information.
But they were already in the directory? That's much more "out there" than the gossip site.
I'm really skeptical of this line of logic. It feels like motivated reasoning based on not liking the site, because a privacy issue like that is easier to attack (if it's real). I think the meaningful criticisms are based on the actual functionality, the commenting.
I understand that opinion, but the opposite view is now conventional. Corporate/college directories are usually not available in public, but only with a local auth. Even if the scraping site restricted signups to local email addresses, the college is responsible for the distribution of its directory PII so could not allow this.
Leaking PII like this would be illegal in Canada for example.