Tea required users to upload selfies and IDs, and collected IP addresses. This week, that data was leaked. It never should have been collected. It’s a liability. We need to stop normalizing KYC and unnecessary data collection online.