The difference between what you are doing here and the other public profiles you mention is consent.
When a user creates a profile on Stack Overflow or Hacker News, they are consenting to share whatever data they give on that particular platform.
When a user created a profile on Triplebyte, up until now, they were consenting to that data being used in a private profile for the purpose of connecting them with job opportunities, privately. Now, you've emailed all of your users on a Friday evening to say "by the way, if you don't opt-out in the next week, we will take this data that you gave to us under the assumption that it would be private, and make it public (and potentially searchable)."
By saying "we'll do it unless you say no", you are not getting consent.
If you're familiar with the tea analogy of consent, a la https://www.youtube.com/watch?v=oQbei5JGiT8, this would be like you saying "well, other users (not necessarily every user, or you, the user in question right now) have had tea (not necessarily the same type of tea) from other platforms. This is just like that. So, if you don't say no to our tea in the next week, we're going to drop the tea on you. We hope you enjoy!"
You are not just "launching public profiles for a product that has not had them in the past", you are launching public profiles and on them you are _sharing data that was given to you under the agreement that it was private_. You are using data that folks gave you in a very, very different way than for the purpose they gave it.
Finally, just to really drive this home, you say "What we've focused on to keep that from harming anyone is what data we include in the profiles."
And, what data is that? What personal data, given under the agreement that it would stay private, won't harm someone if made public?
Full (presumably legal, or at least professional) name, coupled with profile picture (presumably a clear photo of their face) and, I'm guessing, also the locations they said they were looking for a job in? Although, fine, in most cases sharing that data is mainly annoying and trust-breaching, that combination of information can be devastating if leaked. Consider a person who has escaped an abusive ex-partner, and has managed to keep private about what new city they've moved to, now popping up in a Google search for their name that has their picture and the fact that they're looking for a job in Los Angeles. This person probably isn't your core user-base, but stories like this are real, they happen, and if you get enough users, they will be among your real life user stories. You have to consider user stories like this when you are trusted with personal information.
When a user creates a profile on Stack Overflow or Hacker News, they are consenting to share whatever data they give on that particular platform.
When a user created a profile on Triplebyte, up until now, they were consenting to that data being used in a private profile for the purpose of connecting them with job opportunities, privately. Now, you've emailed all of your users on a Friday evening to say "by the way, if you don't opt-out in the next week, we will take this data that you gave to us under the assumption that it would be private, and make it public (and potentially searchable)."
By saying "we'll do it unless you say no", you are not getting consent.
If you're familiar with the tea analogy of consent, a la https://www.youtube.com/watch?v=oQbei5JGiT8, this would be like you saying "well, other users (not necessarily every user, or you, the user in question right now) have had tea (not necessarily the same type of tea) from other platforms. This is just like that. So, if you don't say no to our tea in the next week, we're going to drop the tea on you. We hope you enjoy!"
You are not just "launching public profiles for a product that has not had them in the past", you are launching public profiles and on them you are _sharing data that was given to you under the agreement that it was private_. You are using data that folks gave you in a very, very different way than for the purpose they gave it.
Finally, just to really drive this home, you say "What we've focused on to keep that from harming anyone is what data we include in the profiles."
And, what data is that? What personal data, given under the agreement that it would stay private, won't harm someone if made public?
Full (presumably legal, or at least professional) name, coupled with profile picture (presumably a clear photo of their face) and, I'm guessing, also the locations they said they were looking for a job in? Although, fine, in most cases sharing that data is mainly annoying and trust-breaching, that combination of information can be devastating if leaked. Consider a person who has escaped an abusive ex-partner, and has managed to keep private about what new city they've moved to, now popping up in a Google search for their name that has their picture and the fact that they're looking for a job in Los Angeles. This person probably isn't your core user-base, but stories like this are real, they happen, and if you get enough users, they will be among your real life user stories. You have to consider user stories like this when you are trusted with personal information.
This ain't it.