I can think of two problems.
TMI is usally done be log levels so we can decide how much we want to see at a certain time error, debug, info, ....
the leaking of private data is more tricky because it's a question of definition also it depends on exposure. If i 'leak the data' to my harddisk and it's concious, secured, ... etc out of protocol reasoning based on my field of work it's not that bad.
if i console.log the secret hashes of my system in the browser ... that's a different topic.
These are my initial thoughts. I probably am missing something.
j
stuff ;)