It actually is a great question, if KYC is a threat or provides a necessary safety.

My answer is both.

1. There is always a risk induced from sharing personal sensitive information. And as much as we would love to be anonym all the time, it is a matter of public safety to have a way to check, if a person brings extra risks with its presence somewhere. KYC is generally dedicated to prevent such risk exposure transfer from a person to a mutual entity, which may suffer serious losses and/or damage to its reputation, and therefore losses to owners and clients. In that way KYC provides safety.

2. There is always a risk of personal data leakage and misuse by the current data collecting agents. Their design is simply unreliable, since there is a lot of people involved (people do mistakes both willingly and unwillingly), the data storage and transfer channels are almost always imperfect and vulnerable to attacks, a lot of 3rd parties have a "legal access" to such private data, even if it is against interests of the data originator. So currently, KYC brings extra risks for privacy, makes person more vulnerable to fraud and identity theft, and even puts family safety at risk, since most of the time residency address is a part of the required KYC.

The best way to deal with it is the decentralized KYC repositories with the selective decentralized data control and the forced data fragmentation for every step of its processing and storage. I won't name any project, yet there are some. They will certainly have difficulties working out a deal with countless government agencies, yet it looks doable without screwing safety entirely (I've discussed it several times at think tanks, there are solutions).