I'm not sure how much I like staff using backend information, or arguably confidential/PM information, against users like that...
BadBear set a precedence.
I'd like to think I could trust Bitcointalk against anything but legal subpoenas within proper jurisdiction, but maybe not?
You'd be very crazy or naive to do so. You should work under the assumption that everything and anything that BTCT has could leak anytime, especially since the expansion of the "account recovery team".