They are not even people. They are email addresses, fingerprints and VPN IP addresses used by a bot. The information is in no way personal
Still this is not good practice imo to put any kind of email address or IP in public. I would recommend removing those data. The type of action will create mess to individual users.
I deliberately did not disclose the individual's real email or IP used on their master referrer account.
We don't know, the users in the public web do not know because they do not have available tools to verify such things.
When it is introduced everyone using the service will have to explicitly accept that if they are caught cheating they can be publically identified by us.
What if it was not an intentional bad doing from the users. How are you going to ensure it 100%. No company publish sensitive data publically, and you need to ensure that it does not conflict with the law.
On a side note: I would not like such things. Indirectly you are threatening your users holding their online fingerprints.