I think what he's trying to emphasise is the idea that anyone who's part of the engineering team could spy on you, without anyone else knowing. It's bad enough that the company has this data, sure, but there's at least an assumption that it will be secured and penalties can be enforced if not. Some random engineering being able to look into your life intimately by themselves is a completely different level of violation.