Apart from the consent issue (which I think is major), there is also added risk.
More code means more bugs means more attack surface. #Signal is used by, and in fact it is *marketed at*, people at-risk: journalists, activists, and so on.
Adding such a weirdly unrelated feature adds a bunch of potentially vulnerable code, and also adds a lot of complexity for the user. And, for #InfoSec people who might be responsible for helping that user stay safe using Signal.
Finally, if #Signal insists on getting deeper and deeper into social-network territory, this might expose it to additional regulatory burden.
There are laws and regulations that specifically focus on social networks, but not necessarily on IM systems.
By crossing that line (as blurry as it is), Signal exposes itself to more *legal* risk and potential legal trouble, at a time where plenty of legal challenges already exist for encrypted communication tools (consider #ChatControl).
#InfoSec