Recently I was practicing my social engineering and OSINT skills when I came across a rather large Youtuber showing their apartment ("room tour"). Being curious to how much data I am able to gather in a limited time frame, I challenged myself to find as much information as possible in 3 hours. Surprisingly nearly everything: name, birthdate, address, phone number, relatives, etc. (using traditional approach not from doxing sites).
As I consider myself an outright white hat, I intended to share my knowledge with them via e-mail. But to my surprise I received no answer within two weeks. I tried to explain and argue as neutral as possible because of the more formal distance but from my experience with friends and members of my family, the reactions to neutral arguments are always worse than to fictional threatening examples.
How would you approach these situations?
The way I explain to them about privacy, especially if they are left leaning, is by giving them example of 2016 elections. I explain how companies can use bits of info scatter around the web to create a detailed profiles of them. Then they can run different experiments on groups of similar profiles/people and see what message will trigger them to take an action. The action might be to buy coffee or to vote for someone.
Some people say that they have free will and they will not be easily influenced. Which leads to different debate but I recommend them that they watch "The Great Hack" documentary.