No one can argue this point; as @Andron_Ocean indicates, it’s the vast nature of systems that put data in front of eyeballs and along side a variety of copy tools that create risks. But I think it’s also wise to ponder the subtle difference between copying, replicating, and replication awareness.
Let’s all agree that copying should be set aside in this conversation because there are so many ways to make copies that we’d be wasting energy and time debating the undebatable. Copying is a risk that is virtually unavoidable.
Almost without exception, the vast majority - perhaps north of 90% - of the database systems available as modern SaaS solutions make it almost impossible to replicate a database or to do so without someone knowing about it. This is not the case with Airtable - they are (unfortunately) in the top 90+ percentile of this category; clearly not something you want to be good at.
If you’re going to make it really easy for read-only users to swipe a fully functioning copy of a database app, you might want to at least let the creator/administrator of that database know that it has been replicated and access automatically extended to that original creator.
Far Worse than Copy Risks
Replication is in a vastly different class from copying. The ability to make a “copy” of a fully functioning base represents an outcome unlike any definition or notion of simply copying the data. It is fundamentally different because it comes pre-installed with a completely new security context that the replicator can use to inflict harm, cause misleading conclusions, modify, and misrepresent as an authoritative version of the original base.
Replicated Airtable bases are virtually indiscernible replicas that can be used for nefarious purposes both inside and external to an organization without so much as more than a few clicks. It is no different than printing counterfeit currency without the need for paper, ink, or design templates.