Yes, one piece missing is: They mention how the electoral roll data that is made available can be subject to a data breach - but they don’t mention how the donation data that is required by US law can be subject to a data breach. Of course that breach was still in the future when the EFF article was published and you can’t blame them for failing to mention future events. 
I think that example also illustrates one of the challenges. I think most people would agree that disclosure of political donations is a good thing on balance i.e. the cost to privacy in requiring disclosure is outweighed by the cost to the democratic process in allowing massive and potentially even foreign donations to be anonymous.
However in this forum perhaps many people would disagree with that proposition. ???
What came to my mind while reading the EFF article is … “fox guarding the henhouse”. While many changes could be made to allow a person to participate fully in the democratic process but not, as a consequence, sacrifice the person’s privacy, the legislators who could do something about that have a clear conflict of interest. (As the EFF says, there is no need to single out any particular campaign. They all collectively have a conflict of interest.)
Two other comments:
Be wary of telephone pollsters, particularly if the firm is not well recognized.
Whether the firm is well recognised or not doesn’t really matter since you will have difficulty authenticating the caller. But you should insist on doing so before proceeding with the poll because otherwise it might be worse than the options that EFF mentions and in fact just be a scam e.g. for identity theft purposes.
Mrs Wade recently took a call from a pollster where she insisted on calling the company that the pollster claimed to be from using another phone in order to verify the calling line ID as legitimately being used by that company. (I would have just told them to bugger off.
.)
Think twice before opening the door for a political canvasser bearing a tablet
… or bearing any other device that might be sniffing your home for MAC addresses. (You might reasonably be using real MAC addresses in your home, rather than the randomised ones that you should be using when out in public, if not just using the kill switch when out in public.)