Because those researchers become a potential data leak. We all know that deanonymized data isn't actually anonymous. Do you, as the user, really want people poking around your private data "for research purposes"? Where there are basically no consequences if they mess up and leak your data?
I chose to give my data to the company. I didn't choose to give it to some unrelated third party.
I guess one point of confusion is exactly what data is shared, because I understood it to be general access to things that are already publicly available.
Furthermore, X offers paid access to the same data through their enterprise API program, so you're already giving access to unrelated third parties. Is there a significant distinction between the data that researchers could access and what's available through enterprise API?
I chose to give my data to the company. I didn't choose to give it to some unrelated third party.