|
A couple things we know:
- any group that has autouser signup is for privacy purposes the same as being completely public to anonymous users.
- examples of this are the yaamny self subscriptions, the creative yale alumni network and feb club for old people
- I think it would be a surprise for a user and irresponsible for us to disclose significant private data by default to members of these groups
- whatever we make as default settings are going to be the permanent settings of over 95% of our users
Proposal:
- adjust the databits two option toggle: “Private” or “Members Only” (our current “Public” is really set up to function as “Members Only” I think) this implies:
- we never display private data to an anonymous user or by default to an autouser
- private is unambiguously “Private” from all group members (including group managers)
- For now all groups listed in a users’s profile have a membership TYPE
- “Private Member” (titletag: your profile data is not shared with members of this group)
- “Public Member” (titletag: your “members only” data is visible to all members of this group)
- this TYPE is a toggle right next to the group name on the profile list, and also a toggle right next to the member name on the group member roster
- the ability to message the group should NOT be impeded by not seeing private member emails, right? Correct. In fact we should make it a selling point that people can send message without seeing everyone's email.
- email, phone, address databits are defaulted to “members only” instead of private
- ADDITIONALLY:
- groups need an additional setting "Member Roster View Permissions:"
- Members Only
- Manager's Only (members cannot view other members list or details)
- ADDITIONALLY
- User Profiles need a toggle "Make My Profile Public. Display only my NON-private profile data publicly to any visitors to this site. Private data, indicated by an eye with a line through it is never displayed to anyone besides myself and the site administrators."
- Add a tooltip to the open-eye crossed-eye: "This is Private Data and is never displayed to anyone besides myself and the site administrators." or "This is Members-Only Data and is viewable by members of groups in which I am a Public Member (listed below)."
Usage Cases:
- YAAMNY SiteGroup
- this group is unlisted on the profile page
- all members are Private Members
- A User wants to be world famous
- The User selects "Make My Profile Public" to allow google to display his NON-Private profile data to the world.
- Creative Yale Alumni Group and Feb Club Group
- all members are Private Members by default.
- all new groups therefore must default to having private members
- Results for CYAN and Feb Club including change in default to “members only” on databits
- by default a user would have all sensitive data info hidden from other group members.
- by choice a user could share her info, which would share ALL contact databits by default
- a user could by choice hide specific databits.
- we have in our UI indicator Icons to show Private vs Members Only data.
- again, any data marked private is definitively private from all except the site manager of the created on site group for that member. I'm not even sure that that manager should have access to private data.
- AYA Official Membership List
- I believe we would need to support a way to flip the default to "Public Members” instead of private members. The key is how does this get done. Does it have to do with some setting of the group?
- these official lists will need to have that default set according to their policy
- Results of flipping the “Public Member” default
- users would be able to change their databits to “private” at will
- the messaging on this is beyond the immediate scope, but is going to have to follow the policy by each group. We may have to message all members from
- time to time about editing their privacy settings.
- in the case of the YAAMNY Council, flipping the default words perfectly.
- Cross site group considerations.
- the only issue is site managers overriding “Private” expectations and I think that is controlled by the current structure of only allowing the created on site group manager to see a user’s record.
- so I think there are no new considerations on this.
|
|