Background:
In summary, when your community setting is Public, any profile field with Public visibility is available to unregistered users.
Unlike most other modules in the platform, there’s not the ability to show permissions for different types of user roles. If you’re community is public, the profile module (and all community member profiles) are exposed for SEO, etc.
Impact: This is problematic for protecting the information of community users. As
a malicious user scraping the entire community and mining out all that personal information
But it’s also a major blocker for communities (like mine) that want to expand the use of profile fields and encourage their users to share relevant information.
It’s also likely a blocker for even sharing company name: many users may not want their posts publicly visible and associated with their company name. They may be okay with that in the community, but not for anyone who googles them.
Use Cases: Building a community network with visible profile fields and information for building your own niche network / directory. Additional information will help build peer-to-peer connection and promote more informed dialogue between users.
A few simple use cases:
- linking to someone’s linkedin profile for adding them to your network.
- sharing your community URL (like here on Inspired), but keeping that private to unregistered users.
Solutions:
- Permissions for the profile module like for the Ideation module
- Middle ground option for Profile fields between Public and Private
- allows it to be visible to registered users and up
- blocks it from unregistered users and search engines
