Improvement request: avoid email addresses for Trusted List changes

Question

At present Trusted List requests and additions, and some Profile Manager additions, are handled using members' email addresses. Trusted List requests delivered by email include the address of the member originating the request. To add a member to the Trusted List of a single profile, their email address needs to be entered in a field on the privacy tab of the profile. Similarly, the bulk Trusted List and Profile Manager addition tools require the use of the email address of the member being added.

This approach has at least two drawbacks:

• Many people prefer that their email addresses are not widely known, to help prevent identity theft and spam. It is not suggested that other members would be directly responsible for this, but if another member's computer is hacked and their contacts list is stolen, anyone on that list is at risk.
• Once member A knows member B's email address, member A can accidentally or deliberately add member B as trusted or manager for large numbers of profiles, without approval of member B, who may then need to do a lot of work to reverse the change. There have been cases where this has happened in practice.

One way to improve this situation would be to use members' WikiTree IDs instead of email addresses when adding them to Trusted Lists, and for bulk Profile Manager additions. When this is done, the recipient member being hypothetically added would be notified by an email, not including the address of the originating member, but instead a link to a web page where if logged in the recipient could approve or deny the addition, whether for one or many profiles.

A Trusted List request email could as at present include a link to a tool which would approve the request. But the email would no longer include the address of the requesting member. Instead it would give instructions for replying via a comment on the profile of the member originating the request (this does not reveal email address). If the member receiving the request wished to reply privately, they could use a WikiTree Private Message, either revealing their own email address voluntarily if they wished, or replacing it with an imaginary one as Gaile Connolly has described at this link.

I realise that changes along these lines, or any other approach to the problem, would require substantial programming effort. But I think they offer substantial benefits, and I hope they can be considered for inclusion in long-range software development planning.

Answer 1

I agree with this proposal, I find it a problem having to use the email address for some relatives I have an agreement with to add them to the trusted lists of shared family, much easier to find and use their Wikitree ID.
 I agree with the approach to the privacy issues raised.

Comments

Thank you, Gary. You make a good point that WikiTree IDs would be easier to use than email addresses for adding people to Trusted Lists, in addition to the other benefits.

Answer 2

Thanks Jim, we have been looking at ways to let people invite others without emails, so maybe reducing the places where email addresses are necessary can be part of a bigger project.

Comments

Thanks very much, Jamie. It will be good if these ideas can be considered in some form.

Answer 3

I hope your talking about asking to be added to a member's trusted list, otherwise I wouldn't agree with this change. I build a huge number of trees for many people and add them as PM as I go using their email address. If they had to approve each profile I add them to, they wouldn't let me build a tree for them.

I would like to be able to approve being added to profiles by "bulk add" so I don't end up with thousands of unexpected new profiles on my watchlist. This has happened before.

I'd love if you clarified your proposal. There are many different scenarios when TL requests are being used and I'm not sure what you're addressing here.

• I ask to be on the TL for one profile. TL request goes to PM's email. They choose whether to accept by clicking the link in the email.
• I ask to be on a member's TL so I can easily add them as PM to many profiles with the click of a button. They choose whether to accept by clicking the link in the email.
• I add a member on TL/as PM to profiles using their email address. No response needed by member. They see the changes in their activity feed.
• I add another member to many profiles' TL at once using the bulk add system. 

Comments

I would want the process I suggest to apply to all Trusted List additions. I don't want to be added to the Trusted List of any profile, whether one at a time or in bulk, without actively approving the addition myself. A big reason for this is because the profiles are added to my Watchlist, which is too big already, but another is to guard against someone doing a mass bulk add accidentally or because they misunderstand the bulk-addition tool—there are reports of that happening quite often.

However, well-designed software could make the approval process easy. The "web page where if logged in the recipient could approve or deny the addition" which I mentioned could batch together all active proposed Trusted List additions for that member, with buttons to accept them all, reject them all, or select individually which ones to accept or reject.