this is especially -- maybe only -- so in that user-added comments to individual records are labeled with user id (usually email address)
add some explanation on the sign-up page that user ids are exposed to others. this could be reinforced too on the subsequent sign-in page. (for the most part, this is a read-only application. the user email address as a login id is not a big part of this application and so the user could miss that it may be revealed to others. it's easy now for the user to choose inadvertently an address which they would prefer not be revealed generally.)
this is especially -- maybe only -- so in that user-added comments to individual records are labeled with user id (usually email address)