Capture data from users for unknown fields

[hahn-kev]

there's a few extra fields we want to add but we have no way currently of capturing that data from users. We need to design a solution for that problem.

[megahirt]

One way I propose to handle this is through an email campaign. The email campaign would ask a single question like "Is Project X a sensitive project" where "sensitive project is defined as a project that if known about on the internet it could get someone in trouble".

Questions we could ask in an email campaign:

• is the project sensitive
• is the project a test or demo project
• what should the retention policy be for this project? (if this is a student project, maybe it should just be around until the end of class?)
• is it OK for others to know this project exists? (the opposite of sensitive I guess - maybe we don't need to ask this question).

The campaign could just give users a 6 month window to respond. We could email multiple times. After the window passes with no response, we pick a sensible default.

An email campaign will also expose the likely hundreds (thousands?) of email addresses that we have that will bounce as invalid. In which case the user account could be flagged.

[myieye]

Regarding project confidentialiy, we should communicate something like this:

• Highly sensitive projects should be explicitly marked as "Confidential" on the project page
• ~We could include a list of their projects~, but that's more work and perhaps even slightly unsafe
• For the time being we're treating them as Confidential if not specified
• In ~3 months we'll default everything unspecified to non-confidential
• The purpose is to encourage data sharing and collaboration and promote language work awareness