Open hahn-kev opened 7 months ago
One way I propose to handle this is through an email campaign. The email campaign would ask a single question like "Is Project X a sensitive project" where "sensitive project is defined as a project that if known about on the internet it could get someone in trouble".
Questions we could ask in an email campaign:
The campaign could just give users a 6 month window to respond. We could email multiple times. After the window passes with no response, we pick a sensible default.
An email campaign will also expose the likely hundreds (thousands?) of email addresses that we have that will bounce as invalid. In which case the user account could be flagged.
Regarding project confidentialiy, we should communicate something like this:
there's a few extra fields we want to add but we have no way currently of capturing that data from users. We need to design a solution for that problem.