Comment 16 for bug 498181

Thank you for your explanation.

Now, supposing this is considered A Good Thing To Do (TM):

First, on your last point -- the most that can be done is *proposing* you to a team. Of course, most probably LP Registry will simply *add* a proposed person to an open group (caveat: I have not looked this up in the code).

Anyway, this could be controlled quite effectively by allowing proposals only from self or an admin of the target group. Then, standard abuse control can be used (a request to answers.lp stating the abuse, or a ping on #launchpad, etc). Also, as far as I can understand, ADD requests are restricted to self or the target team admin(s), so this should not cause unexpected grief.

Now, the emailing piece: if I understand it correctly, we *do* have a potential breach of privacy here: suppose we have UserA and UserB, both with private email addresses, and no other recorded means of communication. Now UserA needs to contact UserB. If UserA sends UserB an email via ./+contactuser, then UserA will have her/his email sent to UserB. In other words, LP offers a communication path (./+contactuser), but does not respect privacy settings. It would be better -- for example -- to have LP interface between both UserA and UserB: UserA uses ./+contactuser, LP sends an email on behalf of UserA (https://lp.net~UserA), but does not add UserA's email address to the headers. UserB, then, can respond to UserA using https://lp.net/~UserA (by clicking on the Contact User link).

Finally: I do not know if this should be allowed or not. I see not big nefarious consequences if it is implemented with the controls I point above. And existing capabilities are better than existing (or future) needs ;-)

Note that this does not matter for me -- my email is public on LP.