One of the important priorities we have for our next version of CMR is to make the reports more actionable by identifying the people behind some of the numbers. For example, with the Profile chart you might see that 80% of users have selected an avatar and be led to wonder, "Who are the folks who don't yet have an avatar?" If you knew, you could reach out and suggest (politely ) that they get one. Or on the User Adoption Chart it is interesting to see that you have a bunch of Active users who aren't Participating, but even more interesting if you knew who they are so you can engage with them.
OK, sounds good. But one of the tricky things we have come up against is that in some communities, external communities in particular, is it quite common for users to restrict access to parts of their profile. We need to make sure, for example, that this CMR feature not become a backdoor way for a Group owner to see email addresses that she is not otherwise entitled to see, and handle other scenarios like that.
But not everything is completely clear cut here and I would value some advice from you guys.
First question: How much is enough information to identify a user? In particular, would it be enough to just export a list of the User IDs of the folks who don't have an avatar or are Active but not Participating or whatever? (This would avoid the permissions issue since User ID is always public.) Or would that be lame and you would feel that unless we export full names and email addresses we haven't really met the use case?
Second question: To be very concrete, let's focus on the Profile Chart, which is a global-only chart. Suppose that here we are able to list any (or every) user -- first name, last name and email -- and whether or not they have filled in their various profile elements. There are several options
- Don't list any names or emails, just user IDs
- Include only those names and emails that would normally be visible, hide the others
- Include all names and emails no matter what under the assumption that this is being exposed to someone in an administrative capacity
Keep in mind the set of people who would be able to see this: anyone with Admin privileges, System Manage privileges or someone who has been specifically granted the 'Global CMR Permission' that we will include in the next release.
I hope that these questions make sense and would appreciate any thought on them or this general topic.