The silence in this case just means that we are not sold on this feature.
Its unclear what you are suggesting here, it just open a can of worms
Should I be allowed to say that my profile is visible to TL2 and above ? What happens with the user card? What about PMs, how do you PM me if you can not open the card?
Is this an admin option?
Its just one huge can of worms and I am not sure you thought through the mechanics of making something like this happen.
Thanks Sam, I think that qualifies as the âNOâ @purldator was asking for
I sure have thought through the mechanics. And if you would like to listen, here they are:
The user card is not relevant in this. What matters is all the information stored in full on a profile: likes given/received, all posts made, ect, ect. So displaying a user card would not factor into the concern why profiles are currently public, unless the community was closed off entirely.
As for the options (checkmarks):
Admin: make all profiles private on default.
Admin: allow user to turn on or off profile privacy.
User: hide profile from guests.
I am not asking for much, or the people above me. Itâs the same as hiding an entire category. Visitors (not logged in) get a wall asking to log in, if the profile is private. Public profiles show the current visible/accessible behavior as it is now.
User cards do not display enough sensitive content to be blockable. They do not factor into it.
Not yet! Sam asked the problems he saw, I answered them. Not giving up that easily. 
Another owner of a health-related forum, and public access of user profiles is a huge red flag for us. Most of our users are paranoid for good reason. Many of them receive health disability benefits, and insurance companies and such are scouring for sensitive health info tied to personal identifiers.
From scouring the discussions here, seems like there are a lot of other health-related forum admins here, so this would be a universally good feature to add to core.
Might it suffice to have a highly obvious visible type of âDo NOT enter any personal informationâ warning message?
There would be a tradeoff there. Getting to know other members on a personal level is part of the purpose and appeal of our forum. There are plenty of anonymous-feeling forums out there, but we like discourse particularly because itâs so interactive and bridges the feel between traditional forums & social networks.
I think if the only criteria is being a member (no regard to Trust Level, Group membership, etc) it is likely possible that a plugin could re-route non-logged in users to the âdoesnât exist or is privateâ page.
eg.
if(Discourse.User) {
if(Discourse.User.current()) {
i.e. âcurrent userâ only exists for logged in members.
Given that youâre dealing with health information, I think that isnât going to cut it because the info is still delivered over the wire.
Weâre not looking for HIPAA-compliance here. As someone mentioned above, itâs just a matter of offering some protection & ease of mind to our users. Our members are clamoring for this. They also understand that this information is accessible as soon as an undesired lurker signs up for an account. These two ideas arenât mutually exclusive.
Sure open to adding a switch for you. I am thinking, if âhide users from anonymousâ is on
For anonymous
Does that cover it?
A bit confused by this option: Do you mean that only users that have their accounts anonymized will have their profiles be hidden from public view?
Sorry, I mean if you select this new setting that does not quite exists (but we will add) that stuff will be hidden.
This will affect all users, not only anonymized users.
At a high level you are saying ⊠I want all our users info hidden from non-logged in users (anonymous and non anonymous)
Yes thatâs exactly what we were hoping for. Thanks Sam.
OK, @zogstrip will be working on this feature, this week.
You can now use the âhide_user_profiles_from_publicâ site setting 
https://github.com/discourse/discourse/commit/bb79e6aff7acd95d1dac8fcf367978af2ad81162