User profiles hidden from public, but the badges are not

I’ve disabled the user directory for anonymous users. This is to add some privacy, I did this with hide_user_profiles_from_public, which does: Disable user cards, user profiles and user directory for anonymous users.

However, the badge system is still public when this option is enabled. So someone can still check e.g. TL[1-4] to see most users without an account. Of course seeing the details of the users such as their cake day, bio and other details like that are still hidden. But establishing a user directory and a general idea about the users is still possible.

I think that when this option is enabled, the badge overview should be hidden as well, as well as the badges in the user cards.

2 Likes

Recategorizing to ux as this is not a bug. Badges and profiles aren’t the same thing, there are lots of other places that user accounts can be surfaced even if their profiles aren’t visible.

Badges are a gamification tool - part of that means letting users see which badges exist and who else might have them. If you aren’t interested in the gamification aspect have you considered just disabling badges completely?

1 Like

I am interested in it. Just don’t want to have the whole world see it, especially if it makes a privacy option not that effective :slight_smile:

3 Likes

I think the suggestion is to have a similar progression of visibility to the badge section as the user directory, whether coupled or as a separate setting. Currently the user directory can be disabled | visible to members | public, whereas the badges are simply disabled|enabled.

3 Likes

I grasp that - but having the badge counts (or listed users) vary between logged in/out doesn’t make a whole lot of sense. Extrapolating the same logic, users should be able to control whether their topics and responses should be visible to anonymous users.

At some point we have to accept that public participation is going to leave some form of a footprint. For communities which are privacy-centric disabling the badge system would be the way to go.

2 Likes

Isn’t there a middle ground here? E.g. having the badges for the logged in users only? Now the option to disable user listings is like a half fix I can sell to the users. Since the TL badges give mostly the full overview as well. At least groups can be hidden. If those were also still there, then the TL0 group would be there as well for the full overview.

Having the option to hide the badge overview for anonymous users would go a long way.

1 Like

Ok, so you’re proposing that either the badge counts are lowered for anonymous users, or that the count doesn’t match the users listed?

By that token should said users also not have access to the flair and titles associated with badges?

What’s the privacy issue here precisely? Hiding profiles eliminates the ability to PM or chat with a user, you can no longer track their activity across a forum. Badges may link to one or two topics where a user has interacted, but you could as easily find some of their interactions by using search (or the google cache of public topics).

At the moment my forum has that option disabled to see user listings as an anonymous user. That includes user cards all together.

However, when someone goes to the badge overview. Someone can still get a pretty complete user listings for TL1-4.

A fix would be to either include an option to hide the badge overview or add an extra option to hide it for anonymous users.

My forum:

Sure, and their names are also listed when they start/participate topics. There’s also a profile page which says the user has hidden their profile, which also confirms an account exists?

Can you explain the risk?

You need to draw a straight line from a tangible problem to your proposed solution here.

Ok, so you’re proposing to hide specific badge overviews from some/all users? Or all?

Badges are markers of participation, like starting or responding to topics. Why is one ok, and not the other?

There is no risk. It’s just a courtesy to the users. The topics are public. But there is no need to have an easy way to zoom in on certain users. If there was a real risk, the forum would be behind a VPN and only allow invited users and the rest is hidden.

But that’s extreme. The already existing feature offers a way to hide some user details for anonymous users very well. The badge overview for anonymous users cancels out that feature since it allows listing TL1-4 users, which is mostly a user directory again.

The goal is to have a public forum, but have some layer of protection for the users. Which is fixed if the badge overview is only visible by logged in users. :slight_smile:

I hope you understand this protection is only against anonymous users. I get the idea you may not have read that detail correctly so far. Logged in users may see everything.

1 Like

How can I request this as a new-feature?

This is the place to do that. :+1:

Personally, I think you raise quite a valid point. The hide user profiles from public removes public ‘user lists’, yet leaves something similar viewable via the badge overview.

I think hiding the badges from anonymous users as part of this setting makes a lot of sense.

4 Likes

i sort of feel like badges should be hidden or disabled for anonymous users by default. to me it’s a members only privilege to qualify for badges. i don’t believe badges should be a feature to draw in members either, so i don’t know why they need to exist for non-members.

the bigger question to me is why do anonymous users have access to the badges at all assuming one has to be a member to participate?

1 Like

The core purpose of badges is gamification.

Their sheer presence is there to encourage participation, the very first barrier to which being registration.

Take a look at the recent liquorice topic. Would it have made sense to have a topic visible publicly without any context? How would it be preferable that the link 404’s?

I think that the way Discourse is set up there will always be links knocking about in posts that could be inaccessible to certain viewers due to category permissions or admin settings. A link to the user directory, for instance if it was disabled for anonymous, or something from the lounge.

Right, but neither of those are designed to encourage participation.

I suppose the crux would be whether you viewed badges as encouraging participation through signups, or participation from existing members. I would probably lean towards the latter as I don’t think anyone really joins a community for the badges. :slight_smile:

I still think if you’re looking to make user lists a ‘members-only’ feature of your site it makes sense to also include the badge lists in that somehow.

3 Likes

this is exactly my point. i get that badges/ gamification encourages participation of members, but we’re talking about non-members here.

FWIW, our forum doesn’t care much for the badges and we don’t have gamification plugin enabled. :slightly_smiling_face:

1 Like

just to be clear, i am not arguing from a privacy or security perspective. in my humble opinion, it just makes no sense that the badges would by default be accessible or even of interest to non-members, unless the gamification aspect was an essential part of your forum’s purpose. i don’t actually want people joining my forum for the badges and to beat other members at whatever game, i want them to join for the content and discussion. that isn’t to say i don’t see a scenario where a particular forum may find it useful to let non-members see badges, like one designed with gamification as an essential part of the user experience.

2 Likes