Michael's use cases are very good examples of the issues at play here - both personal and legal. But we also need to consider -- and by "we" I mean most immediately the folks at Sloan -- another constituency group, alumni. Alumni communities will be well served if they are as open as possible communication-wise for those alums, but they also want and need access to the learning community of Sloan and we want to give them that access without violating any laws. .LRN/SloanSpace V2 cannot do that right now because it cannot accommodate the need for a user to have a different level of access to different sets of groups, i.e., a set of alumni communities versus classes.
It is not just a matter of giving users what they want, but of being very clear and getting the proper consent from all parties, which Carl eluded to in his post:
"The publication scope of contributions in each commons should be made clear by the group leaders (e.g. group admin) or the context in which contributions are made."
Carl also stated:
"Where possible the privacy issue should be delegated to the group leaders or the individuals themselves."
I have had a few conversations with the Sloan privacy expert, however and he has asserted that it is not sufficient to leave these decisions up to the group administrators, at least not here in the United States. There are some decisions that must be made for them by designing a system that clearly defines roles and levels of access and the like. This is sticky, difficult issues, at least for Sloan and we are headed in the right direction, but we are not there yet.
As another example, when we were developing the spec for our Photobook module, we encountered privacy issues in determining who could see what bio info about a student and we decided that professors and students could only see information about students with whom they share group memberships, not group membership info for unshared groups. This thinking would extend, I think, to all user contributions if we are going to adhere to the letter AND the spirit of the U.S. privacy laws.
