Ay, there's the rub, I say. What I mean is that Sloan is still working towards making this guest/limited access thing adhere to the spirit AND the letter of the law; right now, we are most often closer to the spirit.
By private information, I mean all student/member contributions to a class: name, email address, forum contributions, shared files, email exchanges. We does this by restricting access at the portlet level so that Guests cannot see the Members, Survey, Forums, Member List page, or receive emails. They can see FAQs, Documents, Calendar, News, Info and Custom Portlets, Syllabus and the Staff List - any portlet that displays group info only.
But there is a hole that you pointed out: it is possible to be a Guest and an Administrator in the same group, which has a sneaky presentation: the user is still restricted from the seeing the portlets, but has access to the Control Panel. We know this is not pretty or desirable, but for Sloan, guest admins are a near rare occurence. More often than not, the exception is a Limited Access admin, which does adhere to the letter and spirit as I currently understand it. What we need to do is prevent Guests from being made admins. And now that you have reminded me of all this, besides entering as ticket for it, there's not much preventing me from asking that it be done on SloanSpace V2 (besides the time to do it).
As for Guest and External, the difference is that one is a Role and one is a Type. Again, Types are not completely defined/designed. Putting any user in a particular Type does not prevent them from filling any Role. This renders the Type category virtually useless right now, but in the future, we want it to be useful, and provide a way to define constituency groups (including alumni) as a group and as having specific access (alums need that defined differently than students, etc.). However, I am speaking off the cuff and I will certainly not be the one who codes this nor may I be the non-technologist who decides how this will ultimately work. I just know what I think Sloan needs it to do for Sloan. Caroline Meeks, Don Baccus, Andrew Grumet and I and others have had many lengthy conversations about this, and we expect to revisit the idea more than once in the future.
"Are there any plans to build a dotLRN interface to customize the permissions of various user types and of the Access and Guest fields?"
This is not on our immediate horizon, though it is always lurking in the background, smirking at us and rubbing its hands with evil glee, waiting for us to try and figure it out once and for all...