Currently for a number of gadgets, such as the directory gadget, privacy levels for information display and access are set to either admins, members, or anybody. However anybody is actually two distinct categories: contacts who have set up system user accounts to access limited parts of the system, say the forums, and members of the public who have not set up any system user accounts. By having a Contact user access level administrators would have one more level of security to filter system use access; this could be used as a measure to build trusted access for non-members (presumably prospective members) to be exposed to the organization's activities.

As a part of this proposal I would add that contacts have privacy settings in their system user profiles.

Here is an example. We are considering putting our membership directory on a public page including allowing non-members to use the personal messaging system to send messages to members. Our hobby is very eclectic so having any means of matching members interests to those of potential members is important to us. While the personal messaging system would serve as a "firewall" against spambots harassing our members it would not provide protection against a human harassing our members by sending a personal message using a false email address as the reply to address. By requiring non-member users of the system to set up a system user account before they access the personal messaging system system administrators can set up a new level of accountability for non-members using the system.

Such a level of accountability already exists for "public" members to access the forums; by making Contacts a full access level that accountability can be spread system wide.