Allow users to check authority email address

Question

Allow users to check authority email address

Opened this issue 4 months ago · 8 comments

A potential replacement for #8263.

Some users or authority staff may wish to check whether we're using the correct email address for an authority. Previously we'd just show the email address, but that's too open to abuse.

Instead we could allow the user to enter the expected address, which we then compare to our records. If the addresses don't match, we can point them towards the change request form.

Answer 1 · 2024-05-29T08:00:36.000Z

If they are wanting to monitor that it is up to date, could we let them sign up to get an alert if we change it? A bit like the land registry do for property charges etc.

Answer 2 · 2024-05-29T09:56:15.000Z

And/or could do something similar to the request event history page.

Answer 3 · 2024-07-05T16:24:38.000Z

If they are wanting to monitor that it is up to date, could we let them sign up to get an alert if we change it? A bit like the land registry do for property charges etc.

We could automatically send an alert to both the old and the new when a change is made, as well as the submitter of a change request (with only one email if the submitter of the change request matches either the old or the new).

And/or could do something similar to the request event history page.

I think it would be good to publicly list changes to bodies. That's probably a separate issue, though.

Answer 4 · 2024-07-08T19:28:55.000Z

The vast majority of our authority email addresses are already displayed on the agencies' own websites. I've also never had any complaints in 13 years about displaying authority addresses. We tell users and authorities to view the address, and I consider it part of being transparent.

I guess WDTK must have this problem, but we don't, so removing the feature just adds admin workload for no gain. I'm not excited to see the feature has already been removed in develop - I'll have to look at putting it back in a fork or theme. (And I'm trying really hard to defork and not overcomplicate the theme.)

Maybe it could've been an option?

Answer 5 · 2024-08-11T12:58:45.000Z

A user has contacted us with a request that the information be restored.

I guess WDTK must have this problem

My understanding is that the issue on WDTK was an instance of someone bulk-harvesting email addresses, which I think was causing server load issues.

Answer 6 · 2024-08-11T13:00:11.000Z

In any case, I agree that making it an option for different installations is probably a good idea.

Answer 7 · 2024-08-11T13:05:46.000Z

Also, if one still values the ability for people to actually view the email address, but wants more protection, one could require someone to be signed in to view it, although that perhaps doesn't add a great deal.

Answer 8 · 2024-08-11T18:05:50.000Z

That could work if we restricted it to people with verified email addresses and we limited each user to three lookups a day (say).