Privacy Security Profile and History Issues

juliereidkidman

If a person in our Family Group Tree decides that they don't want all of their personal data shared on the Group Tree — for example, their full birth date or divorced spouse information — could they or an administrator mark that field "private" so other group members know not to enter the information into that field?

Also, if the information was once entered into the person's profile, and then deleted for reasons of privacy (perhaps a previous spouse's children), is there a way to delete that information from the "history change" of that profile so that others can't view the information on the history change record?

I have already entered all of the information on all 168 members of the group and we are verifying that all grandchildren and their spouses want their family's information listed on the FamilySearch website. My siblings asked this question, so I'm trying to find out the options.

The answer may be to delete the person entirely and then create a new profile.

Alan E. Brown

You raise some good questions about privacy, and I suppose that some of these things could be implemented in the future if a product manager considered them to be a high enough priority. But the current capabilities are the following:

• There is no way to mark a field as private. I suppose you could add a note, especially an Alert Note, to request that editors not fill in certain data, but that relies on people noticing the note and honoring the request.
• Changes made by regular users will appear in the change history for a profile, and there's currently no way for regular users to change that. I do know that there are ways for data administrators (I'm talking here about FamilySearch staff with administrator privileges, not family group administrators) to make changes that don't appear in the change history, but that's not generally available.
• Even deleting a person entirely doesn't completely hide information. Anyone in the family group who knows the person ID for that deleted person can access the deleted profile, complete with all its change history. And it's not hard to find that PID if the person had a relationship to any other person, since the profile deletion will leave a link to the deleted profile in the change history for that related person.

So the best and only reliable way to keep data private is to never enter it into Family Tree to begin with. When you join a Family Group Tree, you affirm that you have permission to enter any data that you contribute, so it sounds like FamilySearch is relying on that affirmation to preserve privacy within the Family Group Tree.

juliereidkidman

Thank you for your response. This gives me a clearer picture of the privacy ramifications that there are in using the family group tree. I am hoping that we don't have any problems with members of the group not wanting their personal information shared in the group.

AnneLoForteWillson

@juliereidkidman One thing to consider is using your Group Details to set rules for who can enter what types of information and for whom. Administrators can access the rules in the Edit Group link: