Publishing

Much of what I have to say here is personal opinion, but it is tempered with reasonable knowledge of law governing the situation.

As webmasters, most of us put our chapter directories on the web page - and sometimes with pictures. This is very consistent with the down-to-earth, no-nonsense atmosphere we experience in Barbershopping. But the ability to publish brings with it responsibilities. We need to disseminate information, but we also need to protect that same information from eyes that are not entitled to that information. We need to respect member rights NOT to have it published to the outside world. On the web, we need to show reasonable effort to keep it away from unauthorized persons. I base this on cases dealing with the selling of information to telemarketers. Does Amazon.com, for example, have the right to give out your address and phone to other companies, just because you supplied it on one of their forms? NO! In my opinion, our job is to deliver member information to members.

So where does that put us Webmasters?

HTML pages are static and searchable. Any chapter that places their directories on an HTML page like MEMBERS.HTM is making that information available to everyone with web access. Search Engines can even find them through that page, bi-passing the login. That is OK if your men have all agreed to that. But what about members who DON'T want that to happen? Guys with unlisted phone numbers. Or guys who use email addresses from their workplace. Just one guy in that category and you have a problem.

You COULD use an Adobe Acrobat format for your directories, and that would be a step in the right direction, since

  • it gives a measure of protection - names may not be searchable by the Search Engines
  • you can password the Directory and give out passwords only to members, begging them not to disseminate the password.

You could set up a form requiring a password to get in.

  • If everyone uses the same password, you might as well not bother
  • If a successful password links to a static HTM page, you need not bother. Search engines can bi-pass your login.
  • If you give everyone unique passwords and check against a database, this is good.
    • Caveat - if all those unique passwords lead to an HTM page containing the information, you STILL have not protected that information.
  • You can give everyone a password and link to an Server-Side script that checks for some information. Then anything that tries to bi-pass your login will error out. This is good. It means that unauthorized eyes can be kept out. This also means that you have now enabled some activities that would not have been otherwise possible. IT carries the same weakness as the previous option, however - it can be totally disabled by a hacker.

So what do I recommend?

  1. A Member Login. Do not make that a one-password login that everybody knows
  2. Once logged in, your site should be directed always to ASP or PHP or CFM or similar pages that look for a certain variable. If the variable is not found, you send the reader elsewhere.
  3. By default, supply no personal information unless you have permission.

This gives reasonable protection to all those who desire it. This also gives you power to place things behind that password curtain that MUST be protected, by its nature. This includes music, etc. If there is less protection than this, you weaken your site and your capabilities.