Please add box for Phone number on Contact Us form

peterb323 wrote:

Not recent; it's been that way for years. It never occurred to me that I could change it until our recent exchange. I'll be curious what the developers say.

I am "the developers".  See my post above.

Thanks Steve. The world has changed since the early days of FTH. I'm guessing the contact form originated in the days of landlines and expensive long distance calls and predates the security threats of the present day. The majority of club member phone numbers these days are cell phone numbers, and people, particularly women, are rightly protective of them.

I hope you might consider revisiting the current protocol, such as enabling the phone number box by default and perhaps replacing the individual contact names with their officer roles.

So you would expect potential prospects to provide a phone number while not providing a phone number for any of your club contacts?  I find that to be very problematic.  

Additionally, with the GDPR considerations taken into account, you might find a very different take on this in the EU than here.

If you are really concerned about providing a club contact number that works while hiding your club officer's phone numbers, then you should consider just getting a Google Voice Number (or similar) for your club and set it to forward calls to the officer of your choice.  Then you can create a dummy member having that Google Voice number and the archive email address and select that dummy member as a club contact so that number is shown.

I didn’t expect a debate here, but I don’t see this as very problematic.

First of all, the phone field is optional. No one expects anyone to provide any information they don’t want to.

Second, the method I propose is the way TMI handles it. The [contact club] link on Toastmasters.org requests name, phone, and email. TMI in return provides a contact phone number for the club, and it is optional. They do not provide the name associated with the number the way FTH does.

Your suggested work-around, creating a google voice number, is delegating security to the club level. Toastmasters clubs are not sophisticated organizations with IT specialists on staff. They are a ragtag band of volunteers who assume you, the FTH website provider, are looking out for them.

The current configuration creates asymmetrical risk. Club officers are exposing their name and number freely to the entire internet universe, and I suspect most club officers don’t even know their names are published.

I have not studied GDPR considerations, but I’m sure they don’t insist on every site providing a personal name and phone number in exchange for requesting a phone number from an interested party.

As of now, our only protection is that Toastmasters is a small organization that is not very interesting to bad actors. But, if someone with sinister intent did stumble on this FTH vulnerability, it would be a simple task to create a script to scrape every name and number off of the FTH platform. Then, it would be too late. 

I found a possible "work around."  I customized the Contact Us Form Greeting:

Thank you for reaching out to us! Use the form below to contact us and you will receive a reply by e-mail.
Please include your phone number in the body of *Your Message/Interested In. (optional) 

(By using 2 lines, and the bold text, it stands out a little more.)

Let's see it that works, for people that read, LOL.

Thanks Clare. Yes, that's an option, but you must admit it's inelegant. It would be preferable if the optional phone field was just always visible. I'm not sure why Mr. Steve is digging his heals in on this one, but it's his baby.
For the record, FTH is a fantastic service and I'm very grateful for it.