Hi again,

There has been some pretty energetic follow-up around this topic, so I wanted to share what is happening now and what the Fusion teams thoughts are going forwards.

The immediate actions taken on by the team are :

Change the public share implementation so user data is not visible through the method I used (in progress, no ETA just yet but will be released asap)

Explore the public share implementation further to look for other unexpected leaks that I didn't discover

Modify the STEP export workflow so it doesn't include personal data (again, in progress, am hoping to get the change into a release around the middle of May)

Alongside these immediate actions, we will also be doing a broader check of our export workflows with a 'privacy first' mentality, looking for places where we can increase anonymity. This is likely to take a little longer and will likely result in incremental improvements over the coming months.

Going further into the future, once we are comfortable that we have achieved 'privacy first', we may reverse course and look for opportunities to add user managed privacy controls. I can't commit to anything specific in this area but definitely welcome the suggestions that have been made and would also welcome any additional areas of concern people have where Fusion is less private than it could be right now. (The suggestion about obscuring user name in the title bar is a great example of something we may not have recognized on our own, but which is very relevant when tools such as Screencast are being used.)

Thank you again for the engagement and looking forward to your thoughts / suggestions,

Matt.