The goal of Mozillians.org is to create a small, trusted space for community members to share contact and other information.
Although anyone can register as a user, this doesn't automatically grant one access to all data in the system. In fact, a user in a 'pending' state can't do very much beyond view and edit their own profile.
A critical cross-cutting feature is this concept of a vouched Mozillian user. All aspects of the system must enforce this behavior. For example, knowing the url to a user's profile photo isn't enough to access that photo. Only an authorized user will be able to view such a photo. To the un-authorized requester it will appear that the data doesn't exist.
Detailed privacy requirements are included in each feature's spec.