If I had a list of email addresses (easy to get) and wanted to know whether any of them would be useful for chess marketing/spam, using US Chess’s membership system as a way of validating them as chessplayers might be something I’d write a bot to do.
During the development of the previous system in 2004/5, we ran into a situation where a non-custodial parent was trying to use our membership system to track down his kid, so we tried not to have our website be a source of sensitive information. That’s probably more of a concern for membership system developers now that it was 15 years ago.
I hear the unique email address issue continues to pop up. I don’t want to have to spend time contacting the US Chess office, so they can manually fix it, each time this issue comes up with players in a tournament I am directing.
Unique email addresses are a common requirement of many systems these days, it isn’t surprising to me that CIVI-CRM is one of them. And of course when you build on a pre-existing package, you have to deal with that package’s way of thinking and doing things, and its limitations.