We are using trackers in two different organizations
for requesting information from users, with some
Nowadays, another user can watch the tracker
submission, and thus, get the sensible data emailed to
him/her, even if tracker is configured so that sensible
information is not shown while viewing traker
information through the web.
A possible (easy) solution is to add a specific new
permission for trackers, which would be watch_trackers,
and which should be treated as another perm. to add or
remove to individual trackers, or generally to groups.