URGENT: "Hide Email Address" account option does not work

Checklist

I confirm that this is an issue with aurweb's code and not a user-uploaded package.
I have described the bug in complete detail in the Description section.
I have specified steps in the Reproduction section.
I have included any logs related to the bug in the Logs section.
I have included the versions which are affected in the Version(s) section.

Description

When an AUR user sets the "Hide Email Address" account option, their email address remains public to all registered AUR users. I believe this is a major privacy issue and requires immediate attention.

Reproduction

Alice and Bob are unprivileged AUR users

Alice unsets "Hide Email Address" in https://aur.archlinux.org/account/Alice/edit
Bob verifies that Alice's email is visible in https://aur.archlinux.org/account/Alice
Alice sets "Hide Email Address" in https://aur.archlinux.org/account/Alice/edit
Bob refreshes https://aur.archlinux.org/account/Alice and expects the email to be hidden, but it is still shown

Logs

N/A

Version(s)

v6.0.25 (latest at the time of writing)

Edited May 06, 2022 by Sch Foo

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message