This a question that address what you must do and what you probably should do. The should is evident in your concern about having certain standards to protect people's privacy. To the extent you get consent from people for any means of direct communication you should send confirmation of that fact along with instructions on how to retract it after a certain point.
But since you are a website with an online community, why are you talking about physical addresses anyway? Encourage them to...
This is really about the difference between a corporate name which can operate businesses under separate trade names or divisions which may require filing a d/b/a registration and/or trademark registrations. The easiest way to think of it is General Motors which has lots of different divisions and trade names and trademarks but is all one company (for now).
This is a difficult question since the question of whether your access was known or authorized is critical and triggers both civil and criminal issues under both Federal and California law that you should discuss with counsel separate from a public forum.
The other lawyers have covered this very well. The one variation involving the Internet is this beast known as Terms and Conditions. Nobody reads them, but they can be quite onerous (a point South Park went to town on with respect to Apple's Terms) and often include jurisdiction and even venue provisions that might be controlling.
The other answers have covered much of it. As someone who has handled FTC investigations and spoken with them on enforcement priorities, their mantra is that a data breach does not automatically trigger an investigation but that the absence of a breach does not protect you either if you are not providing adequate security for the type of data you are collecting.
Note that cyber insurance products are increasingly becoming more affordable, but be wary of the exclusions.
It depends on the nature of what is published. If it was subject to any court order or is itself public record information. They have a First Amendment right to publish material, so the analysis really goes to each item published.
It violates their terms of service, is considered deceptive advertising by the Federal Trade Commission and could violate your code of ethics if you are a doctor, chiropractor etc. In addition, your competitors could sue you for this practice, so its little gain for high risk.
As the others have indicated, you have waded into the area of identity theft and cyber harassment both of which have criminal and civil implications (California also has a law about e-personation that recently went into effect). You should consult counsel for any further information.
I have worked with dating sites and my concern would be the business fall out if people knew the bios were ghost-written. People draw clues from how people tell things and not just the substance delivered, you are spending money to eliminate clues that might be valuable to your clients.