If a provider gets such a request, she should report the offender for leaking ROS information. Even if they are lurkers, they obviously have an account here for the PA to attach to. This should apply regardless of if the information is in ROS or not, activity happened or not (even though CJ says this post is in reference to activities that did not happen and was not in the review), as the conversation claims to be compromising ROS information.
Ladies, if you have such a conversation, report it. If it happens over the phone or email, verify their handle here and then report it. Attempts to push for more menu items by this method should be frowned upon by all of us.