As I said before, we had already looked into that but there are a few reasons we haven't implemented it.
The first point is how do you ensure that the feature is not going to be abused as a conduit for spamming other people. The only answer is that trusted users (support staff) can be the only people who can add emails.
The second problem is that being compliant with CAN-SPAM and its EU counterpart you need double opt-in. In other words it's not necessary that you add someone's email, they need to verify that they want to be notified about the ticket. This creates some issues regarding the user experience of the recipient of the double opt-in. Moreover, they need to be able to opt out (unsubscribe) at any time. This creates a lot of architectural issues, especially when you take into account private tickets. The major concern here is that need a magic URL in an email message which gives access to a private ticket's content so that these per-ticket features can work. This can be a major privacy / security issue.
There is also a problem regarding CCPA and GDPR compliance. A user can request that all of their data is removed. However, we won't have any indication that a reply posted by email from one of the add-on addresses (or one posted by accessing the ticket using a "magic" link to access the ticket) is attributable to anyone other than the person who owns the ticket. Sidestepping that would require us to create a Joomla user if one doesn't already exist for them (again raising issues about double opt-in for that operation, PLUS its relation to how Joomla is set up to handle new user account creation) . It would also require allowing random users post on other users' tickets. This requires deep architectural changes in way too many places and can introduce privacy and security issues which are very difficult to address.
Essentially, what you are trying to do is create a private forum for a closed group. This is not what ATS is designed to do. Trying to shoehorn that into ATS is both phenomenally complicated and raises a lot of questions about several privacy, security and legal compliance issues. Combined with the relatively small number of people who would use this feature in what is an already niche product in our extensions portfolio makes it extremely unlikely that we would ever consider implementing it.
If you really want this kind of features you probably need to look into a forum component like Kunena or third party support services (even though I am not aware of one which implements this kind of feature).
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!