Admins can see private messages in user's profiles?


(jon r) #1

I am wondering how this complies with Human Rights to privacy and uninterruptedness (?) of private communication.

What’cha thinking?


Admins can clearly see all private messages of all users
(Bill Ayakatubby) #2

Are you saying all an admin has to do is to navigate to a user’s profile, and they can see that user’s private messages?


(AstonJ) #3

I am not sure if it’s as easy as Bill is suggesting, but it would be easy enough to look at PMs via the database anyway.

I think they should be called conversations or personal or direct messages rather than private, because saying they are private leaves a user with an expectation of privacy where measures are put in place so the messages are indeed private.


(Jacob) #4

Yes all an admin has to do is go to a user’s profile page and browse away at their private messages.

This should be fixed, there’s no reason it needs to be that easy for an admin to view supposedly private messages.


#5

Not all admins have direct database access.

Seconded. Or at least a toaster that warns that private messages are not that private really and people shouldn’t post sensitive data there (with a “don’t show this again” checkbox, of course).


(Travis) #6

You shouldn’t have lots of admins or even moderators. My community of 1000 members has 1 admin (me) and 1 highly trusted moderator.

You should be using the Leader and Elder trust levels for everything else. Those people can help with pinning posts, cleaning up the forum, and making sure things are nice and tidy. This comes without any access to private user data which only I have (the same person that could simply query the database).


(Bill Ayakatubby) #7

Agreed. PMs should only be visible to an admin if that admin is impersonating the user. Oh wait, I feel like we’ve had that discussion before, too…


(Jacob) #8

I mean that’s great and all that your community is just run by you an one highly trusted moderator. That doesn’t mean i would want you reading my private messages. I understand you may have the integrity to not snoop around pms, but you can’t assume all users are going to trust the admins on the site they’re on. And while I agree that limiting the number of admins helps… that’s not going going to be the case for a lot of discourse sites.

This exactly. Not all admins will have access to the database, and the few that do will have to put at least a minimal amount of effort in the rare instance it would even be appropriate to view private messages.

I haven’t seen a legitimate reason for having private message so accessible. I would even go as far as to say encrypt them and be done with it.


Privacy plugin that makes it more difficult for admins to read PMs
(Mittineague) #9

Then why would they want to be members there?

IMHO if you can’t trust the Admin - don’t join the site.

I agree that personal messages should not be visible to others except the Admin (NOT Moderators) on a need to know basis.

There may be times when an Admin needs to check PMs to resolve an issue.


(Jeff Atwood) #10

This was covered at length in previous discussions on the matter.


(Jeff Atwood) #11