I run a medical site and I’m always concerned about people coming onto the site and trying to recruit people into scams, etc.
It would be very helpful to be able to watch for these types of issues by being able to do a single click to review all the recent PMs (e.g. for the day or week) - from the admin statistics page. Ideally I’d just click on the PM summary number and get a list of all those messages that day or week.
As it is right now - its impossible to get a high level check on this issue because you’d have to go to each user (I guess) - which is really impossible with a large site.
You are gonna give @downey a heart attack, first of all
Right now there is a semi hidden json feed of all recent posts, @techapj has an item to add a RSS a version of that. I guess there could be a version of this that feeds PMs for admins only.
I think this would be helpful to a lot of sites and Admins who just want to protect their users. If you have any type of vulnerable population (e.g. health related, age - related (younger or older) its something you have to be concerned about.
It’s not your responsibility to “protect” your users by snooping around what they reasonably expect to be private messages. (Regardless of what the UI calls them.)
That’s not only unethical, it might be illegal under HIPAA or other laws.
Hopefully I can figure out what your site is so I can stay far away from it with my medical information.
Well you know @downey our position on this is that the admins are responsible for the safety of the site and that involves admins having access to all content. Unless you like people trafficking in child porn Personal Messages on your site… Or using Personal Messages to send large, illegal files to each other.
Extreme examples, yes, but it is their site and they have the right to ensure the safety of their site and the users on it.
There are other ways to handle even these extreme fear-mongering examples that don’t require Admins snooping through their users private and personal information, especially when it’s Personal Health Information.
A few ideas:
Disable attachments in messages
Disable external links or flag excessive links
Flags for suspect messages
Whenever I discuss this with my infosec & privacy colleagues, they’re always extremely suspect of why any admin would fight so hard to be able to snoop around like this. There’s a reason why the “minimum access necessary” theory is a thing.
No - none of these ideas solve the fundamental issue of how to minimize the risk of scammers targeting and luring vulnerable populations on your discussion forum.
Its my server, I’m responsible for what goes on it, I need to have the tools that allow me to protect my community members appropriately. Better access to all messages would help me do this.
As @codinghorror points out, all it takes is for an admin to download the backup and review any content.
If I had the same concerns about not wanting to let my users think their data was private from admins, I would add text to the footer at al times which stated who the admins were:
This site is maintained and supervised by XXXXXX
A constant but gentle reminder that someone is watching.
In other words, solve this concern with increased visibility, not increased limitations.
Just to add another point, I’m regularly snopping on PMs because most are replys or topics and the non tech user just clicked on the wrong button.
Also, if people starting PMing a guru user too much, I contact the user to assure him that he can tell then to use public topics so everyone on the community benefits from the knowledge.