Right—I keep using the word “friction” because I don’t mind the ability being present and usable. But I do believe it should require effort to engage and leave visible traces (definitely in log files, and preferably user-visible, too—a notification of “$STAFF_NAME has read the conversation $SUBJECT_NAME” as a pop-up notification in the notification area, for example).
Cloaking or hiding the ability isn’t the answer, and it sounds like there’s pretty general agreement that an audit trail is a good idea. I’m cool with that
I would absolutely run that plug-in without hesitation. It absolves me as the admin of a lot of responsibility and liability. I’d want it as a user, too, for the same reason that I don’t exchange IMs with anyone who doesn’t use OTR encryption.