Continuing the discussion from Admins can clearly see all private messages of all users:
A while ago, the team has addressed privacy concerns by not allowing moderators to read other users PMs. Requests for adding “administrative friction” to when admins access these PMs have so far been turned down.
My intention with this topic is not to try and change their minds but to inquire whether such a functionality could be added via a plugin and if so, to specify what such a plugin should look like.
To start with, I would like to keep it as simple as possible and here is my suggestion how in very broad terms:
- Disallow admins from reading PMs
- Specify Super-admins who are allowed to read PMs
(Personally, the way I would use this on my site is that I create a separate super-admin account which I will only use to access PMs in those cases where it is necessary.)
So, how to implement this?
Step 1 should not be a problem, but if system user or discobot need to read access, it may get a bit tricker.
Step 2 should obviously not be possible via the UI but will need to be hardcoded into the plugin source code so that adding or revoking super-admin privileges will require upgrading the plugin.