I’ve seen restrictions on admins before in other software, it almost always comes in the form of administrator permissions (vB, MyBB, etc.).
They have 40 or so permissions which lock down exactly what an admin can and can’t do. The folks over at MyBB don’t think it’s enough and want to add even more permissions.
They even have an “account protection” system which prevents admins from modifying the account of the super admin, just in case an admin goes rogue.
They come up with all sorts of ways to restrict admins to create an illusion of safety for the site owner, but at the end of the day, if you can’t trust an admin, then they shouldn’t be an admin.
If you think admins reading PMs is a problematic feature which invites snooping around PMs out of curiosity, then the ability to disable this feature entirely might be preferable to another set of lock and keys.
Admins would still be able to poke around the database, if they think an investigation is in order. Perhaps, it could be a plugin, it would also be easier to implement.