Restrict moderators from reading all PMs


(George Kaplan) #1

Would it be possible to restrict this? Our community will not appreciate that all mods can read PMs.


Admins can see private messages in user's profiles?
Admins can clearly see all private messages of all users
Privacy plugin that makes it more difficult for admins to read PMs
Global "Enable Privacy" feature
(Juffin) #2

Yes it would be great if we could separate Admins & Staff members in terms of permissions AND especially in terms of reading users private messages.


(Sam Saffron) #3

As a stop gap I am open to adding a site setting that disables the ability for mods to read PMs. It hampers moderation but I guess admins can pick up the slack.


(Juffin) #4

That would be great.
Just to clarify, it will prevent them to read OTHER user’s PMs - not their own right? :smiley:


(Jeff Atwood) #5

I tthink it is fine to have a setting that restricts mods to reading only pms addressed to them.


(George Kaplan) #6

That would be fantastic!


(Zach Alexander) #7

It seems to be the case that, eleven months later, (1) moderators cannot read other people’s PMs, and (2) there is no setting to configure this, despite the above discussion of how (at the time of writing) 1 was false and !2 was proposed. Am I correct?

I think this is how it should be, but I’m just checking if it’s how it is.


(Jeff Atwood) #8

Yes, the new default is that moderators are much more restricted out of the box. This is a safer default. See Permission Changes (moderators have less)


(Matthieu) #9

I read several topics about the admin right to impersonate and read PMs and I’m not convince at all it is a good idea to let admin read private message. You can say that we can still go in the database to look at any message we want but the step between one click on the interface to search in the database is pretty big.

For me, nobody should have the right to read private messages and I do not see any usages where this feature is useful. It should have, at least, an option to disable this properties so we can adapt the forum politics to our needs.


Privacy plugin that makes it more difficult for admins to read PMs
(cpradio) #10

Are you telling that rant to all of the other forums out there too? vBulletin permitted this. Just saying. :smile:

If you don’t trust the staff at the forum you participate in, you have a greater problem. You shouldn’t be a member there! In every situation I’ve been in the admin only ever goes in to read a PM if a user contacts them with a problem they are having – think “someone is constantly abusing me via PM”, not “I don’t know how to change my email address”


(Sam Saffron) #11

Fred

Bob keeps on PMing me and calling me a douche.

###Moderator

Let me ask Bill our admin to have a look

Admin

I can’t see anything, I need to run DB queries to look at this.

 

Two weeks pass

Fred

What is going on ?

Moderator

Sorry, Bill our admin needs to have a look but it requires running db queries.

Meanwhile on meta

How to I run DB queries to look at PMs on my forum?


(Matthieu) #12

Fred

Bob keeps on PMing me and calling me a douche.

Moderator

Ok please add me as a participant of the PM

Read only PMs Bob allows the moderator to

Moderator
Ok Fred, Bob is indeed a bully. I contact the admin to kick his ass.

Admin
Ok I will suspend Bob for a while


(Sam Saffron) #13

This is not a feature we have you can only add people to a PM if you are trust level 2 or above, besides, you need to read through history of abusive users. What you are proposing is adding a pile of moderation overhead.


(cpradio) #14

And can anyone invite another person, or just the Original Author of the PM (the bully)? I know staff can invite others, but I haven’t really tested much about whether the recipient of the PM can (even if they are TL 2).


(Matthieu) #15

Ok I did not notice that. But otherwise, it could be as simple as all other Discourse topics i.e. Fred flags (notify moderators) the Bob’s PM. Then moderators have access to the abusive PMs.


(Sam Saffron) #16

Still does not solve the issue of context, abuse, in general is not an isolated case, asking permission for every PM is onerous


(cpradio) #17

Moderators would only have access to the flagged post in the PM, not the whole thing (like we do with topics), so definitely has a context issue. I would not act on it at all as a moderator without seeing the full context (let alone as an admin).


(Jeff Atwood) #18

This feature is complete and working.