One of our members asked if private conversations between members are readable by the admin or if records are kept. Does anyone know if, where and for how long private conversations between members are accessible?
Thank you.
Thank you.
Are Private Conversations Accessible to Admins?
- Thread starter Divinum Fiat
- Start date
You'd have to make up a usergroup that can be allowed to send PC's and set all others to be not able to.
Attachments
When I do so, then do I need to assign each user manually to the trusted user-group which is allowed to send PC's ?
I agree on the non-reading of PMs. Quite apart from how you would have the time to do so on a busy community, members have an expectation of privacy. However I would always reserve the right of admins and site owners to read PMs if investigating a serious complaint which cannot be resolved from the PM being "reported", for example, a criminal activity, a reported PM that suggests continual abuse of the PM system and so on, but never pro-actively, only in response to a complaint. Sometimes you need to access PMs from a member and record them as evidence, in case of a complaint that escalates to involving the police.
I also wouldn't browse for spam, you don't need to, if you have proper registration controls in place you should not get spammers, but if you do I agree with DRE you can resolve it via member reports.
It has been many, many years on my community since I've had to access someone's PM records and even that was because it was a harassment case which was being dealt with by the police.
I also wouldn't browse for spam, you don't need to, if you have proper registration controls in place you should not get spammers, but if you do I agree with DRE you can resolve it via member reports.
It has been many, many years on my community since I've had to access someone's PM records and even that was because it was a harassment case which was being dealt with by the police.
And in order to have control over your site, you need to be able to view all aspects of it when necessary.
I hear this all the time, especially with mail server admins. "What??!!! The Admin can read my emails?!! That's not right!!"
Phooey. The majority of administrators are too bloody busy to concern themselves with your petty discussions. However, admins DO need tools to be able to immediately investigate any issues that are detrimental to the site. I make it known up front that I can view ALL aspects of the site, including emails, PMs, etc. This is true for ANY server admin. So for the ones who jump up and start screaming about privacy and how wrong it is for a server admin to have that ability, I usually tell them to send their computer back to the manufacturer because they're too stupid to use the Internet. Because obviously, they haven't thought much to what being a server administrator is really like.
And if you have admins who regularly snoop on their members, they shouldn't be an admin.
Privacy? Let's be realistic:
the CIA is anyway reading all your Emails
http://www.zerohedge.com/news/“we-are-far-turnkey-totalitarian-state-big-brother-goes-live-september-2013
the CIA is anyway reading all your Emails
http://www.zerohedge.com/news/“we-are-far-turnkey-totalitarian-state-big-brother-goes-live-september-2013
EXACTLY.
I am responsible for the welfare of my students and their parents expect me to investigate any reports of bullying or distress.
Nor would I take anyone's word for what went on. Getting a record avoids any she said he said muddle which increases tension.
We have done surveys where the students can answer anonymously as ID numbers. As I said they 100% without exception welcome our protective management.
Intervention occurs about twice a year and we are always thanked for it.
[EDIT] Naturally this is all in the open and stated in our terms that we have this ability.
Of course if there is a legal situation the material in question should be handed over to any official investigator, but you are not such a person. You are not responsible for what occurs in the private corners of your forum, no more than Facebook or anyone else is. Cyber bullying and other unpleasant behaviours can be reported, and actioned at that stage.
In the event of any theoretical legal action, all you have to do is hand over the material to the authorities, yes it is there and can be accessed if needed to be, but that is very different from knowingly installing a modification to read PM's or worse logging in as them.. what a horrible thing to do!
Sorry but I find it totally unnecessary and a violation of people's expected privacy. Snooping around "just in case" such things MIGHT be happening sounds to me like a pretty shallow excuse to go on a voyeuristic mission into your members private discussions.
Any admin who engages in this should implicitly state that Private Conversations are NOT private and will be read by Admins, in the T & C's that members agree to.
I know it is a divisive personal opinion, but I would NEVER be a member on your site, or any of those others here who believe it is OK. I would imagine that 99% of people would not be either if the knew you were doing it.
mistypants
Well-known member
Isn't this covered by the default XenForo terms & rules?
However, I think most users would be very upset if they found you snooping in their private conversations. I have never done it and don't plan to, I've never seen any reason to even if users are suspected of shady business within them. It's probably not worth alienating your users to do so.
Q: Are Private Conversations Accessible to Admins?
A: No.
Q: Are Conversations Accessible to Admins?
A: Yes.
If you look closely the word Private is not there.
A: No.
Q: Are Conversations Accessible to Admins?
A: Yes.
If you look closely the word Private is not there.
I don't believe those general terms are implicit enough... it says nothing about Private Conversations, and you have to interpret that it might relate to Private Conversations.
It should be spelt out very clearly that "private" conversations are not private at all - on those sites which engage in snooping.
mistypants
Well-known member
Yeah, it wouldn't take much to re word it so it was clear. Those sites might also have a pinned topic/notice or something as many people don't actually read the T&C's.
Normally such a Mod is unwarranted. However, there are cases where it is needed. Of course, trust is key.
When my forum was on VB, My users knew that PMs were not 100% private. - It helps in cases where there are fake members and "wrong doing" occurring.
- Sometimes people register simply to troll and cause havoc. - Or we get bombarded by Middle Eastern/North African men who want to find a wife from the West.. Our female members (especially married ones) do not tolerate strangers PMing them and announcing their undying love, in the very first message they receive. - People CAN ignore, but the issue is of the website being used for the wrong reasons and annoying the members.
So, there needs to be a way to investigate if members complain. It is also why a lot of our members are still with us, even after 7 years. They did join other forums, but the "safe" atmosphere our site had - they appreciate.
When my forum was on VB, My users knew that PMs were not 100% private. - It helps in cases where there are fake members and "wrong doing" occurring.
- Sometimes people register simply to troll and cause havoc. - Or we get bombarded by Middle Eastern/North African men who want to find a wife from the West.. Our female members (especially married ones) do not tolerate strangers PMing them and announcing their undying love, in the very first message they receive. - People CAN ignore, but the issue is of the website being used for the wrong reasons and annoying the members.
So, there needs to be a way to investigate if members complain. It is also why a lot of our members are still with us, even after 7 years. They did join other forums, but the "safe" atmosphere our site had - they appreciate.
Do you think that Google administrators cannot read your gmail emails?
Do you think that Dropbox administrators cannot view your files stored online?
Do you think that Facebook administrators cannot read your private messages?
Of course they can - if the data is not encrypted, any administrator of an online service can access the data and view it.
If you are using shared hosting, their administrators can most likely access all your site data too, including your files and databases and any emails stored in the mailboxes on their servers.
Do you think they have the time or inclination to do so? No.
It's about trust - by using these online services, you are implicitly trusting the administrators to "do the right thing" and not abuse the powers they have. If you cannot bring yourself to trust them, then simply don't use the service.
It's the same with online communities - as administrators you have the technical ability to view everything in the database - if the members don't feel they can trust you to not abuse that ability, then they should not be a member of your community.
I don't think there is ever a reason to casually browse through the private conversations on your forums - as administrators we do need to respect the privacy of our members. However, I do think there is every justification for accessing specific private conversations to investigate technical issues or complaints from users (whether it be spam, bullying, or any other type of conflict).
If you absolutely need your information to be kept private - don't post it online in a format which can be accessed.
There is a reason why I don't email my personal financial details to people, there is a reason why I don't store my (unencrypted) passwords or sensitive personal information in Dropbox, there is a reason I don't publish photos of my children on Facebook - it's because I absolutely do NOT trust these services to keep my personal data safe.
However, I do use all of these services for stuff which really won't matter if it does happen to get accessed by someone I don't know - and I do so with a full understanding of the risks.
It might be necessary occasionally to do a bit of education for your community members about the realities of online privacy and make sure their expectations are set appropriately. Make sure they know that you do have the technical ability to access private conversations - but assure them that you won't do so unless you absolutely need to.
Do you think that Dropbox administrators cannot view your files stored online?
Do you think that Facebook administrators cannot read your private messages?
Of course they can - if the data is not encrypted, any administrator of an online service can access the data and view it.
If you are using shared hosting, their administrators can most likely access all your site data too, including your files and databases and any emails stored in the mailboxes on their servers.
Do you think they have the time or inclination to do so? No.
It's about trust - by using these online services, you are implicitly trusting the administrators to "do the right thing" and not abuse the powers they have. If you cannot bring yourself to trust them, then simply don't use the service.
It's the same with online communities - as administrators you have the technical ability to view everything in the database - if the members don't feel they can trust you to not abuse that ability, then they should not be a member of your community.
I don't think there is ever a reason to casually browse through the private conversations on your forums - as administrators we do need to respect the privacy of our members. However, I do think there is every justification for accessing specific private conversations to investigate technical issues or complaints from users (whether it be spam, bullying, or any other type of conflict).
If you absolutely need your information to be kept private - don't post it online in a format which can be accessed.
There is a reason why I don't email my personal financial details to people, there is a reason why I don't store my (unencrypted) passwords or sensitive personal information in Dropbox, there is a reason I don't publish photos of my children on Facebook - it's because I absolutely do NOT trust these services to keep my personal data safe.
However, I do use all of these services for stuff which really won't matter if it does happen to get accessed by someone I don't know - and I do so with a full understanding of the risks.
It might be necessary occasionally to do a bit of education for your community members about the realities of online privacy and make sure their expectations are set appropriately. Make sure they know that you do have the technical ability to access private conversations - but assure them that you won't do so unless you absolutely need to.
I don't think anyon suggested here that admins are justified in going into Personal Conversations "just in case things MIGHT be happening." It just hasn't been mentioned. Or perhaps I have missed something.
When I have gone into a Personal Conversation it is because a participant has deliberately reported to me that something has gone on which has caused unacceptable distress, or downright misleading and destructive information; or other indications of bullying.
Alternatively it has happened that someone has mentioned something to me without it meaning to be a "report." I find the reference to be unacceptable in the same terms - unacceptable distress, or downright misleading and destructive information; or other indications of bullying. I check and if all is well no one is upset. So far in all cases I found something of concern, except once.
In all cases I "own up" to what I have done. In the great majority of cases it is handled as an educational situation. The Conversation is placed in a document and the offensive parts highlighted.
There is also comment added to show that I understand why heated language or clumsy language was used, or whatever. In that way I get the offender to listen to me because they can see their position is respected as well as the other participant.
My comments explain exactly why there is a problem, and suggest a different way to express things without giving offence. (I am an experienced mediator)
I have found this approach is well received. On my more adult site I have only twice in 7 years had to exclude a member for persistently disregarding this kind of guidance (given 3 times in each case). On the younger community only one has been excluded.
A statement on Privacy is listed in the site Library, in our A-Z of guides. It clearly states that Personal Conversations are not 100% private but may be checked by me, and only by me, if I have reason to believe that someone is being rude, aggressive or misleading someone in a significant way. I add that I am far too busy to read PCs for fun and have plenty of ways to have fun in my precious spare time!
I have never had a single complaint about any of this. On the contrary I have been thanked for protecting a remarkably peaceful and courteous community by doing this kind of guidance.
Similar threads
