Honestly what reason is there for needing to see someones private messages other than wanting to read them? I cant think of anything. All it takes it get up and get the user to show you, or get a Vey good point, I forgot about that! I'm a sysadmin for a company with 9,000 employees and I cant recall one instance where logging in like this would actually help. The feature to "Log in as" has now ben a part of the self hosted versions for nearly 1 year now as all your points can be combatted with good user training, Or getting them to send you a screen shot. ![]() Actually it's only left in the cloud hosted version and they are actively working to remove it. The last thing RocketChat needs is to become known as "The Chat client that makes it easy to spy on your You mention JIRA and Confluence before having a similar feature. We should create a new role, like super-admin or god that has this I think I would be more comfortable with it if it functioned like the slack Compliance Export feature in both how it alerts the users and does not export any private conversations prior to the feature being turned on.Create a new permission for that feature.(Slack has something like this when you turn on the feature on the enterprise accounts) Maybe add a step on the registration with the terms of service to be agreed. We should create the feature, and make it as verbose as possible to alert end users about privacy.We do need to provide a easy way to have end-to-end encryption for private message.Our usual approach it that if enough people find a feature useful, we build it, and make it optional.Making it just "harder" (but not impossible) to break the privacy, may be worst for the end user, as giving a false sense of privacy is worst than making it clear that there is no privacy so they can act accordingly.This is better than we trying to enforce what we think it right. We have created a very flexible roles/permissions system so organizations could chose how the system works for them. ![]() Let me join the discussion with my views: Considering: Hi all, I am happy to see that so many of our users are so passionate about our features. Reply to this email directly, view it on GitHub #3927 (comment), or mute the thread. You are receiving this because you are subscribed to this thread. The users have a right to privacy regardless of what you may feel. Yes and No, If this feature were to be implemented then the Admin should not be able to see their private messages. ![]() It should not be expected that because there is no 'end to end' encryption that their messages are wide open for admins to view. The user does not care about end to end encryption and what security measures are in place. On Aug 26, 2016, at 9:55 AM, John Szaszvari wrote: In fact, you will find that most regulated industries are MANDATED to have access to and archive all electronic communication on company infrastructure - including email and chat. ![]() If you are using this in a corporate environment or have your employees on it they have no right to privacy, this has been upheld in case law and is true of corporate email as well.
0 Comments
Leave a Reply. |