Jump to content

Admin Access To PMs

Guest lupin84

By Guest lupin84
in Feedback

Recommended Posts

  • Replies 112
  • Created
  • Last Reply
stoo2000 Grand Master

stoo2000

Posted
Posted

The way I view it is that it's information submitted to a public website, there's no garuntee of privacy, we dont' call them 'Private Messages', they are just plain old messages.

We don't actively read peoples messages, while we do respect privacy sometimes there is an issue that needs to be dealt with, We have an external system that scans our messages table for particular words, phrases etc that would clearly be a breach of the rules, the message id is then logged for further investigation.

It's also a nice way of keeping on spam, as it flags up too if the relevent words are on the watch list.

This information is only available to two administrators, and no one else.

Link to comment
Share on other sites
Tom_F Community Regular

Tom_F

Posted
Posted

The bottom line for me, is as admin I host, maintain and run a message board (or in this case mutliple) and the users sign up and use the board for free.

If they are stupid enough to pass information that is potentially private or harmful through such a personal message system them more fool them. Again in the UK anything passed through this system is still subject to be potentially libel then it's the hosts/forum owners who once again are likely to be in the chicken soup.

I have personally had the PM logs modification on some of my boards for 3+ years but its' not there to just snoop through peoples messages but its there to not only protect myself but to protect other users as well. I've seen threats of violence, general nastyness and the obvious spamming. With the PM logs I can efficently check out the allegation and take the required action.

I like the idea of report PM to administrator and with this function maybe that specfic PM is then put into a seperate log to ensure users cannot delete. As for the full blown PM log, I think maybe that's better off as a modification and then the admin can choose whether or not he feels he needs it.

Link to comment
Share on other sites
suzie99 Newbie

suzie99

Posted
Posted

The club:

The Admin of this forum have the ability to read ALL personal messages



They (admin) had always been able to read any pm they like, they should'nt be able to but back then they could. It was a bit messy but it was quite possible through the...well it was.

Not a good idea as the messging system is supposed to be private.

If you don't trust your members just disable the pm system...you can even do that by members I would think...not checked it myself.

:lol:
Link to comment
Share on other sites
Tom_F Community Regular

Tom_F

Posted
Posted

Not a good idea as the messging system is supposed to be private.



No its personal. But its still a facility that you the forum administration PROVIDE, so you have every right if you wish to log them. As I say there, in the UK, there is still that chance that you or the host can be liable for any comments made within this system.

Why disable a usefull feature when you can simply take steps to ensure it's used correctly.

It's probably down to user preference, hence why its best as a modification.
Link to comment
Share on other sites
Rοb Community Regular

Rοb

Posted
Posted

I agree with several others, that a "Report this message" option would be a very good idea.

As far as I am concerned, that should be the only way (short of manual sql queries for the real spies/saddo's) board admin(s) should be able to view (what I regard as private) messages.

In a nutshell, the member should authorize and determine who can see their message(s), not you.

Link to comment
Share on other sites
W13 Enthusiast

W13

Posted
Posted

I used to work at the bank, and as a banker, I had access to people's most intimate financial details (their debt, their credit rating, their personal info, which porn sites they signed up to lol, everything) ... and they know that. I was like an 'admin'.

So PMs, pfft, I'm an admin, I should be able to see them one way or another - and the users know it.

Link to comment
Share on other sites
Amy T Collaborator

Amy T

Posted
Posted

I'm pretty against this, snooping through PMs is in bad taste and should only be done when there's been a report or there's a [i]good[/i] reason to suspect PM abuse in my opinion.



A report PMs feature would be far more professional and far less of a privacy concern.


I totally agree and thats the only time I have ever looked at another members Pms.
If a member is being harassed by another member to verify this is going on and the PM that was forwarded to me was not edited I go into the phpmyadmin and find the PM that was reported to me so having some way of seeing the exact content of a reported Pm would be better. I have also asked if that member would like me to log in as them to view this first hand and that actually is what I did with one member the other day and he was very happy that I cared so much for him that I would look into it.
I do not much like the snoop mood even though for a while for things like this I had it but did not like having it there.
Link to comment
Share on other sites
Luke Mentor

Luke

Posted
Posted

Here's the bottom line for me (and since this topic is a bit old, I am re-iterating what I have said before):

I understand those who feel that monitoring private messages is not necessary, and is even a breach of privacy. After all, in your communities it really isn't necessary to do so, nor do you want to use such a feature. But try to understand that your needs are just one side of the spectrum. On the other site, not only is a feature necessary, but it's use is imperative.

On a forum that is intended for children, and has a huge population of children, it is important to keep a close eye on incoming and outgoing private messages and emails. Why? Because not only are you morally responsible to ensure the safety of these children, but you can be liable for not doing so. Having an area of the site that cannot be monitored is a hazard. The only option out-of-the-box is to turn off private messages completely, and for those that have done this they know it causes more problems than it solves. To that end, I have developed my own (private) modification for the forum I started. It has these goals in mind, which I hope something similar will make it to IPB some day:

  • When a private message is deleted, it is "hidden" rather than being deleted out of the database. I did this by simply creating another column that backs up the owner id, and I set the owner id to -1. This removes it from the inbox, but keeps it in the system.
  • In the AdminCP, all private messages are listed in the order sent (newest to oldest). There is an icon indicator that shows whether that message has been read or not. If it has been deleted, it shows a trash icon instead.
  • In the AdminCP the admin has the option to "soft delete" or "hard delete". When you "soft delete" it removes the PM from that members inbox, just like if they were to delete it themselves. Only a root admin can "hard delete" a private message.
  • In the AdminCP there are filtering options where an admin provides keywords and points associated to these key words. If a message accumulates enough points, it is "flagged" to bring it to the Admins' attention. If even more points are accumulated, the message is held out of the recipients inbox, and no message is sent (like if no message was sent at all). There is a panel where an admin can view just flagged and held PM's and take care of them appropriately. Held PM's can be released, and a flagged PM can, of course, be "soft" deleted.
  • Since PM's are only "soft" deleted, information is never duplicated and the existing table structure is used.
  • There is a task that "hard" deletes all "soft" deleted PM's that are older than six months, or X amount of time. This prevents the private message table from over filling.


And heck, if people want to get all upset about privacy, I'd be more than willing to slap on a "private messages are monitored and reviewed" message on the compose page.
Link to comment
Share on other sites
Mark Grand Master

Mark

Posted
Posted

I totally agree with what Luke says.

I think what everyone needs to realise is that at some point down the line, this IS going to happen (as soon as one forum software implements it, the others will then too) - if you don't like the idea, don't use it on your forums, it's as simple as that.

Just a note on the subject of internet privacy:
Anyone who thinks that any information they submit on a public website cannot be read by the admins is very, very, very naive. That's why some IM apps (obviously not the ones from the service providers) come with encryption features, because you know when you're using MSN? Microsoft can read what your conversations you know - they go through their servers.

Link to comment
Share on other sites
Amy T Collaborator

Amy T

Posted
Posted

Yep and some times the Police use those MSN, Yahoo logs in investigating Internet Crimes. I agree with Luke as well.
I have had members upset because some one is sending them nasty PMs and having no way to see the PMs in the software it self I had to open the phpmyadmin and look at the pms so I could be sure the member saying they were getting nasty Pms were actually getting nasty pms.
It was found they were so I took care of it after that.
It would be much easier having either a report pm or lukes idea or both. Both might be better as a report could flag the PM for an admin to look at.

I know of a site a pretty big one too that uses a report Pm system and they use Vbullitin. post-102170-1221506008_thumb.png

Link to comment
Share on other sites
Luke Mentor

Luke

Posted
Posted

And the point I'm trying to make is there are different needs on different forums. There are a huge amount of people on either side of the spectrum. Are there gray areas? Sure there are. One admin might never every want to look at PM's. Another might want to read every single one that goes through the software. Another might want the ability, but want the system to automatically flag PM's with certain keywords. Lets make all these solutions available to meet everyone's needs, and let each person pick and choose what they want to use or ignore.

Link to comment
Share on other sites
Tom_F Community Regular

Tom_F

Posted
Posted

Here's the bottom line for me (and since this topic is a bit old, I am re-iterating what I have said before):



I understand those who feel that monitoring private messages is not necessary, and is even a breach of privacy. After all, in your communities it really isn't necessary to do so, nor do you want to use such a feature. But try to understand that your needs are just one side of the spectrum. On the other site, not only is a feature necessary, but it's use is imperative.



On a forum that is intended for children, and has a huge population of children, it is important to keep a close eye on incoming and outgoing private messages and emails. Why? Because not only are you morally responsible to ensure the safety of these children, but you can be liable for not doing so. Having an area of the site that cannot be monitored is a hazard. The only option out-of-the-box is to turn off private messages completely, and for those that have done this they know it causes more problems than it solves. To that end, I have developed my own (private) modification for the forum I started. It has these goals in mind, which I hope something similar will make it to IPB some day:



  • When a private message is deleted, it is "hidden" rather than being deleted out of the database. I did this by simply creating another column that backs up the owner id, and I set the owner id to -1. This removes it from the inbox, but keeps it in the system.
  • In the AdminCP, all private messages are listed in the order sent (newest to oldest). There is an icon indicator that shows whether that message has been read or not. If it has been deleted, it shows a trash icon instead.
  • In the AdminCP the admin has the option to "soft delete" or "hard delete". When you "soft delete" it removes the PM from that members inbox, just like if they were to delete it themselves. Only a root admin can "hard delete" a private message.
  • In the AdminCP there are filtering options where an admin provides keywords and points associated to these key words. If a message accumulates enough points, it is "flagged" to bring it to the Admins' attention. If even more points are accumulated, the message is held out of the recipients inbox, and no message is sent (like if no message was sent at all). There is a panel where an admin can view just flagged and held PM's and take care of them appropriately. Held PM's can be released, and a flagged PM can, of course, be "soft" deleted.
  • Since PM's are only "soft" deleted, information is never duplicated and the existing table structure is used.
  • There is a task that "hard" deletes all "soft" deleted PM's that are older than six months, or X amount of time. This prevents the private message table from over filling.


And heck, if people want to get all upset about privacy, I'd be more than willing to slap on a "private messages are monitored and reviewed" message on the compose page.



Probably the best summerised reply yet. I agree with you entirely with this. Some of our football forums have children as young as 12 posting on them and for similar reasons to you for both my own morals and the companies libel protection I have the abillity to check them - if I need to, but only if I need too.

Your modification sounds very good though, certainly taking it on a step from the D-Script add on which does very similar but lacks the flagging of keywords which I think is excellent.
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...