You can tell who here has worked for a large American company and who hasn't.
If you've ever worked for a large American company, you know that nothing you do on company equipment or with a service the company pays for is ever private, and you should never assume it is.
I'll be honest, I always thought Slack DMs were viewable by the admin. As a Slack admin myself, I always assumed I had that ability. Never used so, I never found out I was wrong, but just always assumed it was there.
To me this is a no-op: Anyone who worked for a large American company should have assumed that this ability was always there or could be there in the future, or at the very least, your employer could have always required you to log in and show them your DMs.
It is very odd. We've had corporate monitoring of practically all employee electronic activities for decades. It's enshrined in legislation and tested in case law. The capabilities are built into practically every major business software. There are whole industries built up around it. Yet suddenly everyone is losing their mind over some corporate IMs just because it's Slack?
I feel like I'm on Reddit, not a site ostensibly catering to _computer professionals and experts_.
The difference is their privacy policy has been changed retroactively against the good faith their users had. That's the problem. Of course if it's corporate it's usually monitored, but when Slack championed the user and only catered to the company when forced (via compliance reports which told you they were enabled) and now suddenly switches to a model where past contracts are broken, people have a right to be upset.
Yeah, it kinda sucks that they changed the privacy policy, but if you had actually read it, you'd have seen the part that says that they can change it any time for any reason.
And also, all they've done is give the corporation the technical ability to do something they've always been able to do -- read your private chats. It's just that before they had to do more work to do it, but they've always had the right to do it, regardless of what Slack's privacy policy said.
I mean, it sounds more like people are upset because they are embarrassed how they acted in DMs, or said things they shouldn’t have about their colleagues, and now are worried someone will see that. It doesn’t sound accidental, but that they didn’t get an Export notice, so they thought they were free to talk shit and act however they wanted to. Presumably a lot of these individuals are at smaller companies where a “CIO” might be more inclined to go in and read everyone’s private drama.
I dunno, it’s hard for me to have much sympathy. It’s a rough lesson to learn if you are in your mid 20s and maybe didn’t know any better, but anyone who has been around for any length of time should know better than to put certain things in writing. That is, like, a life skill, not some Bay Area social contract.
I know in general there's the whole "the company pays for it, the company owns it, the company can audit it" corportesse oblige, enshrined in case-law yada yada, but one of the things I always liked about Slack was it seemed to have a bit of that old counter-culture sneer around "yeah, that may be true, but we code for the user anyway". This is very much an anti-user, pro-corporate maneuver, and I think it's a shock to many who took Slack's long-time messaging to the contrary at face-value.
Well, on the other hand, some of us checked, read the privacy policy, and found it acceptable. Compliance reports came out, with the caveat that that was from point in time forward, and that was also acceptable.
This is rewriting the privacy policy we agreed to retroactively, and it's not OK in my mind. I don't say anything stupid on company slack, but in principle this is a bad move.
Yes, this is what happened with me too. I assumed there was some way for the admin to view DMs, but on inspection, discovered there wasn't without first activating Compliance Exports. While it would be great to say that I was a hardened corporate peon that knew better than to fall for this, it wouldn't be completely true; I actually expected Slack to live up to that and not retroactively disclose DMs.
It's not that I necessarily wrote anything that would be a problem if it was disclosed (as others have pointed out, there were other workarounds to get DMs if the company really wanted them) -- it's just broken trust.
Access to DMs would've been par for the course if it had been the way Slack worked all along, but it's really disappointing to see them change it retroactively, insofar as that's what's actually happening.
The consensus here is of course correct: never trust anything done on company equipment, whether it's owned or rented (as in the case of a Slack channel) to be private, even if the owner of the rented property has given certain assurances. Money makes the world go 'round.
Yeah, it kinda sucks that they changed the privacy policy, but if you had actually read it, you'd have seen the part that says that they can change it any time for any reason.
And also, all they've done is give the corporation the technical ability to do something they've always been able to do -- read your private chats. It's just that before they had to do more work to do it, but they've always had the right to do it, regardless of what Slack's privacy policy said.
If you've ever worked for a large American company, you know that nothing you do on company equipment or with a service the company pays for is ever private, and you should never assume it is.
I'll be honest, I always thought Slack DMs were viewable by the admin. As a Slack admin myself, I always assumed I had that ability. Never used so, I never found out I was wrong, but just always assumed it was there.
To me this is a no-op: Anyone who worked for a large American company should have assumed that this ability was always there or could be there in the future, or at the very least, your employer could have always required you to log in and show them your DMs.