Logging PM's?

[Thomasss]

This might have been a topic already but I could not find it. 😛

Do you log personal messages on your site? On mine we have a plugin that logs all the personal messages and if the need arises I just swoop in and start snooping through someone's messages but I usually don't do it just for the lulz. The content on our board is licensed to us so we have all the rights to snoop, and there's a message saying your message is logged so it's not like people couldn't say "oh I had no idea."

Do you log messages on your forum?

 

[Kopacetic]

Yes, I log private messages in my forum just incase they do some illegal activity behind our backs. I made sure that they do not share their personal information when private messaging.

 

[Nebulous]

I don't. Private conversations between the members are none of my business.

If enough people report a PM spammer, that'll be enough proof for us & we'll remove permissions or ban that member... If need be we might obtain hard evidence by digging through the raw data in the database, but that never seems to be necessary. A PM spammer knows he's done wrong and will accept the punishment coming to him without disputing it (99.9% of the time).

 

[pandaa]

I agree with Joe. I've never seen a need for a plugin, because it seems like it would make it too easy to look when you don't really need to. Additionally, it would most likely give access to all of the admins, which I don't think is necessary. While PM's might not legally be "private", I still think they should be unless absolutely necessary.

 

[Mozzie]

I don't think it is necessary to prowl into the messages either, if i need to i will stop a members ability to send them as well

 

[Sam]

Do you log personal messages on your site? On mine we have a plugin that logs all the personal messages and if the need arises I just swoop in and start snooping through someone's messages but I usually don't do it just for the lulz. The content on our board is licensed to us so we have all the rights to snoop, and there's a message saying your message is logged so it's not like people couldn't say "oh I had no idea."

That really puts me off joining any forum you own/ administer. Sure PMs can be checked by anyone with access to the database but the ONLY time a PM should be looked into is if it has been reported.

 

[Thomasss]

Do you log personal messages on your site? On mine we have a plugin that logs all the personal messages and if the need arises I just swoop in and start snooping through someone's messages but I usually don't do it just for the lulz. The content on our board is licensed to us so we have all the rights to snoop, and there's a message saying your message is logged so it's not like people couldn't say "oh I had no idea."

That really puts me off joining any forum you own/ administer. Sure PMs can be checked by anyone with access to the database but the ONLY time a PM should be looked into is if it has been reported.

You should be fine, the only "forum" I own is for a company I have. Furthermore if I was to view a message it would be logged, which we make available to the members so if I was to view a PM for the "lulz" I do believe I would have a chaotic mess on my ends, no? 😛

Anyway, I have to disagree with some of you. PM's should be logged for the sake of safety. If I need to investigate a member for hacking, scaming, or doing something illegal, despite a reported PM (which doesn't give you much anyway, especially if it's over the span of multiple messages..) I am going to search all their messages and take care of the situation using the resources I have. The only reason why I have the plugin is because it's a headache accessing the database and finding the PM that you need, or rather entire conversation and give my staff the ability to handle situations that arise and they need to access something. I'm not some maniac going on a power trip and peeping into people's lives. 😛

 

[Reverse Flash]

I don't, although I am an admin on a couple of boards that do have the PM log plugin. (myBB)

I don't check on people's PMs for teh lulz, as that's their business, but if someone is abusing the system, reports + screenshots do the trick.

 

[Sam]

I understand where you are coming from Thomasss but a forum shouldn't have that many members engaging in scamming, hacking, ddossing etc. If you're prepared to give admins access to the PMs of members, I'm assuming you'd also be prepared to give them cPanel access so they can check via the database?

At holderhost, we have to take privacy very seriously and that reflects in my viewpoint. Most abuse occurs on our VPS nodes. We have automatic software which logs SMTP connections, conntrack sessions etc. only if certain parameters are set to protect the node. I couldn't tell you what 95% of our clients are using our services for. I don't check and unless they are either spamming, engaging in illegal activity or abusing the node I don't care.

 

[Thomasss]

I understand where you are coming from Thomasss but a forum shouldn't have that many members engaging in scamming, hacking, ddossing etc. If you're prepared to give admins access to the PMs of members, I'm assuming you'd also be prepared to give them cPanel access so they can check via the database?

If I gave them cPanel access, they could check all they want without it being logged, and it's simply ugly. I prefer a nice GUI to display the messages. 😛

Anyway, they do not have access to my cPanel simply because there is way more than just a forum so giving them access to the cPanel is like giving them a key to the company. 😛 Sure it's private and rather small however that's not the point, the point is giving them cPanel access gives them a lot more information and more abilities rather than uploading a plugin and giving certain permissions to certain people to view messages, in which is logged. Honestly I think having the plugin is safer and much less dangerous than giving them cPanel access.

 

[Ash]

Never knew that this was possible to be honest and I don't think I would because its important that users know that they have privacy on the forum.

 

[VirusZero]

Technically speaking, most major forum softwares log personal messages (I rather dislike the term private message since that's kind of an illusion. They're not really private at all since they can still be read by going into the database. They'd only be private if they were encrypted or something.)

The real question is how readily accessible are they to admins. I mean do you have to log into phpmyadmin or something to read them? Or can you log into your ACP and check them?

On my site I do have a plugin to present personal messages in a nice interface. (which also, if memory serves, adds a line that all messages can potentially be read by admins so not to put any confidential/private stuff in them.) That stated, I do not go in an read messages unless I have a good reason. Something like a message titled "please join <site name>" is going to be read... simply because I don't allow PM advertising. Though it's also useful in cases where two members are fighting and you need to see what was really stated. (Sometimes members feuding will omit parts to make the other person look worse. I've seen cases of that... and in those it's useful to see the entire message as it was sent. This way you can get a full picture rather than what a member wants you to see.)

I also wouldn't want to give cPanel access (unless they knew what they were doing) simply because it offers so much more power which really isn't necessary in most cases. Going through cPanel can be more dangerous if someone doesn't know what they're doing... (for example they could drop the whole PM table accidentally. Or worse.) Plus it is somewhat harder to read since you need to know which number each member is (since in some forum softwares it doesn't actually state their name, it goes by their user id number).

 

[Thomasss]

Technically speaking, most major forum softwares log personal messages (I rather dislike the term private message since that's kind of an illusion. They're not really private at all since they can still be read by going into the database. They'd only be private if they were encrypted or something.)

Agreed, which I think is the main reason most of the newer softwares like myBB 2.0 and from what I know IP.Board are renaming it to conversations, which makes much more sense, since private messages were never ever private no matter what software you were on. 😛

 

[VirusZero]

Yes, plus they're moving away from single user to single user to more like invite-only topics to further distance from the private/personal message name aspect.

 

[MrDawn]

When I'm on staff on other forums or when I owned my own. Unless the user reported it, than I'd check.

 

[Allenafaith]

We have a PM log on my forum but we never read the PMs unless someone reports them.

 

[Mikaya]

I feel that that would defeat the purpose of PM's, they're meant to be private. It's like an invasion of privacy.

report feature is present to tackle any rule breakers if need be.

 

[Izaya]

I would never use that. I think it is tacky and invasion of privacy. I am sure Facebook/twitter and other sites can read our messages but they don't because they know that their reputation would be in shambles if they did.

Private Message, Personal Messages, Conversations...whatever you wish to call them are between the people they involve.

If you suspect illegal activity or something nefarious, then you should step in but in that case, there are other ways....simply log into the user account.

Police don't just have bugs in our house listening to see IF we are breaking a law...but they have the right to step in(with a warrant) to investigate should they have suspicion of a crime.

 

[Cosmic]

What's important this case are the members, I think. When a member sends a PM, they have a reasonable expectation that that PM remain private, especially if the software calls it a "private message." 😛 But also, an admin shouldn't let that get in the way of doing the right thing, if a situation does come up where PMs should be read. The best example is if one member reports another's PMs. It is in everyone's best interest that the admins examine the PM records of the entire conversation to make sure that one member isn't baiting the other.

There is essentially no such thing as a private message. Even emails sent via gmail can probably be pulled by the government if they need to. But it's also important that members be able to trust a site's administrators. And if an admin abuses their ability to read private messages, then that admin will lose the respect of his or her members.

 

[Obsidian]

On my sites previously, I've put that messages can be read by pulling them from the database though this would only be done if there was a major breach of rules I.E: A report being made, asked to by ISP's/Law enforcement or if a user has been involved with hacking or scamming and we are aware of this.

Overall I believe private messages should be kept private, if a user breaches the trust you give them with this feature then remove it. Pm reports are there for a reason and I use them and not plugins.