Hi -
Something was brought to my attention today. Apparently the admin on a forum, powered by MyBB, I go to is able to read through the Private Messages of anybody registered on the forum.
Is this normal?
Is this even legal?
It is normal. Legal, I think it probably is under the right circumstances. Private is used to refer to not readable by everyone.
If an admin is reading your messages, and you haven't done anything wrong or that would make them suspicious, ask them why they do. Hopefully they have at least some reason.
You should always read the privacy policy of its site. Theres also one mybb forum I'm member of, each time I include a link on pm message the administrator have had an auto msg telling me that he will be checking my pm msg he do it for members who are advertising on pm. And if you make thread or reply and include 1 link on some forums you will be banned automatically and no account reinstatement.
Legal? Yeah. Ethical? If you're doing it all time, then no. I see no harm in doing it for scammers and such though.
(2013-01-30, 02:03 PM)pandaa Wrote: [ -> ]Legal? Yeah. Ethical? If you're doing it all time, then no. I see no harm in doing it for scammers and such though.
The legality of it is a grey area, depending on which country you are in.
Even if there wasn't a MOD that allows you to read PM's anyone with a bit of knowledge can read PM's through the database, and that goes for any forum software, not just MyBB.
For pure privacy the only way is to encrypt them in the database the same way as passwords are.
(2013-01-30, 02:13 PM)Spangle Wrote: [ -> ] (2013-01-30, 02:03 PM)pandaa Wrote: [ -> ]Legal? Yeah. Ethical? If you're doing it all time, then no. I see no harm in doing it for scammers and such though.
The legality of it is a grey area, depending on which country you are in.
Even if there wasn't a MOD that allows you to read PM's anyone with a bit of knowledge can read PM's through the database, and that goes for any forum software, not just MyBB.
For pure privacy the only way is to encrypt them in the database the same way as passwords are.
Then you won't be able to retrieve them anymore. So there isn't really a simple option to prevent that.
(2013-02-01, 11:17 PM)Tankey Wrote: [ -> ] (2013-01-30, 02:13 PM)Spangle Wrote: [ -> ] (2013-01-30, 02:03 PM)pandaa Wrote: [ -> ]Legal? Yeah. Ethical? If you're doing it all time, then no. I see no harm in doing it for scammers and such though.
The legality of it is a grey area, depending on which country you are in.
Even if there wasn't a MOD that allows you to read PM's anyone with a bit of knowledge can read PM's through the database, and that goes for any forum software, not just MyBB.
For pure privacy the only way is to encrypt them in the database the same way as passwords are.
Then you won't be able to retrieve them anymore. So there isn't really a simple option to prevent that.
I don't think Spangle understands the difference between encryption and hashing, but I believe he was referring to the former. His reference to the password system doesn't make sense.
The name "private messages" is a misnomer. I've renamed them Messages on my forum and put in my privacy policy that even though we can read them, we won't unless we feel we need to. It's legal if the user is aware of it.
(2013-02-01, 11:20 PM)brad-t Wrote: [ -> ]The name "private messages" is a misnomer. I've renamed them Messages on my forum and put in my privacy policy that even though we can read them, we won't unless we feel we need to. It's legal if the user is aware of it.
Admins aren't third party. People sign up on their site so it's like having guests in your house to eat food with your family. Everyone has enough sense to understand that every site logs their IP or most do. At least we aren't selling them which should be enough for them.