Slack might be making it harder to know if your boss is reading your DMsOn March 21, 2018 by Lucius
Your boss can probably already read your Slack direct messages.
And if they can’t? Well, Slack appears to be on the verge of making it much easier for them to do so — and possibly harder for you to find out if they are.
Slack is a wonderful tool for collaborating with coworkers, and anyone who uses it on a daily basis knows it’s also a great way to talk trash, hash out problems, and just generally stay in touch with team members scattered across the globe. A big part of that is the direct message: an ostensibly private chat between up to nine people.
Slack claims that “Only the members included the DM can view and search for its messages and content,” which is helpful if, say, you’re trying to secretly unionize. Unfortunately, it’s not exactly true.
The company has long allowed those paying for its Plus plan to enable something called compliance exports. Once enabled, bosses can export a log of all slack data — including your DMs. However, there was always one large pro-worker catch: You could see if compliance exports were turned on. What’s more, if your boss suddenly enabled them you would be notified, and any direct message you sent before that time would be in the clear.
This appears to be changing.
In an update buried on a help page, Slack says that as of April 20, 2018, it’s doing away with compliance exports. Good news for the privacy-inclined, right? Not exactly. That’s because the associated power to read private messages isn’t going anywhere.
“Workspaces with Compliance Exports enabled will still have access to all workspace data through the new export tool,” explains the update.
A new export tool, you say? And just what powers are included in that tool?
“Workspace Owners [with Plus and Enterprise Grid plans] can request access to a self-service export tool to download all data from their workspace,” notes the help page. “This includes content from public and private channels and direct messages.”
In other words, your boss can still read your direct messages — you just may not have the associated heads up that came with compliance exports.
We reached out to Slack for additional detail on just how, exactly, this will work, but have not heard back as of press time. It looks pretty simple, however. According to the company, it takes just a few clicks for your boss to get access to every single DM.
To request the export, workspace owners follow a simple process:
From your desktop, click your workspace name in the top left.
Select Administration, then Workspace settings from the menu.
Choose Import/Export Data in the top right.
Select Apply Here.
Slack has to approve this request, but the help page makes no mention as to what goes into the company’s decision. And while the new export tool may have a feature that notifies Slack users if their bosses are spying, this update makes no mention of it.
In other words, you very well may be on your own.
There is one way you can fight back, however: Switch the message retention policy on every single one of your direct message conversations. Set it to one day. That way, your DMs will be deleted after 24 hours. To do so, go to the direct message thread in question, click the gear icon, select “edit message retention,” choose “use custom retention settings for this conversation,” and under “delete messages and their revisions after:” put in one day. Make sure you click save.
Slack may no longer be looking out for you, but you can still look out for yourself.