The popular productivity chat app Slack has announced new policies for workspace owners and admins, which the company says were announced to maintain compliance with E.U. law encompassed in General Data Protection Regulation (GDPR) rules. However, the new policies themselves aren’t likely to make many users very happy. They effectively allow owners and admins in a Slack workspace to access self-service tools for both importing and exporting all data within a workspace. That, of course, includes Slack chats within a given workspace that are both public and private, as well as direct messages and file links. That primarily applies to owners and admins of paid plans but, under certain conditions, can also apply to users under free plans – as long as the requester follows a valid legal process, has the rights required under the law, or has the consent of workspace members. Downloads of data will also be limited based on the plan that’s been paid for, with the option for a higher payment to enable further access.
It goes without saying that many employees are likely to view the policy as allowing admins and owners to spy on them. Breaches of personal privacy are still a massive gray area when it comes to electronic communications and that’s not likely to change anytime soon. With that said, a company is well within its rights to audit communications of employees over company-owned communications channels. That’s particularly true in cases where the Slack workspace is used directly for the purpose of conducting business. But it isn’t immediately clear whether that should apply to direct messages between employees or private chats, with the arguable exception of instances where a form of abuse or illegal activity is suspected or apparent.
Meanwhile, the new policy and tools do not notify users within the workspace. That breaks from the previous tool, called compliance export, which was used for completing a similar task. That tool also needed to be turned on prior to the messages and files it was able to collect for exporting or importing. Those features allowed for a measure of privacy for users in a workspace. As of this writing, Slack hasn’t said what prompted the actual change in the tech-oriented company’s policy.